Hi, My Problem is like this..... I have 2 interfaces eth0 and eth1 IPaddress at eth0 is 132.147.165.1 and eth1 is 202.88.151.1. I have a LAN of 132.165.0.0 network and all the computers in this network access the internet via NAT that is done by my linux m/c having ipaddress 132.147.165.1. Natting is done via iptables with the following options. iptables -t nat -A POSTROUTING -o eth1 -j SNAT --to 202.88.151.1 iptables -t nat -A POSTROUTING -o eth1 -j MASQUERADE Now I am interested in bandwidth management . So I have introduced qdisc through tc at both the interface. I used HTB as such after applying the patch. I associated filters using internal IPaddresses for both the interface. At eth0 all the packets are going to the properly assigned queue while at interface eth1 all the packets went through default queue as no packet matched the filters. This is because the packets are Natted. Is it possible that when the packets arrive from eth0 to eth1 no natting is done and at the time of xmit at eth1 Natting takes place. Similarly, when the packet comes from eth1 first Natting takes place and is then queued. Presently the packet is not getting bandwidth managed fully as eth1 has no management. waiting for replies thanks bhik __________________________________________________ Do you Yahoo!? Yahoo! Mail Plus - Powerful. Affordable. Sign up now. http://mailplus.yahoo.com _______________________________________________ LARTC mailing list / LARTC@mailman.ds9a.nl http://mailman.ds9a.nl/mailman/listinfo/lartc HOWTO: http://lartc.org/
Martin A. Brown
2003-Feb-02 19:02 UTC
traffic control happens when? KPTD FAQ was [ Problem ...]
Dear bhik, You have a reasonable question which gets asked often here in many different forms. It should not be hard for you to answer the question for yourself by examining the kernel packet traveling diagram on www.docum.org: http://www.docum.org/stef.coene/qos/kptd/ : This is because the packets are Natted. Is it possible that when the : packets arrive from eth0 to eth1 no natting is done and at the time of : xmit at eth1 Natting takes place. Your supposition is absolutely correct. You might consider using the iptables MARK target to tag the desired packets and apply traffic control based on this fwmark on the packet. See the discussion of fwmark and queuing at LARTC: http://lartc.org/howto/lartc.qdisc.filters.html : iptables -t nat -A POSTROUTING -o eth1 -j SNAT --to 202.88.151.1 : iptables -t nat -A POSTROUTING -o eth1 -j MASQUERADE I''d also caution you to decide whether you are using SNAT or MASQUERADE. If the iptables rules are entered in this order on your publicly addressed host, then your "-j MASQUERADE" rule is extraneous. For an explanation of the difference between SNAT and MASQUERADE, consult http://iptables-tutorial.frozentux.net/iptables-tutorial.html#MASQUERADETARGET http://iptables-tutorial.frozentux.net/iptables-tutorial.html#SNATTARGET Good luck, -Martin -- Martin A. Brown --- SecurePipe, Inc. --- mabrown@securepipe.com _______________________________________________ LARTC mailing list / LARTC@mailman.ds9a.nl http://mailman.ds9a.nl/mailman/listinfo/lartc HOWTO: http://lartc.org/