Hello, I have recently started looking at tc and iptables. I have an htb-queue with two classes 1:10 and 1:20 where 1:20 is the default. Then I use iptables to mark all packets I send out on eth1. I then filter marked packets into class 1:10. I expected all packets sent on eth1 to end up in class 1:10, but some packets still go to 1:20. Did I do it wrong? Thank you for any help. regards, David Blomberg My script: --------------------------------------------------------------------------- /sbin/tc qdisc add dev eth1 root handle 1: htb default 20 r2q 1 /sbin/tc class add dev eth1 parent 1: classid 1:1 htb rate 200kbit burst 15k /sbin/tc class add dev eth1 parent 1:1 classid 1:10 htb rate 100kbit ceil 200kbit burst 15k /sbin/tc class add dev eth1 parent 1:1 classid 1:20 htb rate 100kbit ceil 200kbit burst 15k /sbin/tc qdisc add dev eth1 parent 1:10 handle 10: sfq perturb 10 /sbin/tc qdisc add dev eth1 parent 1:20 handle 20: sfq perturb 10 # iptables /sbin/iptables -F /sbin/iptables -A OUTPUT -t mangle -o eth1 -j MARK --set-mark 1 /sbin/tc filter add dev eth1 protocol ip parent 1:0 prio 1 handle 1 fw flowid 1:10 --------------------------------------------------------------------------- #/sbin/tc -s qdisc ls dev eth1 qdisc htb 1: r2q 1 default 20 direct_packets_stat 0 Sent 450040 bytes 3021 pkt (dropped 0, overlimits 152 requeues 0) rate 0bit 0pps backlog 0b 0p requeues 0 qdisc sfq 10: parent 1:10 limit 128p quantum 1514b perturb 10sec Sent 448654 bytes 2988 pkt (dropped 0, overlimits 0 requeues 0) rate 0bit 0pps backlog 0b 0p requeues 0 qdisc sfq 20: parent 1:20 limit 128p quantum 1514b perturb 10sec Sent 1386 bytes 33 pkt (dropped 0, overlimits 0 requeues 0) rate 0bit 0pps backlog 0b 0p requeues 0
Hello, I have recently started looking at tc and iptables. I have an htb-queue with two classes 1:10 and 1:20 where 1:20 is the default. Then I use iptables to mark all packets I send out on eth1. I then filter marked packets into class 1:10. I expected all packets sent on eth1 to end up in class 1:10, but some packets still go to 1:20. Did I do it wrong? Thank you for any help. regards, David Blomberg My script: --------------------------------------------------------------------------- /sbin/tc qdisc add dev eth1 root handle 1: htb default 20 r2q 1 /sbin/tc class add dev eth1 parent 1: classid 1:1 htb rate 200kbit burst 15k /sbin/tc class add dev eth1 parent 1:1 classid 1:10 htb rate 100kbit ceil 200kbit burst 15k /sbin/tc class add dev eth1 parent 1:1 classid 1:20 htb rate 100kbit ceil 200kbit burst 15k /sbin/tc qdisc add dev eth1 parent 1:10 handle 10: sfq perturb 10 /sbin/tc qdisc add dev eth1 parent 1:20 handle 20: sfq perturb 10 # iptables /sbin/iptables -F /sbin/iptables -A OUTPUT -t mangle -o eth1 -j MARK --set-mark 1 /sbin/tc filter add dev eth1 protocol ip parent 1:0 prio 1 handle 1 fw flowid 1:10 --------------------------------------------------------------------------- #/sbin/tc -s qdisc ls dev eth1 qdisc htb 1: r2q 1 default 20 direct_packets_stat 0 Sent 450040 bytes 3021 pkt (dropped 0, overlimits 152 requeues 0) rate 0bit 0pps backlog 0b 0p requeues 0 qdisc sfq 10: parent 1:10 limit 128p quantum 1514b perturb 10sec Sent 448654 bytes 2988 pkt (dropped 0, overlimits 0 requeues 0) rate 0bit 0pps backlog 0b 0p requeues 0 qdisc sfq 20: parent 1:20 limit 128p quantum 1514b perturb 10sec Sent 1386 bytes 33 pkt (dropped 0, overlimits 0 requeues 0) rate 0bit 0pps backlog 0b 0p requeues 0
David Blomberg wrote:> Hello, > > I have recently started looking at tc and iptables. I have an htb-queue > with two classes 1:10 and 1:20 where 1:20 is the default. Then I use > iptables to mark all packets I send out on eth1. I then filter marked > packets into class 1:10. I expected all packets sent on eth1 to end up in > class 1:10, but some packets still go to 1:20. Did I do it wrong?> qdisc sfq 20: parent 1:20 limit 128p quantum 1514b perturb 10sec > Sent 1386 bytes 33 pkt (dropped 0, overlimits 0 requeues 0)It''s arp, iptables only sees ip traffic. If you don''t specify an htb default it will pass unshaped (It would get dropped with hfsc). If you use a default class then I would use a tc filter ... protocol arp u32 match u32 0 0 .... to send it to a high prio/interactive class. Andy.