similar to: src routing and fwmark

Hello.. How can I specify a class for htb based on a fwmark and user ip ? For instance: I have some routes marked with fwmark and their are very-high speed connections... But only to some IP''s.. For the rest , I must limit the user to 64Kbits Now , how can I limit the high speed connections ? I must create a rule and take in account both fwmark and IP ? To be more specific , I want

Hi THere, sorry if this is a stupid question or does not belong to this forum. I''ve set my DEFROUTE=no in my ifcfg-ppp0 and when I bring the ppp0 up, it deletes my old default load balance routes which I do not want, as I just want the interface to be up, but not touching my default routes any advice Thanks SEW

Hi Guys, I would just like to have advice and pointers of the best way would be, Someting like BGP or OSPF? I have 2 internet connections at diffrent locations. let say connection A and B 1.) router A has a fast internet connection and a seperate interface for clients using /lan/pppoe/ipsec etc and another ethernet interface going to router B 2.) router B has similiar setup as router A and

Hello. I''m running linux box with Slackware 9.1 and compiled kernel 2.4.31 with "yes" to VLANs and "yes" to all QoS. On this box i have more ethernet interfaces: eth0 eth1 eth2 and so as more vlan interfaces: eth0.100 eth1.3 eth1.4 This is entrace(uplink) router to our whole network and my goal is to shape users on this machine. I want for this purpose use HTB so

Hi everybody, sorry for posting again, however I''ve moved the problem now ;-) After digging a bit deeper, I''ve successfully set up the routing as such, it works for incoming as well as outgoing packets that take the default route. Changing some of the routes using IP works as well. When I mark some outgoing packets in order to send them via another route (the fast leased line

There has been numerous threads etc regarding this but all that has left me is more than a little confused :-(. I have setup and environment consisting of two OpenVPN tunnels and wish to load balance at the packet level between them. I am currently running on Linux edm 2.4.21-20.EL.c0custom #2 Tue Oct 12 08:52:23 BST 2004 i686 i686 i386 GNU/Linux And have install Quagga at each end to provide

Hi, not sure if it will work, i''ve 2 leased lines, behind line 1 is a webserver, this server should answer all incomming http requests through leased line 1, the webserver self parses other webserver, this outbound traffic should go over leased line 2. i''ve successfully added fwmark with iproute, but if i set the policy for the webserver to use leased line 2 (for parsing other

I made a script to test if in a moultiple gateway setup all default connection are up, regardless of the fact that that gateway is the default gw. Suppose adsl1 and adsl2 are present, and all traffic goes by default to adsl1, and you want to test if adsl2 is ok. 1. I use mangles from iptables to mark icmp packets to some test machines 2. I set up a routing table for each adsl 3. I use

hi again list, first off thanks for the tips roy. here my question. i''m using ip based classes in my htb config. i would like to give some people (eg 192.168.0.20) 4mbit but only if he downloads from certain ip classes. i have my iptables marking those classes with 1 for upload and 0 for download. and finally the question: what''s the appropriate tc (or maybe iptables) command

Hi all, I have 2 ISPs on a Linux router and a local network with one Linux server and many windows. The local network is masqueraded. I want to give access to port 25 and 80 of my server from any incoming request (i.e. from my 2 ISP). I have made a DNAT translation, witch work but the outgoing answers are not routed correctly. Of course, the de-SNAT process is done before the routing process. So

Hi guys, I''m not sure where to post for help on this one, shorewall or lvs, I''ll start with shorewall (only cause Tom is a gun at this stuff, and is polite enough to tell me to bugger off to the LVS list if I''m posting in the wrong one ;) I have a single box that is my router/firewall/LVS. Internet -- eth0 - router/firewall - eth1 --- internal lan | eth2

Hi I have a strange problem. I have a firewall with 3 nics. 1 - lan 2 - leased line or diginet 3 - connected to adsl modem I have 2 tables in defined in /etc/iproute2/rt_tables: 200 diginet 201 adsl The ADSL modem has an IP of 192.168.0.1 and is configured to initiate the PPPOE connection. I can mark packets within the network destined for port 80 successfully: ip ro add default via x.x.x.x

Hi Here is a short description of my network: ppp0 (adsl) ppp1 (adsl) | | | | --------------------- | Router | | Firewall | | MASQUERAD | | DNAT | | | | eth0 | --------------------- | | | ---------------------- |

Hi all! I''ve got 2 (soon 3) internet connection. 1 - via ADSL, 2(and3) via ppp My network: http://desima.objectis.net/network-diag linux1: user1.user2 eth0=192.168.1.1 ppp0=192.168.5.2( gw 192.168.5.1) gw=192.168.1.2 ( thru ADSL) compA=192.168.1.6 compB=192.168.1.15 gw2=192.168.1.217 via ppp to different ISP All works for compA and CompB, user1 should use default gw(192.168.1.2)

Hi, I''ve been working for a big corporate company as junior system engineer and getting nicely to understand HTB/iproute2/iptables etc, The ordinary users(about 500 users), can pop / smtp / skype out on the network, but I can''t ssh out, cause they blocked the ports. Thought of being clever, I let my home linux listen on port 443 or 110 for ssh connection, but it wont connect, I

Hi there, i''m trying to shape incoming trafic on my linux box. I want it to depend on the source IP adress of the packets (in fact, i got a VPN on an ADSL link and wanted to get at least/max 64Kbit/s for the VPN) So i tried this : tc qdisc add dev ppp0 root handle 1:0 cbq bandwidth 512Kbit avpkt 1000 cell 8 tc class add dev ppp0 parent 1:0 classid 1:1 cbq bandwidth 512Kbit rate

Hi, I have some problems with my routing configuration. My router has two connections to the internet, eth1 (2Mbit) and ppp0 (ADSL). On the eth1 connection I do a –snat and on ppp0 I do masquerading. I use iptables to mark packets / connections in the -t mangle -A PREROUTING and OUTPUT chains. The marks (1 and 2) are used to decide which route do use to route a packet. My routing configuration:

I have a linux server running Mandrake 10, with the kernel configured with "CONFIG_IP_ADVANCED_ROUTER=y CONFIG_IP_MULTIPLE_TABLES=y CONFIG_IP_ROUTE_MULTIPATH=y" options, with 4 ethernet cards: - 2 ethernet used to connect to my lan (eth0=192.168.1.x and eth1=192.168.2.x) - 2 ethernet used to internet connection (2 adsl lines, both with 600/300 kbtis) The two lan are used to share

I have, for the time being, decided to split my dual ISP/single shorewall connection into two shorewall connections/boxes, each handling one ISP. I am running OSPF in the network and so far things are working out fairly well (from a client of the two gateways). $ ip route ls 10.33.66.2 via 10.75.22.199 dev eth0 proto zebra metric 20 192.168.200.1 via 10.75.22.254 dev eth0 proto zebra metric

hello I'm learning mgcv and would like to obtain numerical output corresponding to plot.gam. I can do so when seWithMean=FALSE (the default) but only approximately when seWithMean=TRUE. Can anyone show how to obtain the exact values? Alternatively, can you clarify the explanation in the manual "Note that, if seWithMean=TRUE, the confidence bands include the uncertainty about the