similar to: linux-2.4.22 + bridge + traffic control by MAC.

Hi All, I''m trying to do some traffic shaping on an ethernet bridge. Currently, I have the following setup working: ifconfig eth0 down brctl addbr br0 brctl addif br0 eth0 brctl addif br0 eth1 brctl stp br0 off ifconfig eth0 0.0.0.0 up ifconfig eth1 0.0.0.0 up ifconfig br0 up This creates a bridge consisting of eth0 and eth1. So far so good. I now want to use tc to shape traffic

Hello All, I was curious to know if I can do traffic shaping on abonded Interface? Ex: I have to interfaces eth1 and eth2 which i have bonded together as bond0 , now the question is can I do shaping on eth1 and eth2 ?? Thanks KartheeK --------------------------------- Here''s a new way to find what you''re looking for - Yahoo! Answers Send FREE SMS to your

Hi. I have strange troubles with DNATing UDP packets. The situation: 1. We have local network 10.10.0.0/16 2. We have a "server network" 192.168.1.0/25 connected with local network by a router 10.10.100.1 (other ip 192.168.1.1). 3. Web server is located at 192.168.1.2 4. There are HW pingers in the net 10.10.0.0/16 whose do ping 10.10.100.1 every second. The ping is the UDP packet

Hello everyone, really not sure if this is a LARTC question or not, but I have several hundred users all MASQ''d behind a single static IP. Users are reporting that certain websites are blacklisting that single static external IP for various reasons. What I would like to do is use several external IP''s and have a MASQ''d user getting a random one each time. Here is

Which kernel supports the iptables'' -m dstlimit? Do I need a patch or something else to get it to work? Is it too experimental? -- Покотиленко Костик <casper@meteor.dp.ua>

Hi. The task: 1. There 3 servers and a router with 2 PPPoE connections (let call them: ppp0, ppp1). 2. There are several groups of Inet-clients to be served (Servers, Clients and Club). 3. The task is: - to route Club through the ppp1; - to Servers and Clients through ppp0; (Next is reproduced from memory and may be slightly incorrect) router # netstat -nr Kernel IP routing table

Hi. I have a Server''s network with some servers in it, all with 192.168.1.0/25 ips. There is also a router in that network with ip 192.168.1.1. This router also connected to a client''s network 10.10.0.0/16 with ip 10.10.100.1. All services on each server are given their virtual address from one of two virtual networks 192.168.1.128/28 and 192.168.1.144/28. 192.168.1.128/28 is

Hi All! I need to deploy a bridge firewall using linux kernel 2.6. I had success using kernel 2.4 plus br-nf patch. But the configuration does not work with kernel 2.6. If the default policy for the iptables FORWARD chain is ACCEPT I have a bridge. If iptables FORWARD chain is DROP I have an insulator (no packet flows). Any hint? I did some google search and in many places they say "kernel

Hello everybody. I''m running linux 2.6.19 with nth match to alternatively snat outgoing connections to two different ip addresses for load balancing between two adsl lines: Here is: $IPTABLES -t nat -A POSTROUTING -s my_ip --protocol tcp -m multiport --dports 80,443 -m statistic --mode nth --every 2 -j SNAT --to adslA $IPTABLES -t nat -A POSTROUTING -s my_ip --protocol tcp -m multiport

Hi All, I''m trying to do some traffic shaping with IFB. I have installed Ubuntu 6.0.6 and upgraded to the 2.6.17.7 kernel. I have an ifb0 device. However, I think I may have the wrong version of TC installed, because it doesn''t like the ''mirred'' argument. What version of iproute should I be using, and how can I upgrade it? apt-get update iproute

Hi, I am using linux kernle-2.6.15, iptables-1.4 and bridge-utils-1.4. Everything intslled without any issue and i am able to enable the bridge and traffic is also flowing without any issue. But i did not see any traffic on the iptables forward chain due to which i am not able to control the traffic. Do i requie enable anything more to make the traffic pass through iptables forward chain.

Hi All, I need to do some tricky filtering stuff. Can anyone tell me if any of the following are possible? * match on a combination of firewall mark AND u32 criteria. ie. handle 6 fw AND u32 match ip src 1.2.3.4/32 - to match packets from 1.2.3.4 which have been marked elsewhere OR * to OR the values of u32 matches. Something like u32 match ip src 1.2.3.4/32 OR match ip dst 1.2.3.4/32 - to

Hi all, Can anybody tell me what the maximum number of handles are that I can use when setting up qdiscs and classes in tc? Regards, Leigh Leigh Sharpe Network Systems Engineer Pacific Wireless Ph +61 3 9584 8966 Mob 0408 009 502 Helpdesk 1300 300 616 email lsharpe@pacificwireless.com.au web www.pacificwireless.com.au _______________________________________________ LARTC

Hi all, I''m having a hell of a time getting my IFB to work. I know I''ve done this before, so I''m missing something stupid. Can anybody tell me what it might be? Configs as follows: -------- #!/bin/sh modprobe ifb numifbs=1000 modprobe act_mirred modprobe 8021q brctl addbr br0 brctl setfd br0 0 brctl stp br0 off brctl addif br0 eth1 brctl addif br0 eth2 ifconfig eth1

Hi all, Further to my previous questions, I need lots of IFBs on this thing. I have configured IFB as a module, and issuing a modprobe ifb loads it, but only gives me 2 IFBs (ifb0 and ifb1). How can I get more? I''m probably looking at needing about 20 on this project. Regards, Leigh Leigh Sharpe Network Systems Engineer Pacific Wireless Ph +61 3 9584 8966 Mob 0408 009

Hi all, I''m having some problems setting up qdiscs on a bridge.The config looks a little like this: ifconfig ifb0 up # Bring up the IFB for this bridge. tc qdisc add dev eth2 ingress tc qdisc add dev eth3 ingress tc qdisc add dev ifb0 root handle 1:0 cbq bandwidth 100Mbit avpkt 1000 cell 8 # Raw qdiscs on each bridge port tc qdisc add dev eth2 root handle 1:0 cbq bandwidth

Hello list, I've posted here about this before, but I realise that it may have been assumed that the bridged vlans simply put a switch port in a blocking state and left my question ignored. So to recap. I have two tg3 interfaces named 'in' and 'out' and a bridge named 'br0' My vlan trunk is on the 'in' side of the network, and set as in.2, in.3 ... The

Hello list, I''ve been using linux and open source software for over 5 years now and I want to give something back to the community. I''m working on a PHP-based project (SPITS). The aim of this project is to easly create a shaping script, using a web interface, without needing to know tc and iptables command line options. As the project is now in beta stage, soon a CSS

Hi Rahul, If you're certain that your problem isn't as Stephen suggested, you might want to have a look at this: --- (From http://ebtables.sourceforge.net/brnf-faq.html <http://ebtables.sourceforge.net/brnf-faq.html> ) How do I let vlan-tagged traffic go through a vlan bridge port and the other traffic through a non-vlan bridge port? Suppose eth0 and eth0.15 are ports of br0.

Hi all. I have got to see a strange thing. Some of my iptables'' rules are disaprearing after several days!!! I have many rules like: # iptables -t mangle -A $MYCHAIN -s $SRC_IP -d $DST_IP -j MARK --set-mark $MARK for classifying traffic for shaping, total about 100 rules with different 20 marks, and rules like # iptables -A FORWARD -m mark --mark $MARK for accounting shaping