Displaying 20 results from an estimated 1000 matches similar to: "filter ingress policy based on nfmark"
2006 Jan 26
3
tc qdisc ingress problem ?
Hi, all
I''ve got problems with tc qdisc ingress.
I''m using vanillia kernel 2.6.14.4 patched with
http://www.ssi.bg/~ja/routes-2.6.14-12.diff, and iproute2-2.6.14-051107.
i am using ingress to limit incoming traffic :
(DEV is eth1 / DOWNLINK is 7700)
# attach ingress policer:
tc qdisc add dev $DEV handle ffff: ingress
# filter *everything* to it (0.0.0.0/0), drop everything
2007 Nov 21
0
Problem with ingress policing on bridged device
I''m having trouble getting ingress policing to work on a bridged device.
The bridge contains several interfaces: peth0, vif0.0, vif[1-7]0.1,
vif[25].1 . (This is under xen, in case the vif''s didn''t give that
away, so peth0 is renamed eth0.)
The tc rules I have are:
tc qdisc del dev peth0 root
tc qdisc del dev peth0 ingress handle ffff:
tc qdisc add dev peth0 root
2007 Feb 03
0
ingress qdisc problem
Hello,
i try to limit the incoming traffic rate using the ingress qdisc, but
it does not work for me.
Here is what i have done:
# sudo tc qdisc add dev eth1 ingress
# tc filter add dev eth1 parent ffff:0 protocol ip prio 1 u32 match ip dst 172.17.0.101/32 police rate 10kbit buffer 10k drop
The ingress qdisc is there:
# tc -s qdisc show dev eth1
qdisc pfifo_fast 0: bands 3 priomap 1 2 2 2 1
2006 May 19
25
iptables CLASSIFY and MARK not working?
I have to match my packets based on MAC address, which I cannot do in
the POSTROUTING chain, so I do it in PREROUTING using MARK. Then, I
match on the MARK in the POSTROUTING chain to do a CLASSIFY. But this
does not seem to work:
wireless-r1 bwlimit # iptables -L -v -n -t mangle
Chain PREROUTING (policy ACCEPT 3353K packets, 941M bytes)
pkts bytes target prot opt in out source
2005 Mar 25
3
These tc commands used to work... what''s broken them?
I have a Gentoo Linux (kernel 2.6.11) server. Several months ago, I
made a traffic shaping setup for my box (running a 2.4 kernel then)
that worked beautifully. It gave high priority to SSH and RealAudio
traffic, and put HTTP downloading traffic on a lower prio so they could
only use what bandwidth was left.
However, I''ve only just realized that tc is no longer accepting the
commands I
2007 Feb 04
2
Traffic Shaping: Ingress qdisc not working in Dom0 (3.0.4-1)
Hello,
i noticed that the ingress qdisc is not working properly anymore in
3.0.4-1 (back in 3.0.2 the ingress qdisc was working for me):
Install the ingress qdisc to peth0:
# tc add qdisc dev peth0 ingress
... generate some traffic ...
# tc -s qdisc show dev peth0
qdisc pfifo_fast 0: bands 3 priomap 1 2 2 2 1 2 0 0 1 1 1 1 1 1 1 1
Sent 324884 bytes 1749 pkt (dropped 0, overlimits 0 requeues
2007 Dec 15
1
hfsc and bps
Hi!
Do you know somthing about hfsc and bps?
There''s no output for speed only for packets. Doesn''t hfsc support such
a field?
tc -s class show dev eth0
class hfsc 1: root
Sent 0 bytes 0 pkt (dropped 0, overlimits 0 requeues 0)
rate 0bit 0pps backlog 0b 0p requeues 0
period 0 level 2
class hfsc 1:11 parent 1:1 sc m1 0bit d 18.0ms m2 1000Kbit ul m1 0bit d
0us m2
2007 May 19
1
Re: LARTC Digest, Vol 27, Issue 26
Hi folks...!!!
I need to generate qdisc statistics to show my 4 class (10, 20, 30, 40),
i`ve all working with HTB and so on, but i need to graph this results
e.gwith RRDTOOL.
I found a script made in perl, that can to graph my 4 class, but i need to
know which IP address on my LAN are using the bandwidth too, in other hand i
need to classify the traffic by IP to show.
This is an out of my
2006 Feb 24
4
why isn''t 1:1 getting the traffic? [filter question]
With the below script, whenever I ping 10.0.16.10 (which matches the
only filter I have), traffic still get''s sent to the default 1:2 class
instead of 1:1 and I don''t know why... Any hints?
(kernel 2.6.12, iproute2-2.6.15)
tc qdisc del dev eth0 root > /dev/null 2>&1
tc qdisc add dev eth0 handle 1: root htb default 2
tc class add dev eth0 classid 1:1 parent 1: htb rate
2005 Nov 11
2
marked packets end up in wrong class
Hello,
I have recently started looking at tc and iptables. I have an htb-queue
with two classes 1:10 and 1:20 where 1:20 is the default. Then I use
iptables to mark all packets I send out on eth1. I then filter marked
packets into class 1:10. I expected all packets sent on eth1 to end up in
class 1:10, but some packets still go to 1:20. Did I do it wrong?
Thank you for any help.
regards,
David
2007 May 16
5
statistics and calc bandwidth traffic using tc -s qdisc show
2004 Nov 05
3
[PATCH] Use nfmark as a key for u32 classifier
Hello!
I am glad to announce a patch for u32 to allow matches on nfmark.
The patch is non intrusive (few lines).
Why I did this? Because fw classifier cannot be used together with u32.
For example, now, you cannot match a mark of 0x90 and a destination
port of 80. I know you can do it with iptables to do the marking, but if
you use Jamal actions to apply mark to policed packets, you need
2007 Jun 15
2
HTB question, tokens.
Hi,
What exactly are the "tokens"?
I thought each token allowed the sending of one byte, that tokens are
stored in a bucket that can hold a max of "burst" tokens, and that this
bucket is filled with tokens at "rate".
But theory does not seem to explain the "tc -s .." output in the
examples below. And I can''t figure out why or how...
#tc qdisc
2004 Nov 09
4
[PATCH] [TRY2] Use nfmark as a key in u32 classifier
Hello!
This is the try number two.
What was changed:
- Added selectable choice in Kconfig file (thanks Jamal!)
- Don''t abuse tc_u32_sel to not break backward compatibility (thanks
Patrick!).
Stephen, do you have any comments on iproute2 part? I know it''s not
perfect but this is the best way, I think. "u32 match mark vvvv mmmm" it''s
intuitive but breaks a
2006 Apr 09
2
tc counters "problem"
Hi, I''m using tc and HTB to shape my outgoing ADSL traffic. I was trying to
make some graphs on the classes by meassuring the "sent bytes" of each class
using rrdtool to store the data (as kbps after conversion). I expected that
meassuring the root class I would get values similar that the ones I get
measuring the interface counters but they differ by a large amount.
Is
2007 Apr 04
13
tc questions
Hi to all of you!!!
I am a Computer Science student trying to do the pre-grade thesis. I am trying
to develop a free software tool to help administrators to control the
traffic. Right now this tool is based on tc and iptables.
I am having some problems trying to understand tc and tc examples:
- Why in almost every list of tc rules based on htb class, there is a "tc
qdisc dev ... root ...
2006 Feb 23
1
1k: 1000 or 1024?
The docs[1][2] suggest it''s 1024, but tc says something else:
# tc qdisc add dev eth0 root tbf rate 1kbps latency 50ms burst 1500
# tc -s qdisc ls dev eth0
qdisc tbf 8009: rate 8000bit burst 1499b lat 48.8ms
^^^^^^^
Sent 0 bytes 0 pkt (dropped 0, overlimits 0 requeues 0)
rate 0bit 0pps backlog 0b 0p requeues 0
If 1k were 1024, then I would have 8192bit above.
2005 Sep 28
4
Re:Does HTB consider PRIO or not? 2
Thanks for quick reply Andreas!
> Every class is allowed to use bandwidth as long as it does not have to
> borrow (the specified rate is guaranteed). Prio in HTB only affects
> borrowing bandwidth from other classes... In the example below, the class
> 1:5 should be allowed to borrow bandwidth before 1:14 does.
Thats exactly what I want from HTB to do..to prio the borrowed bandwidth.
2005 Apr 04
8
Help please with tc and iptables mark
Hello list members,
Finaly I''m here after a week of trying to subscribe to this list... pfew...
Anyway... I have a rather strange problem with tc. I am trying to police the
ingress traffic into my network using the iptables MARK feature (in mangle
table, PREROUTING) but it seems that tc filters ignore this marks and they
don''t work at all for me. Let me explain a bit more in
2006 Apr 10
1
Where is the documentation for IFB ?
Hi all,
Can you tell me where is the documentation for the new IFB (implemented
in kernels > 2.6.16).
Thanks in advance!
Nikolay