similar to: iptables & tc - 3 marks

Hi.... Help me please!!! I am using Linux Redhat as gateway of the my network to internet. I am to making NAT and firewall. In my iptables script, I need make 3 MARKs for the same packet, as following # It marks the packets that will go for link ADSL (I have 2 links - adsl 2Mb and ''dedicate link'' 256Mb ) # I am using ''ip rule / ip route'' to make this

Hi, with the attached config my gaming ping is still +20ms, even if the line isn''t saturated..can anybody give me a hint how to get a better response time? my line: 1024/128kbit outbound: one htb qdisc for gaming (7kbps) prio 0 ceil 14kbps<- should get more traffic when needed. Htb again for irc and default. inbound: css, irc, p2p, default <- same shema as before, give css

hello, a friend of mine have this configuration: 10 x PC -- router/linux/rh8 -- ADSL Modem -- ISP let''s say that the bandwidth is: 5M and 800K he does dc++ and counter-strike, so let''s say the UP is full, and the ping from the counter server is 300ms, the server cut the connection, and no more game, the player is unhappy. The normal ping is 50ms. so he thinks to put some

Actually i gave up, i tried and tried and tried so many times, upgrading software falling back to an old version but it didn''t work, that''s it. i can''t do work together tc with iptables and iproute2 when i mark a packet with iptables tc doesn''t recognize them so it falls at the default leaf of the tc''s tree what i like is to mark packets depending on

Can anyone tell me what is causing htis by chance? I know it is the application. What's weird is i "fixed' it last time by reformatting the machine to stabilize this one app. Now after a month it crashes again.... Well the steam hlds has started randomaly crashing again. ---------------------------------------------- ---------------------------------------------- CRASH: Tue

I would lilke to shape upload ftp bandwidth in a dual ISP setup [shorewall show connections] tcp 6 431215 ESTABLISHED src=192.168.2.89 dst=83.xxx.xxx.23 sport=1487 dport=21 src=83.xxx.xxx.23 dst=10.0.11.2 sport=21 dport=1487 [ASSURED] use=2 mark=1 [tcdevices] #INTERFACE IN-BANDWITH OUT-BANDWIDTH $EIF 970kbit 245kbit $LIF 970kbit 245kbit

I am looking for a good htb traffic shaping script to prioritize incoming traffic over outgoing traffic for my machine. I have a 100mbit line, ftp up, backup data comming in, but whenever mirrors starts grabbing it they use all the traffic and the backup data comming in (the important data) drops to like 300kb/sec. I was thinking some script doing sleep 60 [if downstream > 1mb/sec, limit

Hello, I''ve been trying to shape the bittorrent traffic (on my external interface, upload), but without luck, for this I''m using layer7 filter right now, but I''ve also tried ipp2p, with the same results, I might say that this is not a problem with this packet classifiers, the problem is with HTB, here''s why. When I open azureus (the bittorrent client I

Hello all, I am still reading about my QoS rules and I need that one of my servers (that is into my LAN but has an routing ip address) did not get into the qos rules I have. So I want that all traffic coming or going to that specifc host did not get shapped by any traffic control and do not get even into a QoS class. How can I do this? Att, Nataniel Klug

Hello, I''m having some trouble with the u32 port match and that is when specifying a mask. tc filter add prio 1 dev ppp1 parent 2:0 protocol ip u32 match ip dst 0.0.0.0/0 match ip protocol 17 0xff match ip dport 27015 0xffff flowid 2:4 Using 27015 0xffff works just fine, all packets to dport 27015 go to 2:4 tc filter add prio 1 dev ppp2 parent 2:0 protocol ip u32 match ip dst

Hello all, I am trying to make a little bit more complex QoS/Shapping form and I need to shape a PPPoE conection that I serve to my clients. So this is the scope: client connects using pppoe so it gets an IP address (from pppoe pool) and open an interface into my linux box interface for this client is ppp0 client has got an ip 1.1.1.2/32 and it is poiting to pppoe-server 1.1.1.1 So,

Hi All, I''m configuring my natting-firewall to do some tc shaping. Some traffic has to be shaped on 30mbit, some on 10mbit all the others are unlimited. The configuring and filtering works correctly. The traffic that is shaped at 30mbit is correct, but the traffic that is shapped at 10mbit only gets to 100KB/sec. It is on a device configured with bonding (both in and out interface).

Hello all, It would be a great feature if QOS could be implemented in Tinc. It's not to do any sort of comparison, but with OpenVPN, the traffic can be shapped. In the way that tinc works as mesh VPN, the great feature would be to fix a shapping value on each nodes, known and respected by each others. (like MPLS does) As an exemple, you've got 3 nodes A,B and C, you want Tinc flows on A

I have an hlds server on a CentOS 3.3 box with all the latest updates. it is a p-4 1.4 ghz with 384 megs of pc-800 and no less than 250 megs free at all times. Hlds has been crashing on me since the latest updates. I am thinking it is hlds acting a fool but i wanted to post here as well just to make sure. Here is the error. ./hlds_run: line 423: 5450 Segmentation fault $HL_CMD

Hello all, I am with a doubt about QoS solution... I have a 4 Mbit backbone coming from the telco I use... This is the link I serve to my clients, so I make this classes: $TC qdisc add dev $DL root handle 1: htb default 60 CLASS="/sbin/tc class add dev $DL parent" $CLASS 1: classid 1:1 htb rate 4096Kbit $CLASS 1:1 classid 1:10 htb rate 256Kbit ceil 3072Kbit burst 15k $CLASS 1:1

Hi, I am experimenting a little bit with my firewall and I don''t seem to get my head round marks ... I try to mark p2p packets generated on the firewall in the output chain and then try to match that mark either in NAT OUTPUT or POSTROUTING I don''t seem to get the expected result. Any help or clue would be more than welcome. root@droopy:~/firewall > iptables-view -t

Hello. I''m newbie with QoS. I read some articles and I have a question on You. If you have time to spare, it would be great if you reply. Here is my problem. I''m on wireless network(no earnig comunity). We got 2/2Mbit(soon 4/4) for 100 people(sharing link). Not long ago people start screaming that their games don''t work good(lagging). So I add to our qos class games

Hi, I''m having issues with policing my incoming traffic by matching packet marks made by iptables. I''ve checked as many sites and guides as I can find, and I seem to be doing the exact same thing as they all are, but there''s still no success. As such, I was wondering if anyone can have a quick look to see if I''ve done anything obviously stupid? Essentially, I

----- Forwarded message from Louis Kowolowski <louisk@bend.com> ----- Date: Thu, 28 Aug 2003 11:37:42 -0700 From: Louis Kowolowski <louisk@bend.com> To: freebsd-security@freebsd.org Subject: snort, postgres, bridge User-Agent: Mutt/1.5.4i I've been prowling through the FreeBSD and Snort list archives in search of information on setting up snort on a FreeBSD bridge(4) that logs

Hey folks, I stumbled across the Mastershaper project ( http://www.mastershaper.org/ ) but I have a little problem: I wanted to shape the traffic coming from the router itself aswell as coming from the LAN behind the router, for that task I need IMQ, but with IMQ iptables-(layer7)-matching is not possible. Now I''ve talked with the programmer and he said the following: >The problem is