similar to: MARK & RETURN at once ?

hi, does someone tried bridge and or router functionality of linux kernel on multiprocessor system. Does multiprocessor system increase network performance or give ability to process higher traffic.. What about highest possible troughput someone have achieved ? etc.. tia _______________________________________________ LARTC mailing list / LARTC@mailman.ds9a.nl

This is more of a NF question but it is tightly related to LARTC as well. In the following example: -t mangle -A PREROUTING -i eth0 -j MARK 0x1 .... -t mangle -A INPUT -i eth0 -j MARK 0x2 Since MARK is a non-terminatring target, what would be the resulting mark on a packet comming from the outside and destined for a local process? Thanks P.S. I agree, the example looks stupid, but on the

Hello, I have a LINUX server with two internet connections available. I want all the traffic to go over the default route, but HTTP traffic to go over ISP2 line. Interfaces: eth1 192.168.2.254 - LAN 192.168.2.x ppp0 x.x.x.106 - remote gateway x.x.x.6 - ISP1 (default route) eth0 192.168.164.254 - remote gateway 192.168.164.113 - ISP2 (a hardware router) I have the following configuration: echo

Hello. I have eth1 for WAN(0.0.0.0) and eth0 for LAN (192.168.10.0/24), need to setup that local user get access to $LOCAL_IP network and ip 192.168.10.2, 192.168.10.3 (will be more in future) to internet, but bandwidth to $LOCAL_IP is 128kbps and for internet is 8kbps. i wrote rc.firewall #!/bin/bash #env IPTABLES="/usr/sbin/iptables" LOCAL_IP="62.64.80.0/21 62.221.38.0/24

hi all At last i got sucess !.. but am confused y it didnt work earlier..the difference today was that i reinstalled RH7.2 & complied kernel 2.4.16(not 17).. rest was same..... & the bandwidth too is under control!.. is it normal for to get more than said bandwidth--i mean i restricted a network with 8Kbit(with same script as below) but still was able to get a download(ftp) of

Greetings, I want to setup bandwidth restrictions for a few clients that use openvpn to connect to my server. I''m using iptables to mark the packets in the mangle table (PRE/POSTROUTING) on eth0 before they get sent via the tunnel. Will the mark survive even if the packets then get routed via an openvpn tunnel (tunX) out the box or does openvpn change it removing the mark ? damnit,

I have many iptables setmark commands, but as soon as there is one match, I would like to skip all the rest. How to do this. -------not-working-not-mark-zero-is-not-accepted--------- iptables -t mangle -A PREROUTING ..... -j MARK --set-mark ..... iptables -t mangle -A PREROUTING -m MARK ! --mark 0 -j ACCEPT iptables -t mangle -A PREROUTING ..... -j MARK --set-mark ..... iptables -t mangle -A

Hello all, this is my first post here. Sorry for my english. Gentoo LAN router, 2.4.26-hardened-r2 There are 2 WAN links, one LAN link. I am doing some iptables/routing/tc magic in my scripts. What''s interesting is marking packets traveling from all IP''s in LAN. Interesting commands are: ------------- for ip in `seq 50`; do $IPTABLES -t mangle -A FORWARD -o eth2 -d

Hi, Host A has two interfaces: eth0, tap0. I want that all locally generated traffic from user 1004 goes through tap0. This is what I did: iptables -A OUTPUT -t mangle -m owner --uid-owner 1004 -j MARK --set-mark 2 echo 202 bigmac.out >> /etc/iproute2/rt_tables ip rule add fwmark 2 table bigmac.out ip route add default via 10.0.0.1 dev tap0 table bigmac.out ip route flush cache

Hello, I am trying to shape p2p trafik to 256kbps on my dsl line. I wrote this set of commands: DEV=eth2 ip link set imq0 up tc qdisc add dev imq0 root handle 1:0 htb default 21 r2q 2 tc class add dev imq0 parent 1:0 classid 1:1 htb rate 530kbit tc class add dev imq0 parent 1:1 classid 1:20 htb rate 530kbit ceil 530kbit prio 0 tc class add dev imq0 parent 1:1 classid 1:21 htb rate 64kbit

I am trying to mark outbound passive ftp traffic with iptables and shape it to 35KBytes. I am using the following script on the computer that runs the ftp server. It is not working correctly, it seems to limit ALL traffic. Cant file share or anything. Anyone might know what is wrong? #!/bin/bash #shaping passive ftp traffic # mark the outbound passive ftp packets on ports 50000-51000

I just noticed that policers don''t seem to work with marks in 2.6 . Can anyone get - iptables -A PREROUTING -t mangle -p tcp -j MARK --set-mark 1 tc qdisc add dev eth0 handle ffff: ingress tc filter add dev eth0 parent ffff: protocol ip prio 1 handle 1 fw police rate 100kbit burst 10k drop flowid :1 To work on a 2.6 - it''s OK on 2.4.26, version of tc used makes no

> Message: 8 > Date: Fri, 14 Mar 2003 21:49:49 +0200 > From: raptor <raptor@tvskat.net> > To: lartc@mailman.ds9a.nl > Subject: [LARTC] [tcng] X:Y to tcng corespondence ! > > Is there a easy way that I to get class-id<----->tcng-class-path conversation.... and vs. versa.. > > --__--__-- There are couple files can be created by tcc: # cat a.tc dev

Hi.... Help me please!!! I am using Linux Redhat as router of the my network. I am to making NAT and firewall. In my iptables script, I need make 3 MARKs for the same packet, as following # It marks the packets that will go for link ADSL (I have 2 links - adsl 2Mb and ''dedicate link'' 256Mb ) # I am using ''ip rule / ip route'' to make this iptables

In its current configuration one of our Linux boxes has 2 DSL modems that connect to the same service provider. On the router packets coming in from the network destined for the internet are marked alternating using nth match those packets are supposed to be picked up by iproute2 and routed out the physical connections based on that mark, thereby doubling the outbound bandwidth. The problem is

Hello, Here is what I want to do: I have a patch that make me able to mark package by its nature useing layer 7. So I use this line to mark a packge (i will use msnmessenger like example): $IPT -t mangle -A POSTROUTING -m layer7 --l7proto msnmessenger -j MARK --set-mark 3001 Now I want that all packges with this mark get throu my gateway using the link at eth2 and all other packges use

Using below configuration multiplied by 3000+ nodes to control bandwidth causes very high kernel cpu usage (99.5%) narrowed it down to the mangle table. Any ideas to do this more efficiently would be appreciated. The mangle table entry (indicated by ***) is sucking all the cpu. I am running RH7.3 kernel 2.4.18-3 and iptables 1.2.5 This setup has worked well for more than 1000 devices but as the

Hi folks, I have a strange situation. When I add branches to the tree, everything goes to the default class. The error might be obvious, but I cannot find it. I would really appreciate your help. this works, nothing goes to "1:9999": ############################################################################# /sbin/iptables -F -t mangle /sbin/tc qdisc del dev eth1 root >

Will the following rules work to mark and shape OUTBOUND ftp speed (passive ftp ports 50000-60000) on my linux server? I want to be able to run these commands on the actual computer that is running the ftp server. iptables -t mangle -N MYSHAPER-OUT iptables -t mangle -I POSTROUTING -o eth0 -j MYSHAPER-OUT iptables -t mangle -A MYSHAPER-OUT -p tcp --dport 50000:60000 -j MARK --set-mark 1 tc

hi, I have strange problems with HTB and several hundred classes flat structure i.e. root |--50kbps |--30kbps |--50kbps |--80kbps |--100kbps .... several hundred classes like this Ceil is the same as rate. The machine get no more than 2-3% average cpu(2.4Ghz pentium). What happens is that from time to time the traffic got "stalled". I tried numerous things to solve