similar to: Packet marking for ingress shapping and NET

I''ve followed this list for quite a long time and have even posted a couple of times. I used the early versions of IMQ from Devik (I think that was his name), and it worked well. I only ever got the chance to implement it in my test environment. I now need to implement it in my production environment. My Linux core router has nine interfaces and has a 27 megabit connection to the

Hi, I''m looking for info about IFB devices and how I can use it to incomming traffic shapping. Has IFB any web about it? Do any body known where I can find more info about it? I found this: http://linux-net.osdl.org/index.php/IFB But I can''t stand fine how to use it to allow many ifb''s devices or how to use it with "tc actions". Any help? Thanks --

ingress can be used to control the incoming packet, such as: tc qdisc add dev eth0 handle ffff: ingress tc filter add dev eth0 parent ffff: protocol ip prio 5 u32 match ip src 172.16.1.11 police rate 10kbit burst 10k drop flowid :1 tc filter add dev eth0 parent ffff: protocol ip prio 5 u32 match ip src 172.16.1.22 police rate 10kbit burst 10k drop flowid :2 first ,I do not sure these method can

On 2/19/07, Salatiel Filho <salatiel.filho@gmail.com> wrote: > Well , thanks to imq all my client machines are now shaped and > everything is great ... > But now i have a doubt , is there a way to shape the traffic that goes > to the route [doing a wget from the router for example ]? > > > I have a PREROUTING IMQ0 and a POSTROUTING IMQ1 , everything is > working like

Can someone verify that using fw as a filter in iproute2-2.6.11-050330 is broken. Doesn''t seem to work in any case and I saw an earlier post that would lead me to believe this is the case. If so does anyone have a temporary fix? Thanks, Troy

Hey folks, I stumbled across the Mastershaper project ( http://www.mastershaper.org/ ) but I have a little problem: I wanted to shape the traffic coming from the router itself aswell as coming from the LAN behind the router, for that task I need IMQ, but with IMQ iptables-(layer7)-matching is not possible. Now I''ve talked with the programmer and he said the following: >The problem is

Hello, I am using the following iptables POSTROUTING rule to NAT some RFC 1918 addresses: iptables -t nat -A POSTROUTING -s 192.168.19.23 ! 192.168.0.0/255.255.0.0 -p tcp --dport 80 -j SNAT --to-source 10.32.4.2 (I am using SNAT instead of MASQUERADE for performance reasons). I have several addresses on the 192.168.0.0/16 subnet that I am SNAT''ing similarly. Problem is, ''tc

Hi, I have a default class for my un-marked traffic (prio 5) and a prio 0 class for the important stuff, but I do not understand why my download traffic is duplicated in both. It work fine for my upload traffic (same setting except the red class but I have the same result if I create an esfq instead). Any comments/information will be appreciated. Below my config : tc commands from my scirpt :

Hi all and tc Gururs i have patched the IMQ and htb to kernel, but when i do egress filtering, iam not able to see any traffic and excusted the following the commands modprobe imq numdevs=1 tc qdisc add dev imq0 handle 1: root htb default 1 tc class add dev imq0 parent 1: classid 1:1 htb rate 100kbit tc qdisc add dev imq0 parent 1:1 handle 10: htb default 1 tc class add dev imq0 parent

Hello, Some time ago I''ve read somewhere that local traffic in IMQ could hung up the whole system but it was corrected long time ago. So I was very surprised yesterday when it occurred not true. While testing IMQ I''ve observed for some time that - if you tag some local traffic with iptables both in pre- and postrouting - kernel is hunging up. It is happening quite quick with

When I try to put all incoming traffic to IMQ on PREROUTING I can''t discern traffic to LAN and traffic to server. When I try to put only INPUT traffic to IMQ... I can''t discern traffic from LAN and from internet. Help me plizz to put all incoming traffic to one IMQ device and all outcoming to other IMQ device and (it''s very important) discern traffic to clients and

Hello all, I have been doing a lot of archive searching over the last week reading posts on IMQ and it''s apparent stability / instability. I have seen a number of posts about it not being maintained as well. Can anyone talk to me about IMQ''s stability in a heavy throughput environment (20 Mbps) and what was causing IMQ to fail if you know. Thanks, Mike

ive got such network: |--------| |-------------| | WORLD |---|ROUTER/server| ------ NATED LAN |--------| |-------------| I want to use imq on ROUTER, what behaviour to choose ? AA, BA, AB, BB ?? --

I am successfully running ingress (IMQ) and egress (HTB) shaping on a bridge. Is there any way to combine and share the bandwidth between ingress and egress? Example: I have set up www service for egress at 128 KB and ingress at 256 KB. The shaping on them works fine separately. However, I want to create a single virtual pipe for www traffic and limit both ingress and egress combined to 256 KB.

Hi, I have more ethernet cards. Egress shaping with HTB over eth0 works fine, ingress shaping with HTB over IMQ works also fine, but in both of cases I use only one class of traffic. Now I want to divide traffic to 3 classes on other interface (egress to ineternal network). I try this command sequense tc qdisc add dev eth1 root handle 1: htb default 12 tc class add dev eth1 parent 1: classid

Hi all, ive been reading lartc howto, im new about traffic shaping/police. As far as red (chapter 9 complete) i saw that first the packet passes at the ingress qdisc, then it passes to the ip stack if the packet is directed to the box or its forwarded (is my case), then it falls to the egress classifier/s. Now, i understand if i have an ipsec vpn at the outside interface, the egress

I have two interfaces, eth0 and eth1 but i can''t discern the egress traffic than ingress traffic. I need to apply htb qdisc in both directions, and I read that I need the IMQ patch to do this, because in ingress qdisc i can''t apply htb qdisc...but where is the ingress qdisc? affect the traffic that goes from eth0 to eth1 or is for the traffic that goes from eth1 to eth0?

Hi, I''m having issues with policing my incoming traffic by matching packet marks made by iptables. I''ve checked as many sites and guides as I can find, and I seem to be doing the exact same thing as they all are, but there''s still no success. As such, I was wondering if anyone can have a quick look to see if I''ve done anything obviously stupid? Essentially, I

Hello there! I am trying to get traffic shaping working on my Linux router (debian woody 3r02) and for some things I wanted to use the layer 7 packet classifier, but I can''t get it to work. Here is what I did: -downloaded the patches from http://l7-filter.sourceforge.net -downloaded the kernel 2.6.7 source -downloaded the iptables 1.2.11 source -patched kernel (layer7 patch and some

Hello, I have eth0 - internet eth1..4 - local networks on eth0 i do $IPTABLES -A POSTROUTING -t nat -o eth0 -j MASQUERADE I want to balance out/in load for eth1..4 and localhost (mainly squid). Nat makes impossible to do it on eth0, so I installed IMQ. I need to get to on imq0 unnnated in/out traffic that I could make priorities for protocols and networks. Do somthing like this: prate=1Mbit