Displaying 20 results from an estimated 1000 matches similar to: "delete tc entries"
2005 Feb 01
6
combining fw and u32
Is it possible to create 1 filter rule using fw selectors AND u32
selectors?
Richard.
--
___________________________________________________________________
Recursion: see recursion
+------------------------------------------------------------------+
| Richard Lucassen, Utrecht |
| Public key and email address: |
|
2005 Sep 21
5
test 1 2 3 4
Second test after big upgrade..
--
http://www.PowerDNS.com Open source, database driven DNS Software
http://netherlabs.nl Open and Closed source services
2005 May 17
3
prio max value
What is the maximum value for "prio"? It seems that for htb its maximum
is 7. Is that right?
R.
--
___________________________________________________________________
It''s so simple to be wise. Just think of something stupid to say
and say the opposite.
+------------------------------------------------------------------+
| Richard Lucassen, Utrecht
2006 Feb 21
6
invert u32 match selector
Is it possible to negate the "match" to the ip? I want to match all
traffic to dport 80 NOT going to dst 1.2.3.4:
$TC filter add dev ${DEV_IFB} parent 1:0 prio 2 protocol ip u32 \
match ip protocol 0x6 0xff \
match ip dport 80 0xffff \
match ip dst 1.2.3.4/32 \
classid 1:14
I can''t find it in the docs. I tried "!" "\!" and "not" in several
2007 Aug 13
3
bonding tap devices
Hello list,
Please don''t shoot me. I know I''m doing something with bonding that
bonding wasn''t made for. I just want to give it a try. I want a simple
mechanism to have a failover on a 24Mbit line to a 2Mbit line in case
the 24Mbit line goes down.
Between A and B there are two lines: a 24Mbit and a 2Mbit. I use two
OpenVPN tunnels with tap devices:
+-- tap0 (A)---
2005 Jul 17
1
IPSEC packets not passing POSTROUTING chain
Packets going to a 2.6 kernel IPSEC tunnel do not seem to pass the
POSTROUTING chain. Is that correct?
R.
--
___________________________________________________________________
It''s so simple to be wise. Just think of something stupid to say
and say the opposite.
+------------------------------------------------------------------+
| Richard Lucassen, Utrecht
2007 Dec 17
3
traffic not getting into class
Hello list,
I have these sorts of filters, putting traffic into the appropiate
classid (1:15 is the default class):
${TC} filter add dev ${DEV_IFB} parent 1:0 prio 1 protocol ip u32 \
match ip protocol 0x6 0xff \
match ip sport 22 0xffff \
classid 1:11 # ssh
${TC} filter add dev ${DEV_IFB} parent 1:0 prio 1 protocol ip u32 \
match ip protocol 0x6 0xff \
match ip dport 22
2019 Dec 28
2
tinydns to nsd
On Sat, 28 Dec 2019 17:02:09 +0100
richard lucassen via nsd-users <nsd-users at lists.nlnetlabs.nl> wrote:
> The problem is (was) that I used "include:" statements in nsd.conf
> to load zone information. Apparently nsd does not reread the include
> files upon a SIGHUP. I scripted everything into 1 file and a HUP
> rereads the zone info now.
Wrong, I made a mistake it
2006 Apr 08
4
source routing does not work with extra ip addresses
I set up this config:
+------+
-+ ISP1 +--+
+------+ | +-------+
+--+ linux |
+------+ | +-------+
-+ ISP2 +--+
+------+
No problem. Standard setup with two ISP''s. Both routed subnets. Default
gateway is ISP1. No magic here.
Now I put a server behind the Linux box. I want the server to be
reachable on an /extra/ IP in the routed subnet of ISP2.
+------+
-+ ISP1
2001 Dec 13
14
tc: u32 match in nexthdr not working?
Hello,
it seems, that filtering on nexthdr (TCP/UDP) content, especially
src or dst port, is not working.
The following has no effect on 2.4.16 or older (even 2.2) kernels:
# tc filter add dev eth0 parent ffff: protocol ip prio 50 u32 match tcp
dst 3128 0xffff police rate 40kbit burst 10k drop flowid :1
Even if
# tc filter ls dev eth0 parent ffff:
filter protocol ip pref 50 u32
filter protocol
2005 May 09
1
individual connections
Is it possible (one way or another) to guarantee or to limit bandwidth
of 1 session?
E.g.:
RDP: 750kbit rate, 1Mbit ceil
default: 250kbit rate, 1Mbit ceil
max bw per RDP connection: 100kbit
guaranteed bw per RDP session: 20kbit
R.
--
___________________________________________________________________
It''s so simple to be wise. Just think of something stupid to say
and say the
2005 Feb 01
1
multiple defaults
I have 1 100MB NIC with two 2MB-subnets trough a router behind it. I''d
like to create multiple default classes:
1: +
|\_ 1:10 default, ceiling 100000kbit, rate 96000kbit
|
|\_ 1:11 ceiling 2048kbit, rate 2048kbit
| |
| |\_1:110 ceiling 2048kbit, rate 1536kbit
| \_1:111 ceiling 2048kbit, rate 512kbit (default subnet1)
|
\_ 1:12 ceiling 2048kbit, rate
2011 Aug 26
2
[Bug 680] Packets disappear after NAT on 2nd gateway
http://bugzilla.netfilter.org/show_bug.cgi?id=680
--- Comment #6 from Richard Lucassen <rl-20100926 at xaq.nl> 2011-08-26 14:54:09 ---
(In reply to comment #5)
> I'm having exactly the same problem. Kernel is 2.6.34.7-56.fc13.x86_64. I
> tested the solution (adding the route) and works. Anyhow, it's only usefull for
> testing, as the IP address of the "external
2001 Nov 28
1
How does tc communicate with the kernel?
Hi,
I am developing on an embedded MIPS-based system; I have iproute2''s ip
working correctly talking to the kernel, but tc seems to be broken. I''d
like to fix this, but I need a little bit of help in figuring out how tc
communictes with the kernel -- can someone tell me the places I should be
looking?
Thanks.
Joseph
2019 Dec 21
1
tinydns to nsd
I have used tinydns for many many years now and it has always worked
very well. I like its simplicity: 1 text file is converted into a cdb
database, there's no master/slave environment (all nameservers are
equal) and synchronisation is done by rsync. Tinydns is run by runit, a
supervise system.
I'm looking at NSD now and I think I can use NSD the same way I use
tinydns. The only
2006 Apr 09
10
Trying to do some very simple ingress limiting, no success
Hi,
I am trying to do some simple ingress limiting based on fwmark. I know
the ability and sense to do INGRESS limiting is ehm... limited ;-) but
still I want to try it.
I tried several things.
=== 1 ===
tcq ingress handle ffff:
tcf parent ffff: protocol ip prio 1 handle 1 fw police rate 12mbit burst 10k drop
tcf parent ffff: protocol ip prio 1 handle 2 fw police rate 10mbit burst 10k drop
2001 Dec 13
3
How to MARK NATtted packets coming from external interface to an internal host ?
Hi,
I would like to control download bandwidth from the Internet for
clients inside a network. The gateway is a Linux box using
''iptables nat''.
I would like to use ''iptables mangle'' to mark the packets coming
from the Internet and going to specific clients and then use CBQ
to shape it:
+-----------+
Internal network | Linux
2004 Nov 18
5
burst question
This is one of my test classes:
class htb 1:10 parent 1:1 prio 0 quantum 2048 rate 160Kbit ceil 400Kbit
burst 1803b/8 mpu 0b cburst 2111b/8 mpu 0b level 0
Q1: where does "level 0" stand for?
Q2: where does this b/8 stand for?
Q3: this is on a i386 platform, so timer resolution should be 10mS.
According to the doc the minimal burst should be 10mS*160Kbit=1600. Why
is it 1803?
Q4: I
2006 Apr 20
0
per connection shaping
Is there a qdisc that allows a per connection maximization?
E.g.: bandwidth 1Mb, four sessions RDP and a per session limit of 250kb
R.
--
___________________________________________________________________
It is better to remain silent and be thought a fool, than to speak
aloud and remove all doubt.
+------------------------------------------------------------------+
| Richard Lucassen,
2005 Jul 25
0
teql load balancing on tap devices
Hello list,
I''d like to use teql with tap devices (two OpenVPN tunnels). This works,
but the doc /usr/src/linux-<version>/net/sched/sch_teql.c says:
"1. Slave devices MUST be active devices, i.e., they must raise the
tbusy signal and generate EOI events. If you want to equalize virtual
devices like tunnels, use a normal eql device."
I can''t find if tap devices