similar to: [Bridge] Bridge and iptables

Hi All, I''m trying to do some traffic shaping on an ethernet bridge. Currently, I have the following setup working: ifconfig eth0 down brctl addbr br0 brctl addif br0 eth0 brctl addif br0 eth1 brctl stp br0 off ifconfig eth0 0.0.0.0 up ifconfig eth1 0.0.0.0 up ifconfig br0 up This creates a bridge consisting of eth0 and eth1. So far so good. I now want to use tc to shape traffic

Hi All, I''m trying to do some traffic shaping with IFB. I have installed Ubuntu 6.0.6 and upgraded to the 2.6.17.7 kernel. I have an ifb0 device. However, I think I may have the wrong version of TC installed, because it doesn''t like the ''mirred'' argument. What version of iproute should I be using, and how can I upgrade it? apt-get update iproute

Dear all, I am working on a linux box (2.4.22 kernel) which is used as a bridge. And I want to add traffic control rules on it by client''s MAC. Does anyone has such experience on how to do that? Thank you very much!! Best regards, Henry _______________________________________________ LARTC mailing list LARTC@mailman.ds9a.nl http://mailman.ds9a.nl/cgi-bin/mailman/listinfo/lartc

Hi All, I need to do some tricky filtering stuff. Can anyone tell me if any of the following are possible? * match on a combination of firewall mark AND u32 criteria. ie. handle 6 fw AND u32 match ip src 1.2.3.4/32 - to match packets from 1.2.3.4 which have been marked elsewhere OR * to OR the values of u32 matches. Something like u32 match ip src 1.2.3.4/32 OR match ip dst 1.2.3.4/32 - to

Hi all, Can anybody tell me what the maximum number of handles are that I can use when setting up qdiscs and classes in tc? Regards, Leigh Leigh Sharpe Network Systems Engineer Pacific Wireless Ph +61 3 9584 8966 Mob 0408 009 502 Helpdesk 1300 300 616 email lsharpe@pacificwireless.com.au web www.pacificwireless.com.au _______________________________________________ LARTC

Hi all, I''m having a hell of a time getting my IFB to work. I know I''ve done this before, so I''m missing something stupid. Can anybody tell me what it might be? Configs as follows: -------- #!/bin/sh modprobe ifb numifbs=1000 modprobe act_mirred modprobe 8021q brctl addbr br0 brctl setfd br0 0 brctl stp br0 off brctl addif br0 eth1 brctl addif br0 eth2 ifconfig eth1

Hi all, I''m having some problems setting up qdiscs on a bridge.The config looks a little like this: ifconfig ifb0 up # Bring up the IFB for this bridge. tc qdisc add dev eth2 ingress tc qdisc add dev eth3 ingress tc qdisc add dev ifb0 root handle 1:0 cbq bandwidth 100Mbit avpkt 1000 cell 8 # Raw qdiscs on each bridge port tc qdisc add dev eth2 root handle 1:0 cbq bandwidth

Hello list, I've posted here about this before, but I realise that it may have been assumed that the bridged vlans simply put a switch port in a blocking state and left my question ignored. So to recap. I have two tg3 interfaces named 'in' and 'out' and a bridge named 'br0' My vlan trunk is on the 'in' side of the network, and set as in.2, in.3 ... The

Hi all, Further to my previous questions, I need lots of IFBs on this thing. I have configured IFB as a module, and issuing a modprobe ifb loads it, but only gives me 2 IFBs (ifb0 and ifb1). How can I get more? I''m probably looking at needing about 20 on this project. Regards, Leigh Leigh Sharpe Network Systems Engineer Pacific Wireless Ph +61 3 9584 8966 Mob 0408 009

Hello list, I''ve been using linux and open source software for over 5 years now and I want to give something back to the community. I''m working on a PHP-based project (SPITS). The aim of this project is to easly create a shaping script, using a web interface, without needing to know tc and iptables command line options. As the project is now in beta stage, soon a CSS

Hi Rahul, If you're certain that your problem isn't as Stephen suggested, you might want to have a look at this: --- (From http://ebtables.sourceforge.net/brnf-faq.html <http://ebtables.sourceforge.net/brnf-faq.html> ) How do I let vlan-tagged traffic go through a vlan bridge port and the other traffic through a non-vlan bridge port? Suppose eth0 and eth0.15 are ports of br0.

Hello, I''m using tc to limit the bandwidth of our wireless customers. I have a working script, but I''m not happy with it. I''m trying to write a more sophisticated script, but when I run it, it give me this error: RTNETLINK answers: File exists I have no idea what this error means or how to fix it. Here is a portion of the script (the whole script shapes several

We switched over from a bordermanager firewall to a shorewall firewall. Some stuff is not working now. I realized that I had not created the route for the network that is not working however once I created it, it still didn''t work. Most of our network is fine however some pieces are not working. [Net] - [Shorewall] - [LAN] - [Cisco] - [Clients and servers not working] The firewall

Hi All, I''m using HTB to shape traffic, a little like this: tc qdisc add dev eth2 root handle 1:0 htb tc qdisc add dev eth3 root handle 1:0 htb tc filter add dev eth2 parent 1: protocol 0x8100 prio 5 u32 match u16 3000 0x0fff at 0 flowid 1:1 action ipt -j MARK --or-mark 0x01000000 tc filter add dev eth3 parent 1: protocol 0x8100 prio 5 u32 match u16 3000 0x0fff at 0 flowid 1:1 action

Hi, I am trying to configure a Redhat 7.1 m/c to join a Windows NT domain. configured smb.conf [global] ... encrypt passwords = yes security = domain password server = * ... Added NT m/c account in the DOMAIN for the linux m/c. when I run smbpasswd from root login # smbpasswd -j DOMAIN -r DCDEV cli_net_auth2: Error NT_STATUS_ACCESS_DENIED cli_nt_setup_creds: auth2 challenge failed

Hi all, I''m sure I''m soing something wrong here. I am trying to set up a rate limit inside another rate limit. eg. I have a 512K rate limit on a particular VLAN. I am using an IFB so that packets passing through the bridge are counted at each port.(ie the throughput is limited to 512K, not just the traffic in one direction.) This part works OK, but I also want to limit a

Hi all, I''ve been trying to do the above and read everything I can find on Google on the subject, but something seems to be going wrong. I tried the following sample rules in iptables (initially I just set the first one, but I added more as my desperation escalated): iptables -t mangle -A PREROUTING -p icmp -j MARK --set-mark 1 iptables -A FORWARD -p icmp -j MARK --set-mark 1

Hi all, I''m having a hell of a time getting tc and IFBs to co-operate. I''ve copied the following from http://linux-net.osdl.org/index.php/IFB: -- export TC="/sbin/tc" $TC qdisc add dev ifb0 root handle 1: prio $TC qdisc add dev ifb0 parent 1:1 handle 10: sfq $TC qdisc add dev ifb0 parent 1:2 handle 20: tbf rate 20kbit buffer 1600 limit 3000 $TC qdisc add dev ifb0

Hi Guys, I'm having trouble with joining a W2K3 Native Mode Domain. Can anyone point me in the right direction to look for answers? I intslled from rc3 SRPM. When I do: net ads join DOMAIN -U domadm@REALM -d10 I get this error towards the end. Thanks, Dulantha. .... .... [2003/09/10 17:48:27, 3] libads/sasl.c:ads_sasl_spnego_bind(184) got OID=1 2 840 113554 1 2 2 3 [2003/09/10

I am trying to setup GRE between two CentOS 4.5 boxes. I have tried several variations of what''s listed below, but none of them work. box1: modprobe ip_gre ip link set gre0 up ip tunnel add gretun mode gre local 66.1.1.161 remote 66.1.2.161 ttl 20 dev eth0 ip addr add dev gretun 10.253.253.1 peer 10.253.253.2/24 ip link set dev gretun up ip route add 10.2.0.0/16 via 10.253.253.2 box2: