[LARTC] Bridge + TC

[Jon Anderson]

I'm hoping someone can provide a little input that might help me out a 
little...

I've recently tried to setup a 3-interface transparent bridge, where 2 
internal interfaces (eth1,eth2) funnel into 1 outgoing interface (eth0). 
The idea was to be that eth1 gets priority over eth2 in all cases.

The bridge works flawlessly - it passes all layer2 traffic through 
properly. The traffic control however, does not work at all. (The LARTC 
Howto says bridging + tc should "work as advertised", but no examples or 
instructions are given...)

The conclusion I came to was that bridging is done in layer2, and so 
traffic control code (typically layer3) never gets to touch it. Am I wrong?

Setup was: mark packets with ebtables, then filter into 2 qdiscs based 
on those marks.

Ebtables bit:
ebtables -A FORWARD -i eth1 -j mark --set-mark 0x1
ebtables -A FORWARD -i eth2 -j mark --set-mark 0x2
- This works, as ebtables' counters do count matching packets correctly 
(connecting a machine to and interface, and starting . (I assume that 
they set sk_buff->nfmark properly.)

.

Classes:
tc qdisc add dev eth0 root handle 1: htb default 10
tc class add dev eth0 parent 1: classid 1:1 htb rate 500kbit ceil 500kbit
tc class add dev eth0 parent 1:1 classid 1:10 htb rate 450kbit ceil 500kbit prio 0
tc class add dev eth0 parent 1:1 classid 1:20 htb rate 50kbit ceil 500kbit prio 1

tc filter add dev eth0 parent 1:0 protocol ip prio 1 handle 1 fw classid 1:10

tc filter add dev eth0 parent 1:0 protocol ip prio 2 handle 2 fw classid 1:20

As I understand it, the second last line should put packets with nfmark 1 into class 1:10 (450-500 kbit), and the last line should put packets with nfmark 2 into class 1:20 (50-500kbit).

With an active host plugged into eth2, all I get is traffic going through the default class (1:10) according to 'tc -s show class dev eth0'

If anyone could offer any suggestions, I'd be glad to hear 'em.

Cheers,

jon anderson