[LARTC] problem with classifying

darkstar soho at paralax.org
Thu Oct 6 12:55:20 CEST 2005 

Hello list
I have a problem with classifying traffic from two providers, and about 
600 users.
I have the following situation:

P1-\            | linux |
       --eth0-| box    |-eth1
P2-/            |          |

P1 and P2 are coming from VLANs. I have 4 type traffic which I want to 
classify.
The traffic is divided as follows:
P1 - 100mbit from realm 0x70000
         10mbit from realm ! 0x70000
P2 -  30mbit from realm 0x80000
           1mbit from realm ! 0x80000
For this I use marking by realm with iptables, like this:

iptables -t mangle -A FORWARD -i eth0.1 -m realm --realm 0x70000 -j MARK 
--set-mark 0x27
iptables -t mangle -A FORWARD -i eth0.2 -m realm --realm 0x80000 -j MARK 
--set-mark 0x28
iptables -t mangle -A FORWARD -i eth0.1 -m realm ! --realm 0x70000 -j 
MARK --set-mark 0x29
iptables -t mangle -A FORWARD -i eth0.2 -m realm ! --realm 0x80000 -j 
MARK --set-mark 0x2a

After this I classify them  with:
iptables -t mangle -A POSTROUTING -o eth1 -m mark --mark 0x27 -j 
CLASSIFY --set-class 1:1
iptables -t mangle -A POSTROUTING -o eth1 -m mark --mark 0x29 -j 
CLASSIFY --set-class 1:2
iptables -t mangle -A POSTROUTING -o eth1 -m mark --mark 0x28 -j 
CLASSIFY --set-class 1:3
iptables -t mangle -A POSTROUTING -o eth1 -m mark --mark 0x2a -j 
CLASSIFY --set-class 1:4
So far, so good...
Both HTB or HFSC are identical and looks like this:

tc qdisc add dev eth1 root handle 1: htb default ffff
tc class add dev eth1 parent 1: classid 1:fffe htb rate 102400kbit ceil 
102400kbit
tc class add dev eth1 parent 1:fffe classid 1:1 htb rate 97280kbit ceil 
97280kbit
tc class add dev eth1 parent 1:fffe classid 1:2 htb rate 7168kbit ceil 
7168kbit
tc class add dev eth1 parent 1:fffe classid 1:3 htb rate 10240kbit ceil 
30720kbit
tc class add dev eth1 parent 1:fffe classid 1:4 htb rate 1024kbit ceil 
1024kbit

And then filters per IP are attached for these classes.
The same is in the egress and everythung seems to work, but
after the applying of classes and filters the delay of ping from class 1:2
is jumping from:
time=1.60 ms
time=1.65 ms
time=1.91 ms
time=1.86 ms
to:
time=986.60 ms
time=1110.63 ms
time=1240.98 ms
time=857.34 ms

Please help, I cannot understand where is the mistake. I tryed many ways 
to classify this traffic
but something is wrong...
Any help is very appreciated

Thanks in advance

regards

More information about the LARTC mailing list