[LARTC] can I use tos and fwmark at the same time?

panca sorin psihozefir at yahoo.com
Tue Nov 15 14:42:52 CET 2005 

Hello lartc maintainers and users!
  I have a router with two NICs. One NIC is connected to the Internet and the other to my internal LAN. I made a script for priorizing interactive traffic. The script matches TOS Minimize-Delay for priorizing interactive trafic, and fwmark for metropolitan packets.
 I have two root classes (simulating two circuits) : 1:1 for internet and 1:3 for metropolitan.
 When I watch -n1 tc -s -d qdisc show, the classes that belong to metropolitan traffic (FE) on the two interfaces are not sending nor receiving any byte...
 Can someone help me out this situation? I list my tc and iptables scripts below (for some reason I could't attach them - "Invalid file").
 Thank you in advance!
 ---------------------------------------------------------------------------------------------------------------------
 my_script.sh:
       
#!/bin/bash  tc=/sbin/tc u=kbit U=Mbit RATE=256 metro=1  for eth in ` echo eth0 eth1 `; do     $tc qdisc del dev $eth root &>/dev/null     $tc qdisc add dev $eth root handle 1: htb default FF      # class default - non-priorized traffic     $tc class add dev $eth parent 1: classid 1:1 htb rate $RATE$u ceil $[$RATE-16]$u     $tc class add dev $eth parent 1:1 classid 1:FF htb rate 1$u ceil $[$RATE-16]$u prio 1     $tc qdisc add dev $eth parent 1:FF handle FF: sfq perturb 10      # priorized traffic - Internet (TOS = Minimize-Delay)     $tc class add dev $eth parent 1:1 classid 1:2 htb rate $[$RATE-16]$u ceil $[$RATE-16]$u burst 16k prio 0     $tc filter add dev $eth parent 1: protocol ip prio 1 u32 match ip tos 0x10 0xff flowid 1:2     $tc qdisc add dev $eth parent 1:2 handle 2: sfq perturb 10      # metropolitan (MARK = 1)     $tc class add dev $eth parent 1: classid 1:3 htb rate 100$U ceil 99$U     $tc class add dev $eth parent 1:3 classid 1:FE htb rate 99$U ceil 99$U     $tc qdisc
 add dev $eth parent 1:FE handle FE: sfq perturb 10     $tc filter add dev $eth parent 1: protocol ip prio 0 handle $metro fw flowid 1:FE done
----------------------------------------------------------------------------------------------------------------------
 output of iptables-save (mangle PREROUTING):
 
 -A PREROUTING -p tcp -m tcp --sport 80 -j TOS --set-tos 0x10
 -A PREROUTING -p tcp -m tcp --dport 80 -j TOS --set-tos 0x10
 -A PREROUTING -p tcp -m tcp --dport 443 -j TOS --set-tos 0x10
 -A PREROUTING -p tcp -m tcp --sport 443 -j TOS --set-tos 0x10
 -A PREROUTING -p tcp -m tcp --sport 5050 -j TOS --set-tos 0x10
 -A PREROUTING -p tcp -m tcp --dport 5050 -j TOS --set-tos 0x10
 -A PREROUTING -p tcp -m tcp --dport 6667 -j TOS --set-tos 0x10
 -A PREROUTING -p tcp -m tcp --sport 6667 -j TOS --set-tos 0x10
 -A PREROUTING -p tcp -m tcp --tcp-flags SYN ACK -j TOS --set-tos 0x10
 -A PREROUTING -s 82.77.124.128/255.255.255.224 -d 82.77.124.128/255.255.255.224 -j MARK --set-mark 0x1
 -A PREROUTING -s 82.77.124.128/255.255.255.224 -d 193.226.0.0/255.255.0.0 -j MARK --set-mark 0x1
 -A PREROUTING -s 193.226.0.0/255.255.0.0 -d 82.77.124.128/255.255.255.224 -j MARK --set-mark 0x1
 -A PREROUTING -s 192.129.0.0/255.255.0.0 -d 82.77.124.128/255.255.255.224 -j MARK --set-mark 0x1
 -A PREROUTING -s 82.77.124.128/255.255.255.224 -d 192.129.0.0/255.255.0.0 -j MARK --set-mark 0x1
 
 

		
---------------------------------
 Yahoo! FareChase - Search multiple travel sites in one click.  
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://mailman.ds9a.nl/pipermail/lartc/attachments/20051115/bb196823/attachment.html

More information about the LARTC mailing list