[LARTC] class exceeds its ceil

[Ratel]

Hi,

I have a setup like this:

   class 1:1 rate 7600kbit  (on a imq device)
        |
        |\class 1:10 rate 100kbit ceil 5600kbit prio 7 (here goes p2p 
traffic)
         \class 1:12 rate 7500kbit ceil 7600kbit
            |
            |\class 1:121 rate 3100 ceil 7500kbit prio 0
            |\class 1:122 rate 2200 ceil 7500kbit prio 2
             \class 1:123 rate 2200 ceil 7500kbit prio 3 (default)

My problem is: the 1:10 class consumes the whole bandwidth.
This is caused by a massive p2p traffic. I've read similar posts on this 
list, and I can't use the solution proposed by Stef Coene here:  
http://mailman.ds9a.nl/pipermail/lartc/2002q2/003958.html. I match p2p 
packets with both ipp2p and layer7 filters and mark them with iptables 
MARK. I can easily block p2p traffic, but when I allow it - it exceeds 
its ceil and reaches the rate of my internet link, which is unacceptable.
I need to allow other classes to borrow bandwidth from a p2p class, but 
I do not want to allow a p2p class to borrow bandwidth from other 
classes. Is there a way to achieve it ? maybe I should redesign 
something in the above diagram.

W