[LARTC] complex; ifb, masq et omnia
Krzysztof Matusik
kyf at arterm.pl
Mon Mar 6 18:53:53 CET 2006
Hi all.
I'm using Jamal's ifb virtual interface from new kernel. Redirecting incoming
traffic from external interface like that:
# tc [blahbla] match u32 0 0 flowid 1:0 action mirred egress redirect dev ifb0
to ifb to shape it.
The problem is that I'm using MASQUERADE by netfilter also. That redirected
traffic coming from internet gets to ifb _before_ DNAT is done. So I cannot
filter or mark it in other way by ip dst address to differ between forwarded
and incoming traffic to my node.
Goal is to find a solution how to let tc filter find the difference between
forwarded and incoming traffic in that redirected traffic coming to ifb
device so shaping/queueing could be done elegantly :-)
(well, infact this traffic goes off ifb device and then gets routed and masqed
etc- by egress queue)
Anybody got any nice ideas?
Krzysztof
More information about the LARTC
mailing list