tc filter question - Networking

This is a discussion on tc filter question - Networking ; Hi, If there are two filters that lead the same packet to different leafs then where does it go? I have set up two classes like this: ______________ | 1:0 | ------------------------- __|__ __|__ | 1:1 | | 1:2 | ...

+ Reply to Thread
Results 1 to 2 of 2

Thread: tc filter question

  1. tc filter question

    Hi,

    If there are two filters that lead the same packet to different leafs
    then where does it go?

    I have set up two classes like this:
    ______________
    | 1:0 |
    -------------------------
    __|__ __|__
    | 1:1 | | 1:2 |
    -------- ---------

    tc qdisc del dev eth1 root
    tc qdisc add dev eth1 root handle 1: htb
    tc class add dev eth1 parent 1: classid 1:1 htb rate 54mbit ceil
    54mbit burst 15k prio 0
    tc class add dev eth1 parent 1: classid 1:2 htb rate 200kbit ceil
    54mbit burst 6k prio 1

    And then I filter like this:

    tc filter add dev eth1 parent 1:0 protocol ip u32 match ip src
    192.168.10.0/24 match
    ip dst 192.168.10.0/24 classid 1:1
    tc filter add dev eth1 parent 1:0 protocol ip u32 match ip src
    192.168.10.0/24 match
    ip dst 192.168.10.34 classid 1:2

    As you can see a packet going to 192.168.10.34 will match both
    filters! So wheer does it go?
    Another example of the filtering could be like this:

    tc filter add dev eth1 parent 1:0 protocol ip u32 match ip dst
    192.168.10.0/24 classid 1:1
    tc filter add dev eth1 parent 1:0 protocol ip u32 match ip src
    192.168.10.1 classid 1:2

    This would match f.ex. a packet from 192.168.10.1 to 192.168.10.10 to
    both filters!! again, where does it go? The first one? the last one?
    both???

    I've read the lartc but couldn't see anything about this.

    A secondary question:
    I've set up the above because my server has a slow 200kbit *incoming*
    link from the internet that it forwards to eth1 which has a lot of
    clients attached. Now I shape this traffic further with more classes
    under the one above (it gets split into like 128k for certain users
    and 20k for othe users etc etc), but I have the 54mbit class 1:1
    because I want to have traffic betweeen users on eth1 to be
    unrestricted. Is this a good way of doing it? or is there a better
    way?

    Thanks!

    Regards,
    Tobias

    My whole eth1 section is below (I have removed lots of filters in the
    interrest of length, but you'll get the idea)
    eth1 has multiple ip's as in: 192.168.10.1 and 10.1.0.1

    #eth1
    tc qdisc del dev eth1 root
    tc qdisc add dev eth1 root handle 1: htb default 40
    tc class add dev eth1 parent 1: classid 1:1 htb rate 54mbit ceil
    54mbit burst 15k pri
    o 0
    tc class add dev eth1 parent 1: classid 1:2 htb rate 200kbit ceil
    54mbit burst 6k pri
    o 1

    tc class add dev eth1 parent 1:2 classid 1:10 htb rate 126kbit ceil
    54mbit burst 6kbi
    t prio 0
    tc class add dev eth1 parent 1:2 classid 1:20 htb rate 27kbit ceil
    54mbit burst 3kbit
    prio 1
    tc class add dev eth1 parent 1:2 classid 1:30 htb rate 37kbit ceil
    54mbit burst 3kbit
    prio 2
    tc class add dev eth1 parent 1:2 classid 1:40 htb rate 10kbit ceil
    54mbit burst 1kbit
    prio 3

    tc qdisc add dev eth1 parent 1:1 handle 101: sfq perturb 10

    tc qdisc add dev eth1 parent 1:10 handle 210: sfq perturb 10
    tc qdisc add dev eth1 parent 1:20 handle 220: sfq perturb 10
    tc qdisc add dev eth1 parent 1:30 handle 230: sfq perturb 10
    tc qdisc add dev eth1 parent 1:40 handle 240: sfq perturb 10

    # classid 1:1 (unlimited, from server to behind nat)
    tc filter add dev eth1 parent 1:0 protocol ip u32 match ip src
    192.168.10.0/24 match
    ip dst 192.168.10.0/24 classid 1:1
    tc filter add dev eth1 parent 1:0 protocol ip u32 match ip src
    10.0.0.0/8 match ip ds
    t 10.0.0.0/8 classid 1:1
    tc filter add dev eth1 parent 1:0 protocol ip u32 match ip src
    10.0.0.0/8 match ip ds
    t 192.168.10.0/24 classid 1:1
    tc filter add dev eth1 parent 1:0 protocol ip u32 match ip src
    192.168.10.0/24 match
    ip dst 10.0.0.0/8 classid 1:1

    # classid 1:10
    tc filter add dev eth1 parent 1:0 protocol ip u32 match ip dst
    10.0.0.0/8 classid 1:10
    tc filter add dev eth1 parent 1:0 protocol ip u32 match ip dst
    192.168.31.0/24 classid 1:10
    #etc
    #etc
    ..
    ..
    # classid 1:20
    tc filter add dev eth1 parent 1:0 protocol ip u32 match ip dst
    192.168.10.2 classid 1:20
    tc filter add dev eth1 parent 1:0 protocol ip u32 match ip dst
    192.168.10.20 classid 1:20
    #etc
    #etc
    ..
    ..
    #classid 1:30
    tc filter add dev eth1 parent 1:0 protocol ip u32 match ip dst
    192.168.10.80 classid 1:30
    tc filter add dev eth1 parent 1:0 protocol ip u32 match ip dst
    192.168.10.81 classid 1:30
    #etc
    #etc
    ..
    ..


  2. Re: tc filter question

    Hi again,

    Its been a while and still no responses? does *nobody* know the answer
    to this one?
    Anyway, does someone then know more sources for info on this apart
    from lartc.org? Thanks

    Regards,
    Tobias


+ Reply to Thread