Rate Limit in a Bridge? - Unix

This is a discussion on Rate Limit in a Bridge? - Unix ; Hi all, I have a bridge (br0) and I need to rate the number of packets per second that is forwarded, is there a way to do this? I`m trying with these rules iptables -A FORWARD -m physdev --physdev-in eth0 ...

+ Reply to Thread
Results 1 to 3 of 3

Thread: Rate Limit in a Bridge?

  1. Rate Limit in a Bridge?

    Hi all,

    I have a bridge (br0) and I need to rate the number of packets per
    second that is forwarded, is there a way to do this?

    I`m trying with these rules

    iptables -A FORWARD -m physdev --physdev-in eth0 -m limit --limit 1/
    minute -j ACCEPT
    iptables -A FORWARD -m physdev --physdev-out eth1 -m limit --limit 1/
    minute -j ACCEPT

    and nothing is done.

    So, what can I do to solve this problem?


  2. Re: Rate Limit in a Bridge?

    On Oct 19, 4:47 pm, Fravo wrote:
    > Hi all,
    >
    > I have a bridge (br0) and I need to rate the number of packets per
    > second that is forwarded, is there a way to do this?
    >
    > I`m trying with these rules
    >
    > iptables -A FORWARD -m physdev --physdev-in eth0 -m limit --limit 1/
    > minute -j ACCEPT
    > iptables -A FORWARD -m physdev --physdev-out eth1 -m limit --limit 1/
    > minute -j ACCEPT
    >
    > and nothing is done.
    >
    > So, what can I do to solve this problem?


    Concept of packet is related to layer 3 that is network layer.Bridge
    operate at layer 2.You should use ebtables or Use a simple token
    bucket filter.Rules you mention will not work with bridge.

    Komal


  3. Re: Rate Limit in a Bridge?

    On Oct 24, 4:58 pm, Komal wrote:
    > On Oct 19, 4:47 pm, Fravo wrote:
    >
    > > Hi all,

    >
    > > I have a bridge (br0) and I need to rate the number of packets per
    > > second that is forwarded, is there a way to do this?

    >
    > > I`m trying with these rules

    >
    > > iptables -A FORWARD -m physdev --physdev-in eth0 -m limit --limit 1/
    > > minute -j ACCEPT
    > > iptables -A FORWARD -m physdev --physdev-out eth1 -m limit --limit 1/
    > > minute -j ACCEPT

    >
    > > and nothing is done.

    >
    > > So, what can I do to solve this problem?

    >
    > Concept of packet is related to layer 3 that is network layer.Bridge
    > operate at layer 2.You should use ebtables or Use a simple token
    > bucket filter.Rules you mention will not work with bridge.
    >
    > Komal


    Thanks, but does token bucket filter limit packet rate? I tried with
    ebtables but the result is the same old ****...


+ Reply to Thread