Re: bandwidth shaping traffic from/to specific subnet
- From: Andy Furniss <spam@xxxxxxxxxxxxxxxxxxxxxxx>
- Date: Thu, 12 Feb 2009 20:58:39 +0000
Andrew Gideon wrote:
You're suggesting - excluding ifb - I can attack a discipline to eth0 and it would apply to all VLANs on that physical interface? That had not occurred to me as a possibility (rather: I'd just assumed that it wouldn't work).
It is possible, but it may not be the easiest way for you because a quick test I just did means that it looks like you can attach qdiscs to vlans directly.
If this were not the case than what you would have needed to do is filter on the real interface. Most tc examples you see use
tc filter add dev eth0 protocol ip ....
The protocol ip refers to the ethertype protocol number in the eth frame - it is possible to filter types other than ip, protocol all gets everything, others I can think of by name - arp,ipv6,8021q or you can just use the number direct.
So you would use protocol 8021q for vlan. The problem then may be that you have to work out u32 offsets and use hex matches/masks for the parts of the ip packet you want to match - not as easy as letting tc do some of the work for you, but tcpdump -e and a few tests and it should be possible. FWIW using negative offsets in tc lets you match macs and ethertype, I am not sure where the offsets for vlan headers would be.
You need to make sure the prio on tc filters is different for different protocols, or it throws an error.
If I'm grasping it, though, I'll need to direct packets from multiple interfaces into an IFB, do the shaping, and then get the packets out the original interface. I'm still not clear on how that last step works, but I've more to read (and eventually to try).
ifb was created specially to do this sort of thing - so you don't need to worry getting the packets back, it will just happen.
Given that I think you can attach qdiscs to vlans I would use ifb and redirect from the vlans so the traffic going through ifbs is protocol ip.
To get the traffic you need a classful qdisc on the interface you are redirecting from - so just add prio to the vlans in this case as you don't need to do any further shaping when the traffic returns. It is possible to redirect incoming traffic as well by adding the ingress qdisc.
modprobe ifb
will give you two new interfaces ifb0 and ifb1 (use numifbs=x if you need more). ip link ls will show you that the qlen is 32 vs 1000 for eth which is worth remembering if you don't specify lengths on htb leafs.
ip link set ifb0 up
tc qdisc add dev eth0.1 handle 1:0 root prio
tc filter add dev eth0.1 parent 1:0 protocol ip prio 1\
u32 match u32 0 0 classid 1:1 action mirred egress redirect dev ifb0
and so on for the other vlans. The classid set is not seen by the ifb but does get reinstated when the packet returns so it is possible to double shape if you wanted to.
You then just add your tc rules and filters to ifb0 as if it were a normal interface and it should see traffic from all the places you redirected to it from.
.
- Follow-Ups:
- Re: bandwidth shaping traffic from/to specific subnet
- From: Andrew Gideon
- Re: bandwidth shaping traffic from/to specific subnet
- References:
- bandwidth shaping traffic from/to specific subnet
- From: Wolfgang Draxinger
- Re: bandwidth shaping traffic from/to specific subnet
- From: D. Stussy
- Re: bandwidth shaping traffic from/to specific subnet
- From: Andrew Gideon
- Re: bandwidth shaping traffic from/to specific subnet
- From: Andy Furniss
- Re: bandwidth shaping traffic from/to specific subnet
- From: Andrew Gideon
- bandwidth shaping traffic from/to specific subnet
- Prev by Date: Re: command to know current net speed
- Next by Date: Marvell sk98lin driver fix
- Previous by thread: Re: bandwidth shaping traffic from/to specific subnet
- Next by thread: Re: bandwidth shaping traffic from/to specific subnet
- Index(es):
Relevant Pages
|
