netdev
[Top] [All Lists]

Re: Outbound IPIP Tunnel Packets not shaped/policed

To: netdev@xxxxxxxxxxx
Subject: Re: Outbound IPIP Tunnel Packets not shaped/policed
From: Javier Szyszlican <javier@xxxxxxxxx>
Date: Wed, 03 Nov 2004 21:55:03 -0300
Cc: netdev@xxxxxxxxxxx
In-reply-to: <20041104004019.GO19714@xxxxxxxxxxxxxx>
Organization: TIBA
References: <cmbpre$7qr$1@xxxxxxxxxxxxx> <20041104004019.GO19714@xxxxxxxxxxxxxx>
Sender: netdev-bounce@xxxxxxxxxxx
User-agent: Mozilla Thunderbird 0.8 (X11/20040921)

Thomas,

The commands are (Generated via firehol)

Iptables:
-A FORWARD -p 4 -j mark.4
-A OUTPUT -p ipencap -j mark.5

-A mark.4 -j MARK --set-mark 0x1
-A mark.5 -j MARK --set-mark 0x1

And in TC:

tc qdisc add dev ppp0 root handle 2:0 htb default 22
tc class add dev ppp0 parent 2:0 classid 2:1 htb rate 128kbit ceil 128kbit
tc class add dev ppp0 parent 2:1 classid 2:22 htb rate 32kbit ceil 128kbit prio 
10
tc class add dev ppp0 parent 2:1 classid 2:21 htb rate 96kbit ceil 128kbit prio 
1

tc filter add dev ppp0 protocol ip parent 2:0 prio 1 handle 1 fw flowid 2:21

What do you mean by "same device", all this is on my gateway host, that has the pptp connection (ppp0) and over that the IPIP tunnel.

If the IPIP packets geneated by kernel are going to the shaping functions, how is that I don't see them in my tc -s ?

Thanks you very much for helping me.

Javier

Thomas Graf wrote:
* Javier Szyszlican <cmbpre$7qr$1@xxxxxxxxxxxxx> 2004-11-03 20:36

filter parent 2: protocol ip pref 1 fw
filter parent 2: protocol ip pref 1 fw handle 0x1 classid 2:21

Chain OUTPUT (policy ACCEPT 794K packets, 111M bytes)
pkts bytes target prot opt in out source destination 4984 377K mark.4 4 -- * * 0.0.0.0/0 0.0.0.0/0

Chain mark.4 (1 references)
pkts bytes target prot opt in out source destination 4984 377K MARK all -- * * 0.0.0.0/0 0.0.0.0/0 MARK set 0x1


Is this on the same device? I have such a setup in my test suite
and it works fine with the latest bk snapshot. Can you show me
the actual commands you execute?


So, I'm guessing that the IPIP packets generated by the kernel, are not going into the packet scheduling routines/functions.


They surely are.




<Prev in Thread] Current Thread [Next in Thread>