Configuração de prioridade estrita por interface usando tc Networking

Question

Configuração de prioridade estrita por interface usando tc Networking

0

Eu quero configurar por prioridade de interface, pois tenho 4 interfaces de LAN para conectar diferentes dispositivos de LAN:

Configuração como abaixo:

Porta WAN - eth0

Porta LAN - ath0, ath1

tc qdisc del dev eth0 root
tc qdisc add dev eth0 root handle 1: prio bands 8 priomap 0 1 2 3 4 5 6 7

tc filter add dev eth0 protocol ip parent 1: prio 1 handle 1 fw flowid 1:1
tc filter add dev eth0 protocol ip parent 1: prio 2 handle 2 fw flowid 1:2
tc filter add dev eth0 protocol ip parent 1: prio 3 handle 3 fw flowid 1:3
tc filter add dev eth0 protocol ip parent 1: prio 4 handle 4 fw flowid 1:4
tc filter add dev eth0 protocol ip parent 1: prio 5 handle 5 fw flowid 1:5
tc filter add dev eth0 protocol ip parent 1: prio 6 handle 6 fw flowid 1:6
tc filter add dev eth0 protocol ip parent 1: prio 7 handle 7 fw flowid 1:7
tc filter add dev eth0 protocol ip parent 1: prio 8 handle 8 fw flowid 1:8

Como a plataforma só pode ser modificada e não pode ser marcada:

//ath0 - upload
 ebtables -D FORWARD -i ath0 -o br0 -j mark --mark-set 1 --mark-target ACCEPT 
 ebtables -A FORWARD -i ath0 -o br0 -j mark --mark-set 1 --mark-target ACCEPT

 //ath0 - download
ebtables -D FORWARD -i br0 -o ath0 -j mark --mark-set 1 --mark-target ACCEPT 
ebtables -A FORWARD -i br0 -o ath0 -j mark --mark-set 1 --mark-target ACCEPT

 //ath1 - upload
 ebtables -D FORWARD -i ath1 -o br0 -j mark --mark-set 2 --mark-target ACCEPT 
 ebtables -A FORWARD -i ath1 -o br0 -j mark --mark-set 2 --mark-target ACCEPT

 //ath1 - download
ebtables -D FORWARD -i br0 -o ath1 -j mark --mark-set 2 --mark-target ACCEPT 
ebtables -A FORWARD -i br0 -o ath1 -j mark --mark-set 2 --mark-target ACCEPT

status diferente Verifica:

verifique a classe:

~ # tc -s -d class show dev eth0
class prio 1:1 parent 1: 
 Sent 278885308 bytes 196045 pkt (dropped 0, overlimits 0 requeues 0) 
 backlog 0b 0p requeues 0 
class prio 1:2 parent 1: 
 Sent 0 bytes 0 pkt (dropped 0, overlimits 0 requeues 0) 
 backlog 0b 0p requeues 0 
class prio 1:3 parent 1: 
 Sent 0 bytes 0 pkt (dropped 0, overlimits 0 requeues 0) 
 backlog 0b 0p requeues 0 
class prio 1:4 parent 1: 
 Sent 0 bytes 0 pkt (dropped 0, overlimits 0 requeues 0) 
 backlog 0b 0p requeues 0 
class prio 1:5 parent 1: 
 Sent 0 bytes 0 pkt (dropped 0, overlimits 0 requeues 0) 
 backlog 0b 0p requeues 0 
class prio 1:6 parent 1: 
 Sent 0 bytes 0 pkt (dropped 0, overlimits 0 requeues 0) 
 backlog 0b 0p requeues 0 
class prio 1:7 parent 1: 
 Sent 0 bytes 0 pkt (dropped 0, overlimits 0 requeues 0) 
 backlog 0b 0p requeues 0 
class prio 1:8 parent 1: 
 Sent 0 bytes 0 pkt (dropped 0, overlimits 0 requeues 0) 
 backlog 0b 0p requeues 0

verificar filtros:

~ # tc -s -d filter show dev eth0
filter parent 1: protocol ip pref 1 fw 
filter parent 1: protocol ip pref 1 fw handle 0x1 classid 1:1 
filter parent 1: protocol ip pref 2 fw 
filter parent 1: protocol ip pref 2 fw handle 0x2 classid 1:2 
filter parent 1: protocol ip pref 3 fw 
filter parent 1: protocol ip pref 3 fw handle 0x3 classid 1:3 
filter parent 1: protocol ip pref 4 fw 
filter parent 1: protocol ip pref 4 fw handle 0x4 classid 1:4 
filter parent 1: protocol ip pref 5 fw 
filter parent 1: protocol ip pref 5 fw handle 0x5 classid 1:5 
filter parent 1: protocol ip pref 6 fw 
filter parent 1: protocol ip pref 6 fw handle 0x6 classid 1:6 
filter parent 1: protocol ip pref 7 fw 
filter parent 1: protocol ip pref 7 fw handle 0x7 classid 1:7 
filter parent 1: protocol ip pref 8 fw 
filter parent 1: protocol ip pref 8 fw handle 0x8 classid 1:8

verifique a configuração do qdisc:

# tc -s -d qdisc show dev eth0
qdisc prio 1: root refcnt 2 bands 8 priomap  0 1 2 3 4 5 6 7 1 1 1 1 1 1 1 1
 Sent 278886988 bytes 196085 pkt (dropped 0, overlimits 0 requeues 0) 
 backlog 0b 0p requeues 0

verifique o ebtable:

~ # ebtables -LV
Bridge table: filter

Bridge chain: INPUT, entries: 0, policy: ACCEPT

Bridge chain: FORWARD, entries: 4, policy: ACCEPT
-i ath0 -o br0 -j mark --mark-set 0x1 --mark-target ACCEPT
-i br0 -o ath0 -j mark --mark-set 0x1 --mark-target ACCEPT
-i ath1 -o br0 -j mark --mark-set 0x2 --mark-target ACCEPT
-i br0 -o ath1 -j mark --mark-set 0x2 --mark-target ACCEPT

Bridge chain: OUTPUT, entries: 0, policy: ACCEPT

Eu tento enviar tráfego em ambas as interfaces e ele passa, mas da contagem de pacotes de verificação de status de classe, parece que apenas a marcação 1 está funcionando:

class prio 1:1 parent 1: 
 Sent 278907565 bytes 196399 pkt (dropped 0, overlimits 0 requeues 0) 
 backlog 0b 0p requeues 0 
class prio 1:2 parent 1: 
 Sent 0 bytes 0 pkt (dropped 0, overlimits 0 requeues 0) 
 backlog 0b 0p requeues 0

Alguém tem alguma ideia do que eu possa estar perdendo? Agradecemos antecipadamente

networking traffic linux traffic-shaping tc

por coder007 18.07.2018 / 09:58

0 respostas

Tags networking traffic linux traffic-shaping tc

Por que preciso citar variável para if, mas não para echo? pegue a entrada de uma variável e armazene-a na mesma variável, mas em um arquivo diff