Hi, I'd like to do limit bandwidth on gre tunnel protected with ipsec in transport mode.
I've set single default queue on gre interface, matched everything that goes out to that queue, and finally passed everything out that interface: # SNIP queue mother on gre204 bandwidth 25M min 25M max 25M queue child parent mother bandwidth 25M default ... match out on gre204 inet all set queue child ... pass out on gre 204 inet all ... # SNIP In `systat rules` i see counter for both match and pass rules increasing, but `systat queues` doesn't count anything. What am I doing wrong? Do I need to queue on physical interface? If so, how can I classify different types of traffic to separate queues later on, since tcpdump on physical interface sees only esp traffic? Thank you in advance, -- Before enlightenment - chop wood, draw water. After enlightenment - chop wood, draw water. Marko Cupać https://www.mimar.rs/
