Salut,
Stiu ca s-a mai discutat de N-ori , dar nu reusesc sa diferentiez metro de
extern ... Fisierele in cauza arata astfel:
eth0-qos.cfg:
class class_1 {
bandwidth 4096;
limit 4096;
burst 0;
priority 1;
client SERVER {
bandwidth 16;
limit 4096;
burst 0;
priority 1;
src {
xx.xx.xx.1/32;
};
};
client client_1 {
bandwidth 16;
limit 4096;
burst 0;
priority 1;
src {
xx.xx.xx.2/32;
};
};
client client_2 {
bandwidth 16;
limit 4096;
burst 0;
priority 1;
src {
xx.xx.xx.3/32;
};
};
-------------------------------------------------
client client_106 {
bandwidth 256;
limit 512;
burst 0;
priority 1;
src {
xx.xx.xx.230/32;
};
};
};
class default { bandwidth 8; };
eth1-qos.cfg - in loc de SRC am pus DST
in firewall:
# MARK 4 HTB
iptables -t mangle -N mark_horiz_src
iptables -t mangle -N mark_horiz_dst
iptables -t mangle -A PREROUTING -i $EXTIF -j mark_horiz_src
iptables -t mangle -A PREROUTING -i $INTIF -j mark_horiz_dst
iptables -t mangle -A OUTPUT -o $EXTIF -j mark_horiz_dst
-----------------------------------------------------
/usr/sbin/importbgp
unde importbgp este:
rm /var/local/ipclasses.bgp
bgp_file=/var/local/ipclasses.bgp
if wget -q --output-document=$bgp1_file
http://clienti.evolva.ro/subnets.php?net=all ; then
mipclasses -s mark_horiz_src -d mark_horiz_dst -m 1 < $bgp_file |
iptables-restore -n
fi
rezultatul: nu face diferentiere metro/extern ... tot traficul mi-l arunca in
clasa de extern
folosesc: HTB-tools-0.3.0a, iproute2 compilat si copiat tc in /sbin, FC6 cu
kernel 2.6.20 compilat cu suport pt HTB.
Unde gresesc?
Multumesc
---------------------------------
Sucker-punch spam with award-winning protection.
Try the free Yahoo! Mail Beta.
_______________________________________________
RLUG mailing list
[email protected]
http://lists.lug.ro/mailman/listinfo/rlug
