I would like to prioritize certain traffic based on transport protocol and port number. When I use tc filter rules that place the filter on a non-ipsec interface, the prioritization happens. When I change the interface to one that has only ipsec traffic over it, all traffic is then sent from the "everything else" queue. Very simple case: two queues, one gets priority over the other, no bandwidth metering or other complications. I surmised that tc filters don't "see" outgoing packets until after encapsulation, when they are encrypted. Is this correct? What is the preferred way to do this? Use iptables, mark the traffic and use tc rules that choose based on this mark instead?
Thank you. --lyle _______________________________________________ Users mailing list [email protected] https://lists.strongswan.org/mailman/listinfo/users
