1#! /bin/sh -x 2# 3# sample script on using the ingress capabilities 4# This script fwmark tags(IPchains) based on metering on the ingress 5# interface the result is used for fast classification and re-marking 6# on the egress interface 7# This is an example of a color blind mode marker with no PIR configured 8# based on draft-wahjak-mcm-00.txt (section 3.1) 9# 10#path to various utilities; 11#change to reflect yours. 12# 13IPROUTE=/root/DS-6-beta/iproute2-990530-dsing 14TC=$IPROUTE/tc/tc 15IP=$IPROUTE/ip/ip 16IPCHAINS=/root/DS-6-beta/ipchains-1.3.9/ipchains 17INDEV=eth2 18EGDEV="dev eth1" 19CIR1=1500kbit 20CIR2=500kbit 21 22#The CBS is about 60 MTU sized packets 23CBS1=90k 24CBS2=90k 25 26meter1="police rate $CIR1 burst $CBS1 " 27meter1a="police rate $CIR2 burst $CBS1 " 28meter2="police rate $CIR1 burst $CBS2 " 29meter2a="police rate $CIR2 burst $CBS2 " 30meter3="police rate $CIR2 burst $CBS1 " 31meter3a="police rate $CIR2 burst $CBS1 " 32meter4="police rate $CIR2 burst $CBS2 " 33meter5="police rate $CIR1 burst $CBS2 " 34# 35# tag the rest of incoming packets from subnet 10.2.0.0/24 to fw value 1 36# tag all incoming packets from any other subnet to fw tag 2 37############################################################ 38$IPCHAINS -A input -i $INDEV -s 0/0 -m 2 39$IPCHAINS -A input -i $INDEV -s 10.2.0.0/24 -m 1 40# 41############################################################ 42# install the ingress qdisc on the ingress interface 43$TC qdisc add dev $INDEV handle ffff: ingress 44# 45############################################################ 46 47# All packets are marked with a tcindex value which is used on the egress 48# tcindex 1 maps to AF41, 2->AF42, 3->AF43, 4->BE 49# 50############################################################ 51# 52# anything with fw tag of 1 is passed on with a tcindex value 1 53#if it doesnt exceed its allocated rate (CIR/CBS) 54# 55$TC filter add dev $INDEV parent ffff: protocol ip prio 1 handle 1 fw \ 56$meter1 \ 57continue flowid 4:1 58$TC filter add dev $INDEV parent ffff: protocol ip prio 2 handle 1 fw \ 59$meter1a \ 60continue flowid 4:1 61# 62# if it exceeds the above but not the extra rate/burst below, it gets a 63#tcindex value of 2 64# 65$TC filter add dev $INDEV parent ffff: protocol ip prio 3 handle 1 fw \ 66$meter2 \ 67continue flowid 4:2 68$TC filter add dev $INDEV parent ffff: protocol ip prio 4 handle 1 fw \ 69$meter2a \ 70continue flowid 4:2 71# 72# if it exceeds the above but not the rule below, it gets a tcindex value 73# of 3 74# 75$TC filter add dev $INDEV parent ffff: protocol ip prio 5 handle 1 fw \ 76$meter3 \ 77continue flowid 4:3 78$TC filter add dev $INDEV parent ffff: protocol ip prio 6 handle 1 fw \ 79$meter3a \ 80drop flowid 4:3 81# 82# Anything else (not from the subnet 10.2.0.24/24) gets discarded if it 83# exceeds 1Mbps and by default goes to BE if it doesnt 84# 85$TC filter add dev $INDEV parent ffff: protocol ip prio 7 handle 2 fw \ 86$meter5 \ 87drop flowid 4:4 88 89 90######################## Egress side ######################## 91 92 93# attach a dsmarker 94# 95$TC qdisc add $EGDEV handle 1:0 root dsmark indices 64 96# 97# values of the DSCP to change depending on the class 98#note that the ECN bits are masked out 99# 100#AF41 (0x88 is 0x22 shifted to the right by two bits) 101# 102$TC class change $EGDEV classid 1:1 dsmark mask 0x3 \ 103 value 0x88 104#AF42 105$TC class change $EGDEV classid 1:2 dsmark mask 0x3 \ 106 value 0x90 107#AF43 108$TC class change $EGDEV classid 1:3 dsmark mask 0x3 \ 109 value 0x98 110#BE 111$TC class change $EGDEV classid 1:4 dsmark mask 0x3 \ 112 value 0x0 113# 114# 115# The class mapping (using tcindex; could easily have 116# replaced it with the fw classifier instead) 117# 118$TC filter add $EGDEV parent 1:0 protocol ip prio 1 \ 119 handle 1 tcindex classid 1:1 120$TC filter add $EGDEV parent 1:0 protocol ip prio 1 \ 121 handle 2 tcindex classid 1:2 122$TC filter add $EGDEV parent 1:0 protocol ip prio 1 \ 123 handle 3 tcindex classid 1:3 124$TC filter add $EGDEV parent 1:0 protocol ip prio 1 \ 125 handle 4 tcindex classid 1:4 126# 127 128# 129echo "---- qdisc parameters Ingress ----------" 130$TC qdisc ls dev $INDEV 131echo "---- Class parameters Ingress ----------" 132$TC class ls dev $INDEV 133echo "---- filter parameters Ingress ----------" 134$TC filter ls dev $INDEV parent ffff: 135 136echo "---- qdisc parameters Egress ----------" 137$TC qdisc ls $EGDEV 138echo "---- Class parameters Egress ----------" 139$TC class ls $EGDEV 140echo "---- filter parameters Egress ----------" 141$TC filter ls $EGDEV parent 1:0 142# 143#deleting the ingress qdisc 144#$TC qdisc del $INDEV ingress 145