• Home
  • Line#
  • Scopes#
  • Navigate#
  • Raw
  • Download
1#! /bin/sh -x
2#
3# sample script on using the ingress capabilities
4# This script fwmark tags(IPchains) based on metering on the ingress
5# interface the result is used for fast classification and re-marking
6# on the egress interface
7# This is an example of a color blind mode marker with no PIR configured
8# based on draft-wahjak-mcm-00.txt (section 3.1)
9#
10#path to various utilities;
11#change to reflect yours.
12#
13IPROUTE=/root/DS-6-beta/iproute2-990530-dsing
14TC=$IPROUTE/tc/tc
15IP=$IPROUTE/ip/ip
16IPCHAINS=/root/DS-6-beta/ipchains-1.3.9/ipchains
17INDEV=eth2
18EGDEV="dev eth1"
19CIR1=1500kbit
20CIR2=500kbit
21
22#The CBS is about 60 MTU sized packets
23CBS1=90k
24CBS2=90k
25
26meter1="police rate $CIR1 burst $CBS1 "
27meter1a="police rate $CIR2 burst $CBS1 "
28meter2="police rate $CIR1 burst $CBS2 "
29meter2a="police rate $CIR2 burst $CBS2 "
30meter3="police rate $CIR2 burst $CBS1 "
31meter3a="police rate $CIR2 burst $CBS1 "
32meter4="police rate $CIR2 burst $CBS2 "
33meter5="police rate $CIR1 burst $CBS2 "
34#
35# tag the rest of incoming packets from subnet 10.2.0.0/24 to fw value 1
36# tag all incoming packets from any other subnet to fw tag 2
37############################################################
38$IPCHAINS -A input -i $INDEV -s 0/0 -m 2
39$IPCHAINS -A input -i $INDEV -s 10.2.0.0/24 -m 1
40#
41############################################################
42# install the ingress qdisc on the ingress interface
43$TC qdisc add dev $INDEV handle ffff: ingress
44#
45############################################################
46
47# All packets are marked with a tcindex value which is used on the egress
48# tcindex 1 maps to AF41, 2->AF42, 3->AF43, 4->BE
49#
50############################################################
51#
52# anything with fw tag of 1 is passed on with a tcindex value 1
53#if it doesnt exceed its allocated rate (CIR/CBS)
54#
55$TC filter add dev $INDEV parent ffff: protocol ip prio 1 handle 1 fw \
56$meter1 \
57continue flowid 4:1
58$TC filter add dev $INDEV parent ffff: protocol ip prio 2 handle 1 fw \
59$meter1a \
60continue flowid 4:1
61#
62# if it exceeds the above but not the extra rate/burst below, it gets a
63#tcindex value  of 2
64#
65$TC filter add dev $INDEV parent ffff: protocol ip prio 3 handle 1 fw \
66$meter2 \
67continue flowid 4:2
68$TC filter add dev $INDEV parent ffff: protocol ip prio 4 handle 1 fw \
69$meter2a \
70continue flowid 4:2
71#
72# if it exceeds the above but not the rule below, it gets a tcindex value
73# of 3
74#
75$TC filter add dev $INDEV parent ffff: protocol ip prio 5 handle 1 fw \
76$meter3 \
77continue flowid 4:3
78$TC filter add dev $INDEV parent ffff: protocol ip prio 6 handle 1 fw \
79$meter3a \
80drop flowid 4:3
81#
82# Anything else (not from the subnet 10.2.0.24/24) gets discarded if it
83# exceeds 1Mbps and by default goes to BE if it doesnt
84#
85$TC filter add dev $INDEV parent ffff: protocol ip prio 7 handle 2 fw \
86$meter5 \
87drop flowid 4:4
88
89
90######################## Egress side ########################
91
92
93# attach a dsmarker
94#
95$TC qdisc add $EGDEV handle 1:0 root dsmark indices 64
96#
97# values of the DSCP to change depending on the class
98#note that the ECN bits are masked out
99#
100#AF41 (0x88 is 0x22 shifted to the right by two bits)
101#
102$TC class change $EGDEV classid 1:1 dsmark mask 0x3 \
103       value 0x88
104#AF42
105$TC class change $EGDEV classid 1:2 dsmark mask 0x3 \
106       value 0x90
107#AF43
108$TC class change $EGDEV classid 1:3 dsmark mask 0x3 \
109       value 0x98
110#BE
111$TC class change $EGDEV classid 1:4 dsmark mask 0x3 \
112       value 0x0
113#
114#
115# The class mapping (using tcindex; could easily have
116# replaced it with the fw classifier instead)
117#
118$TC filter add $EGDEV parent 1:0 protocol ip prio 1 \
119          handle 1 tcindex classid 1:1
120$TC filter add $EGDEV parent 1:0 protocol ip prio 1 \
121          handle 2 tcindex  classid 1:2
122$TC filter add $EGDEV parent 1:0 protocol ip prio 1 \
123          handle 3 tcindex  classid 1:3
124$TC filter add $EGDEV parent 1:0 protocol ip prio 1 \
125          handle 4 tcindex  classid 1:4
126#
127
128#
129echo "---- qdisc parameters Ingress  ----------"
130$TC qdisc ls dev $INDEV
131echo "---- Class parameters Ingress  ----------"
132$TC class ls dev $INDEV
133echo "---- filter parameters Ingress ----------"
134$TC filter ls dev $INDEV parent ffff:
135
136echo "---- qdisc parameters Egress  ----------"
137$TC qdisc ls $EGDEV
138echo "---- Class parameters Egress  ----------"
139$TC class ls $EGDEV
140echo "---- filter parameters Egress ----------"
141$TC filter ls $EGDEV parent 1:0
142#
143#deleting the ingress qdisc
144#$TC qdisc del $INDEV ingress
145