0

I use HTB for TC and mark packets with iptables. First I mark a range of IPs (like 192.168.1.0/24). Now I want to apply a htb class to each of these IPs separately. If I add a class and a filter for this mark, this filter applies to all IPs in this range. But I want to apply this class to each of IPs separately. I don't want to mark each of these IPs one by one. I'd be glad if you suggest me another solution. this is my code right now. it applied to all of IPs in range. Not each IP - one by one -in that range.

``` tc class add dev ens37 parent 1:1 classid 1:8 htb rate 1mbit ceil 1mbit
iptables -t mangle -A POSTROUTING -o br0 -d 192.168.1.1/24 -j MARK --set-mark 0x108
tc filter add dev ens37 protocol ip parent 1:0 prio 0 handle 0x108 fw flowid 1:8 ```

but I want each ip in range has 1mbit rate .

amirhossein nasseri
  • 1
  • keyword: hash. looks quite complex. some pointers: https://serverfault.com/questions/705432/is-there-a-way-to-limit-bandwidth-per-ip-using-htb-a-cidr-range-in-linux , https://www.tldp.org/HOWTO/Adv-Routing-HOWTO/lartc.adv-filter.hashing.html, https://brownian.org.ua/?page_id=6&langswitch_lang=en – A.B Mar 30 '20 at 11:25
  • in your suggested link: https://brownian.org.ua/?page_id=6&langswitch_lang=en it uses match for dst IP , but I have packets which marked before, so how can I use: ``` tc filter add dev $DEV parent 1:0 protocol ip prio 100 u32 ht 800:: \ handle 0x108 \ hashkey mask 0x00000700 at 16 link 8: ``` (which 0x108 is my mark number) instead of : ``` tc filter add dev $DEV parent 1:0 protocol ip prio 100 u32 ht 800:: \ match ip dst 192.168.0.0/21 \ hashkey mask 0x00000700 at 16 link 8: ``` – amirhossein nasseri Apr 02 '20 at 16:42
  • Did I say it looked complex? I just put related informations in comments so a motivated person can know where to dig for. I don't feel able to make an answer for this. Too complex to me. – A.B Apr 02 '20 at 16:57

0 Answers0