Home | History | Annotate | Download | only in diffserv 
      1 #! /bin/sh -x
      2 #
      3 # sample script on using the ingress capabilities
      4 # This script tags the fwmark on the ingress interface using IPchains
      5 # the result is used first for policing on the Ingress interface then
      6 # for fast classification and re-marking
      7 # on the egress interface
      8 #
      9 #path to various utilities;
     10 #change to reflect yours.
     11 #
     12 IPROUTE=/root/DS-6-beta/iproute2-990530-dsing
     13 TC=$IPROUTE/tc/tc
     14 IP=$IPROUTE/ip/ip
     15 IPCHAINS=/root/DS-6-beta/ipchains-1.3.9/ipchains
     16 INDEV=eth2
     17 EGDEV="dev eth1"
     18 #
     19 # tag all incoming packets from host 10.2.0.24 to value 1
     20 # tag all incoming packets from host 10.2.0.3 to value 2
     21 # tag the rest of incoming packets from subnet 10.2.0.0/24 to value 3
     22 #These values are used in the egress
     23 ############################################################ 
     24 $IPCHAINS -A input -s 10.2.0.0/24 -m 3
     25 $IPCHAINS -A input -i $INDEV -s 10.2.0.24 -m 1
     26 $IPCHAINS -A input -i $INDEV -s 10.2.0.3 -m 2
     27 ############################################################ 
     28 #
     29 # install the ingress qdisc on the ingress interface
     30 ############################################################ 
     31 $TC qdisc add dev $INDEV handle ffff: ingress
     32 ############################################################ 
     33 
     34 #
     35 # attach a fw classifier to the ingress which polices anything marked
     36 # by ipchains to tag value 3 (The rest of the subnet packets -- not
     37 # tag 1 or 2) to not go beyond 1.5Mbps
     38 # Allow up to at least 60 packets to burst (assuming maximum packet 
     39 # size of # 1.5 KB) in the long run and upto about 6 packets in the
     40 # shot run
     41 
     42 ############################################################ 
     43 $TC filter add dev $INDEV parent ffff: protocol ip prio 50 handle 3 fw \
     44 police rate 1500kbit burst 90k mtu 9k drop flowid :1
     45 ############################################################ 
     46 
     47 ######################## Egress side ########################
     48 
     49 
     50 # attach a dsmarker
     51 #
     52 $TC qdisc add $EGDEV handle 1:0 root dsmark indices 64
     53 #
     54 # values of the DSCP to change depending on the class
     55 #
     56 $TC class change $EGDEV classid 1:1 dsmark mask 0x3 \
     57        value 0xb8
     58 $TC class change $EGDEV classid 1:2 dsmark mask 0x3 \
     59        value 0x28
     60 $TC class change $EGDEV classid 1:3 dsmark mask 0x3 \
     61        value 0x48
     62 #
     63 #
     64 # The class mapping
     65 #
     66 $TC filter add $EGDEV parent 1:0 protocol ip prio 4 handle 1 fw classid 1:1
     67 $TC filter add $EGDEV parent 1:0 protocol ip prio 4 handle 2 fw classid 1:2
     68 $TC filter add $EGDEV parent 1:0 protocol ip prio 4 handle 3 fw classid 1:3
     69 #
     70 
     71 #
     72 echo "---- qdisc parameters Ingress  ----------"
     73 $TC qdisc ls dev $INDEV
     74 echo "---- Class parameters Ingress  ----------"
     75 $TC class ls dev $INDEV
     76 echo "---- filter parameters Ingress ----------"
     77 $TC filter ls dev $INDEV parent ffff:
     78 
     79 echo "---- qdisc parameters Egress  ----------"
     80 $TC qdisc ls $EGDEV
     81 echo "---- Class parameters Egress  ----------"
     82 $TC class ls $EGDEV
     83 echo "---- filter parameters Egress ----------"
     84 $TC filter ls $EGDEV parent 1:0
     85 #
     86 #deleting the ingress qdisc
     87 #$TC qdisc del $DEV ingress
     88