LinuxQuestions.org

LinuxQuestions.org (/questions/)
-   Linux - Networking (http://www.linuxquestions.org/questions/linux-networking-3/)
-   -   Traffic Control with tc qdiscs and tc filter on VLAN tagged network (http://www.linuxquestions.org/questions/linux-networking-3/traffic-control-with-tc-qdiscs-and-tc-filter-on-vlan-tagged-network-678391/)

amandler 10-22-2008 03:31 PM

Traffic Control with tc qdiscs and tc filter on VLAN tagged network
 
I have a Linux bridge on my network that I have been using for monitoring (ntop and pmacct), and would like to add some traffic control. I developed some scripts for this, which work on a test bed, but the filtering is not working on my live system because all the packets are VLAN tagged.

Here's an example of a u32 filter I am trying to use. This is designed to put ftp (port 21) traffic into flow 1:30:

tc filter add dev eth0 parent 1: protocol ip prio 3 u32 match ip sport 21 0xffff flowid 1:30

Is there anything I can do to make this work with VLAN tagged traffic? Do I need to do some sort of offset for the vlan tag? How? Is there another filter type that works with vlans?

Many thanks,
Art

esaym 10-23-2008 10:42 AM

I don't know but one problem might be a bridge works at layer 2 and qos is at layer 3 in the osi model?

Although it can be done somehow: http://www.zeroshell.net/eng/qos/

chort 10-23-2008 11:02 AM

Well by definition VLAN-tagged traffic should not be visible to any device not a member of that VLAN. Since you're using a bridge instead of a forwarding firewall, your network cards cannot (that I know of) be on the VLAN, and therefor wouldn't be able to inspect the traffic.


All times are GMT -5. The time now is 01:01 PM.