Traffic Control with tc qdiscs and tc filter on VLAN tagged network
I have a Linux bridge on my network that I have been using for monitoring (ntop and pmacct), and would like to add some traffic control. I developed some scripts for this, which work on a test bed, but the filtering is not working on my live system because all the packets are VLAN tagged.
Here's an example of a u32 filter I am trying to use. This is designed to put ftp (port 21) traffic into flow 1:30:
tc filter add dev eth0 parent 1: protocol ip prio 3 u32 match ip sport 21 0xffff flowid 1:30
Is there anything I can do to make this work with VLAN tagged traffic? Do I need to do some sort of offset for the vlan tag? How? Is there another filter type that works with vlans?
I don't know but one problem might be a bridge works at layer 2 and qos is at layer 3 in the osi model?
Although it can be done somehow: http://www.zeroshell.net/eng/qos/
Well by definition VLAN-tagged traffic should not be visible to any device not a member of that VLAN. Since you're using a bridge instead of a forwarding firewall, your network cards cannot (that I know of) be on the VLAN, and therefor wouldn't be able to inspect the traffic.
|All times are GMT -5. The time now is 02:44 AM.|