[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Edge Router Script



Hello everybody,

	I am having some problems deleting filters in the edge script.

This is the script for an edge router:

/usr/src/iproute2/tc/tc qdisc add dev eth0 handle 1:0 root dsmark indices 64
/usr/src/iproute2/tc/tc filter add dev eth0 parent 1:0 protocol ip prio 4 handle 1: u32 divisor 1
/usr/src/iproute2/tc/tc filter add dev eth0 parent 1:0 protocol ip prio 5 handle 2: u32 divisor 1

#for BE traffic
/usr/src/iproute2/tc/tc class change dev eth0 classid 1:1 dsmark mask 0x3 value 0x00

#When a flow comes in asking from a AF class
/usr/src/iproute2/tc/tc class change dev eth0 classid 1:2 dsmark mask 0x3 value 0x28

#add filters for policing the AF traffic based on src and dst addr and BW
#demanded
/usr/src/iproute2/tc/tc filter add dev eth0 parent 1:0 prio 4 u32 match ip dst 129.237.125.145 match ip src 129.237.125.33 match ip protocol 17 0xff match ip dport 0x1389 0xffff police rate 1Mbit burst 30K continue flowid 1:2

#out of profile packets sent as BE
/usr/src/iproute2/tc/tc filter add dev eth0 parent 1:0 prio 5 u32 match ip dst 129.237.125.145 match ip src 129.237.125.33 match ip protocol 17 0xff match ip dport 0x1389 0xffff flowid 1:1

#When the flow is done I want to delete the associated filters
/usr/src/iproute2/tc/tc filter del dev eth0 parent 1:0 prio 4 u32 match ip dst 129.237.125.145 match ip src 129.237.125.33 match ip protocol 17 0xff match ip dport 0x1389 0xffff police rate 1Mbit burst 30K continue flowid 1:2

/usr/src/iproute2/tc/tc filter del dev eth0 parent 1:0 prio 5 u32 match ip dst 129.237.125.145 match ip src 129.237.125.33 match ip protocol 17 0xff match ip dport 0x1389 0xffff flowid 1:1

The delete commands though very specific (and replicas of the add
command) seem to delete the base filters which is why an RTNETLINK error
appears when I try to add another filter with parent 1:0 when another flow
comes in.	

a tc -s filter show dev eth0 just before the final command shows that the
priority 4 base filter has been deleted and when the last command in the
script to delete the priority 5 filter is also issued, there are no base
filters seen.

filter parent 1: protocol ip pref 5 u32 
filter parent 1: protocol ip pref 5 u32 fh 2: ht divisor 1 
filter parent 1: protocol ip pref 5 u32 fh 801: ht divisor 1 
filter parent 1: protocol ip pref 5 u32 fh 801::800 order 2048 key ht 801
bkt 0 flowid 1:1 
  match 81ed7d91/ffffffff at 16
  match 81ed7d21/ffffffff at 12
  match 00110000/00ff0000 at 8
  match 00001389/0000ffff at 20
filter parent 1: protocol ip pref 5 u32 fh 1: ht divisor 1 

TIA,
-anu.