> > I have an incoming UDP data stream, source and destination
> IP are consistent
> > within each packet, but I vary the destination port,
> starting at 1024 and
> > counting to 1123. My intent is to mark 50% of the incoming
> packets (those
> > with dports 1024:1073) with one marker, and the other 50%
> (1074:1123) with
> > another marker. The ip util would then be called to create
> two new routing
> > tables, based on these markers, implement the routing
> tables, and finally
> > mplsadm (James Leu) with Steven Van den Berghe's TC
> (diffserv for mpls)
> > patches is called to build two MPLS paths based on the
> contents of the new
> > routing tables.
> I am totaly confused as to what you are trying to do.
> And what is "Steven Van den Berghe's TC"?
Essentially, I am splitting one incoming UDP packet stream into two outbound MPLS streams. The mechanism to split the stream looks at desination ports (using the iptables packet marking facility) and marks packets based on ranges of ports. The ip tool is then used to build routing tables based on those marks, and the (patched) mplsadm (according to my understanding; perhaps my phrasing could be corrected) builds LSPs using those new routing tables as a packet source.
That all works just fine, as long as the mark given by iptables is < 10. If the mark is >= 10, nothing happens. I tried it today with just plain IP routing and the same thing happens.
> > 1. What purpose would a mark on a packet serve? Why would
> people do this?
> to uniquely put an "internal to linux" tag that would be used
> to for some
The original question remains - why? If I know *why* would someone do it, I can perhaps conduct a test using that function/ability to verify whether the mark is being properly placed or not.
> Turn on netfilter debugging.
Just did that, and I see nothing via dmesg or the messages file. The iptables manpage didn't contain a reference to 'debug'. What else do I need to do to see output from netfilter debugging?