Hello everybody,
Before reading is helpful to see the xen networking diagram that I have
attached (virtual network is quite ... strange..)
I have an issue with tc in a domU, which it's role is to be a firewall
of other domU's. Traffic Control seems to work OK, but when data stream
goes from domU ---> Firewall(domU) --> Internet, the rate is always the
double of the rate that I put with tc. On the other site works great.
I use the same tc configuration in other box without Xen and it works
perfectly, so I don't known where is the problem.
In the image attached you can see the diagram of the xen networking that
I'm using to control the traffic of the others domU's.
I'm using xen 3.0.4 on a Debian Etch 64bits. Here I put some useful
information:
The traffic control rules on the firewall (there is a bridge br0 between
eth0 and eth1)
# Traffic control
tc qdisc del dev eth0 parent root
tc qdisc add dev eth0 parent root handle 1:0 htb default 40
tc class add dev eth0 parent 1:0 classid 1:1 htb rate 10mbit
tc class add dev eth0 parent 1:1 classid 1:10 htb rate 512kbit
tc class add dev eth0 parent 1:1 classid 1:20 htb rate 1mbit
tc class add dev eth0 parent 1:1 classid 1:30 htb rate 2mbit
tc class add dev eth0 parent 1:1 classid 1:40 htb rate 5mbit
tc qdisc del dev eth1 parent root
tc qdisc add dev eth1 parent root handle 2:0 htb default 40
tc class add dev eth1 parent 2:0 classid 2:1 htb rate 10mbit
tc class add dev eth1 parent 2:1 classid 2:10 htb rate 512kbit
tc class add dev eth1 parent 2:1 classid 2:20 htb rate 1mbit
tc class add dev eth1 parent 2:1 classid 2:30 htb rate 2mbit
tc class add dev eth1 parent 2:1 classid 2:40 htb rate 5mbit
iptables -t mangle -A POSTROUTING -d 192.168.92.13 -j CLASSIFY
--set-class 2:20
iptables -t mangle -A POSTROUTING -s 192.168.92.13 -j CLASSIFY
--set-class 1:20
firewall:/var/log# ifconfig
br0 Link encap:Ethernet HWaddr 00:16:3E:70:31:01
inet addr:192.168.92.3 Bcast:192.168.92.31 Mask:255.255.255.224
inet6 addr: fe80::216:3eff:fe70:3101/64 Scope:Link
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
RX packets:4820 errors:0 dropped:0 overruns:0 frame:0
TX packets:36 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:0
RX bytes:276583 (270.1 KiB) TX bytes:2094 (2.0 KiB)
eth0 Link encap:Ethernet HWaddr 00:16:3E:70:31:01
inet6 addr: fe80::216:3eff:fe70:3101/64 Scope:Link
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
RX packets:123337 errors:0 dropped:0 overruns:0 frame:0
TX packets:47166 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:1000
RX bytes:139445834 (132.9 MiB) TX bytes:78585033 (74.9 MiB)
eth1 Link encap:Ethernet HWaddr 00:16:3E:70:32:01
inet6 addr: fe80::216:3eff:fe70:3201/64 Scope:Link
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
RX packets:47159 errors:0 dropped:0 overruns:0 frame:0
TX packets:123228 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:1000
RX bytes:78681253 (75.0 MiB) TX bytes:139432565 (132.9 MiB)
--------------------------------------------------------------------------------------------------------------------------------------------------------
domu:~# ifconfig
eth0 Link encap:Ethernet HWaddr 00:16:3E:03:D9:D9
inet addr:192.168.92.13 Bcast:192.168.92.31 Mask:255.255.255.224
inet6 addr: fe80::216:3eff:fe03:d9d9/64 Scope:Link
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
RX packets:119445 errors:0 dropped:0 overruns:0 frame:0
TX packets:47372 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:1000
RX bytes:139161455 (132.7 MiB) TX bytes:78690415 (75.0 MiB)
Excuse my poor english, any help will be very apreciated,
Many thanks,
Marc
_______________________________________________
Xen-users mailing list
Xen-users@xxxxxxxxxxxxxxxxxxx
http://lists.xensource.com/xen-users
| 
Home