jar3817
asked on
LARTC - load balancing / routing by bandwidth
I'm trying to find out if it's possible to route based on current bandwidth consumption. I have a linux router connected to three networks:
- internal lan (eth1)
- 4mb/512kb cable connection (eth2)
- 3mb/3mb dual T1 connection (eth3).
Currently all unmarked traffic gets NAT'd and goes out eth2 (cable). I can mark traffic with iptables and force it to get NAT'd and go out eth3 (T1s). I also have a public /27 that gets routed directly out eth3 (T1s).
I just started messing around with TC to shape the outgoing bandwidth on eth2 (cable) since it has such little outgoing bandwidth. I'd like to be able to force all (NAT'd) traffic out eth2 (cable) until that link is maxed out and then let addition connections go out eth3 (T1s).
I'm aware I can load balance with iproute2 based on a weight, but I'd rather let the cable connection get consumed first and leave the T1s open for our server traffic.
Does anyone know if this is possible?
I've read the incredibly confusing howto docs on lartc.org and in the section on ingress policing they talk about overlimits, which is in the right neighborhood: http://lartc.org/howto/lartc.adv-filter.policing.html
I guess my real question is, is it possible to mark traffic using the TC commmand like I can with iproute2? Or can I send packets that come in on one interface to a TC qdisc on another interface?
- internal lan (eth1)
- 4mb/512kb cable connection (eth2)
- 3mb/3mb dual T1 connection (eth3).
Currently all unmarked traffic gets NAT'd and goes out eth2 (cable). I can mark traffic with iptables and force it to get NAT'd and go out eth3 (T1s). I also have a public /27 that gets routed directly out eth3 (T1s).
I just started messing around with TC to shape the outgoing bandwidth on eth2 (cable) since it has such little outgoing bandwidth. I'd like to be able to force all (NAT'd) traffic out eth2 (cable) until that link is maxed out and then let addition connections go out eth3 (T1s).
I'm aware I can load balance with iproute2 based on a weight, but I'd rather let the cable connection get consumed first and leave the T1s open for our server traffic.
Does anyone know if this is possible?
I've read the incredibly confusing howto docs on lartc.org and in the section on ingress policing they talk about overlimits, which is in the right neighborhood: http://lartc.org/howto/lartc.adv-filter.policing.html
I guess my real question is, is it possible to mark traffic using the TC commmand like I can with iproute2? Or can I send packets that come in on one interface to a TC qdisc on another interface?
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER
Not really what I was looking for, but good enough, thanks!
Thank you for points.
Really this problem is not easy. You are trying to apply some rule to every one packet where the packet itself doesn't play any role for the decision. Also there are no internal kernel structures for the rule 'condition', so some external process is required.
Really this problem is not easy. You are trying to apply some rule to every one packet where the packet itself doesn't play any role for the decision. Also there are no internal kernel structures for the rule 'condition', so some external process is required.
ASKER
Yeah, it's kind of a weird situation. This is an old machine that is in use 24/7 so maybe I'll look harder into when it's time to update this machine.
Thanks for the input!
Thanks for the input!
http://netfilter.org/documentation/HOWTO//netfilter-extensions-HOWTO-3.html#ss3.4
also non-standard, I'm not sure even that it is still supported, but you may try :-)