Gentoo Forums
Gentoo Forums
Gentoo Forums
Quick Search: in
Transparent forwarding ?
View unanswered posts
View posts from last 24 hours

 
Reply to topic    Gentoo Forums Forum Index Networking & Security
View previous topic :: View next topic  
Author Message
xanthax
Tux's lil' helper
Tux's lil' helper


Joined: 16 Apr 2004
Posts: 91
Location: Bi Nary State

PostPosted: Fri Mar 26, 2010 10:38 am    Post subject: Transparent forwarding ? Reply with quote

Hi i´m trying to make a little application using a "alix 2d3" - http://www.pcengines.ch/alix2d3.htm to create a unit to emulate different latencys and different bandwidths.


I have gotten so far as to get the bandwidth limiting and latencys simulation command for tc.

Example:
Code:

tc qdisc add dev eth0 root handle 1:0 netem delay 100ms 12msec 25%
tc qdisc add dev eth0 parent 1:1 handle 10: tbf rate 256kbit



But i don´t want to have to route everything between the interfaces, i just want "transparent" forwarding and then limit the latencys and bandwidth on the interfaces.

so now comes the question...
how do get all the traffic on the incomming port forwarded to the other ports without having to use routing ?

if i connect directly to one of the units i´m limiting is ip4_forward enough ?


Suggestion and ideas are welcome :)
_________________
God is only an imaginary friend for adults...
Back to top
View user's profile Send private message
nativemad
Developer
Developer


Joined: 30 Aug 2004
Posts: 911
Location: Switzerland

PostPosted: Fri Mar 26, 2010 2:23 pm    Post subject: Reply with quote

Hi,

i've done something like that with two transparently bridged interfaces.
Unfortunately i don't have access to the config right now. I just remember that i enabled forwarding and didn't assigned any ip's on the bridged nics. I went so far that i made marks with iptables to make graphs about the used ports and so on via cacti.
That way you can hook that box somewhere in (in front of a router or just before a server or something) and don't have to configure anything further... ok, maybe the third nic to access the graphs! ;-)

I hope that helps a bit.

Cheers
_________________
Power to the people!
Back to top
View user's profile Send private message
Hu
Moderator
Moderator


Joined: 06 Mar 2007
Posts: 15991

PostPosted: Sat Mar 27, 2010 2:16 am    Post subject: Reply with quote

Why do you want to avoid routing the traffic?
Back to top
View user's profile Send private message
xanthax
Tux's lil' helper
Tux's lil' helper


Joined: 16 Apr 2004
Posts: 91
Location: Bi Nary State

PostPosted: Sun Mar 28, 2010 5:59 pm    Post subject: Reply with quote

Thanks for the replies :)

nativemad:
It could work but any ideas on how bridged network cards will affect tc ?

Hu:
I don't want to route the traffic because i wanna be able to be "unnoticed" by the two network units.
i will be testing how the units handle low bandwidth and bad latencys...
_________________
God is only an imaginary friend for adults...
Back to top
View user's profile Send private message
Hu
Moderator
Moderator


Joined: 06 Mar 2007
Posts: 15991

PostPosted: Sun Mar 28, 2010 6:58 pm    Post subject: Reply with quote

You can shape bridged traffic. The latency will be about the same whether bridging or routing. If you are shaping to the extent shown in your first post, the artificially created delays will vastly overshadow any performance difference between bridging and routing.
Back to top
View user's profile Send private message
xanthax
Tux's lil' helper
Tux's lil' helper


Joined: 16 Apr 2004
Posts: 91
Location: Bi Nary State

PostPosted: Thu Aug 05, 2010 7:02 pm    Post subject: Reply with quote

oki, i finally got to making the bridge and so but since i need one bridge between eth0 and eth1 and anotherone between eth0 and eth2 and both bridges should be transparent and i need to have ssh on eth0 with a static IP.

so when traffic should look like this...

-in> eth0 -out> eth1&eth2
-in> eth1 -out> eth0
-in> eth2 -out> eth0

Then im gonna use TC on eth1 and eth2

so i get this when trying to make it logically..

Code:

config_eth0=( "192.168.0.110/24" )

config_eth1=( "null" )
config_eth2=( "null" )

bridge_br0="eth0,eth1"
bridge_br1="eth0,eth2"

config_br0=( "null" )
config_br1=( "null" )

rc_need_br0="net.eth0"
rc_need_br1="net.eth0"

routes_eth0=( "default via 192.168.0.1" )


Code:

tc qdisc add dev eth1 root handle 1:0 netem delay 10ms 10msec 25%
tc qdisc add dev eth1 parent 1:1 handle 10: tbf rate 10mbit

tc qdisc add dev eth2 root handle 1:0 netem delay 100ms 10msec 25%
tc qdisc add dev eth2$ parent 1:2 handle 10: tbf rate 1mbit


but as you know the alix dont have any vga out so ssh is pretty much the only way to connect to it so i dont wanna break the config so can anyone verify this i would be very happy :D ?

and thanks again for the previous answers.
//xanthax
_________________
God is only an imaginary friend for adults...
Back to top
View user's profile Send private message
Display posts from previous:   
Reply to topic    Gentoo Forums Forum Index Networking & Security All times are GMT
Page 1 of 1

 
Jump to:  
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum