TC not classifying packets correctly based on iptables MARK

Question

I have machineA that is connected to the internet via eth0. MachineB on the other hand is connected to machineA through a mesh and is connected to the internet via machineA. I am trying to give lower priority to the traffic coming from machine B.
Right now, only machineB's upload rate is throttled whenever the two are competing for bandwidth. I suspect the problem is with the filter for ifb0 which I use to shape incoming traffic.
the line: tc filter add dev ifb0 parent 1: prio 1 protocol ip handle 1 fw flowid 1:10doesn't seem to work, all packets goes through the default flow instead of 1:10. I double-checked the iptables and it is marking the packets correctly.
Here's my current script:

#!/bin/sh -x

# Bandwidth of home connection
MAX_BW=10 #in Mbits
MAX_BW_GUEST=10
MIN_GUEST_BW=1 #minimum guaranteed guest bandwidth in Mbits

# Interface facing the Internet
EXTDEV=eth0

# Clear old queuing disciplines (qdisc) on the interfaces and the MANGLE table
tc qdisc del dev $EXTDEV root    2> /dev/null > /dev/null
tc qdisc del dev ifb0 root       2> /dev/null > /dev/null
modprobe ifb
ip link set dev ifb0 down
ip link set dev ifb0 up
iptables -t mangle -F

# appending "stop" (without quotes) after the name of the script stops here.
if [ "$1" = "stop" ]
then
        echo "Traffic shaping stopped."
        exit
fi

#Marking packets that are forwarded
iptables -A FORWARD -t mangle -j MARK --set-mark 1

# Policing incoming traffic using ingress qdisc
tc qdisc add dev eth0 handle ffff: ingress
tc filter add dev eth0 parent ffff: protocol ip u32 match u32 0 0 action mirred egress redirect dev ifb0


# HTB classes on IFB and eth0 with rate limiting
tc qdisc add dev eth0 root handle 1: htb default 20
tc class add dev eth0 parent 1: classid 1:1 htb rate ${MAX_BW}Mbit burst 15k
tc qdisc add dev ifb0 root handle 1: htb default 20
tc class add dev ifb0 parent 1: classid 1:1 htb rate ${MAX_BW}Mbit burst 15k

tc class add dev eth0 parent 1:1 classid 1:10 htb prio 0 rate ${MIN_GUEST_BW}Mbit ceil ${MAX_BW_GUEST}Mbit #class 1:10 for guest
tc class add dev eth0 parent 1:1 classid 1:20 htb prio 2 rate ${MAX_BW}Mbit ceil ${MAX_BW}Mbit #class 1:20 for home owner
tc class add dev ifb0 parent 1:1 classid 1:10 htb prio 0 rate ${MIN_GUEST_BW}Mbit ceil ${MAX_BW_GUEST}Mbit #class 1:10 for guest
tc class add dev ifb0 parent 1:1 classid 1:20 htb prio 2 rate ${MAX_BW}Mbit ceil ${MAX_BW}Mbit #class 1:20 for home owner

tc qdisc add dev eth0 parent 1:10 handle 10: sfq perturb 10
tc qdisc add dev eth0 parent 1:20 handle 20: sfq perturb 10
tc qdisc add dev ifb0 parent 1:10 handle 10: sfq perturb 10
tc qdisc add dev ifb0 parent 1:20 handle 20: sfq perturb 10

# Packets marked with "1" on either eth0 or ifb0 flow through class 1:10, else class 1:20
tc filter add dev eth0 parent 1: prio 1 protocol ip handle 1 fw flowid 1:10
tc filter add dev ifb0 parent 1: prio 1 protocol ip handle 1 fw flowid 1:10

exit 0

TC not classifying packets correctly based on iptables MARK

0 Answers0