I have a host that have two NICs, so it can be seen as a gateway, and the two network ports bridge. Then I make the two network interfaces' ingress traffic to redirect to an IFB, and then do the flow control of the IFB, but it do not work, why? The two NICs mentioned above one is WAN port, and another is LAN port.They are bridge. My script below:
#!/bin/sh
WAN=eth6
LAN=eth7
ifbdev=ifb0
#enable ifb interface
modprobe ifb numifbs=1
ip link set dev $ifbdev down
#add tc rules for WAN port
tc qdisc del dev $WAN root
tc qdisc del dev $WAN ingress
tc qdisc add dev $WAN ingress handle ffff:
tc filter add dev $WAN parent ffff: protocol ip u32 match u32 0 0 action mirred egress redirect dev $ifbdev
#add tc rules for LAN port
tc qdisc del dev $LAN root
tc qdisc del dev $LAN ingress
tc qdisc add dev $LAN ingress handle ffff:
tc filter add dev $LAN parent ffff: protocol ip u32 match u32 0 0 action mirred egress redirect dev $ifbdev
#add tc rules for IFB virtual interface
ip link set dev $ifbdev up
tc qdisc del dev $ifbdev root
tc qdisc del dev $ifbdev ingress
tc qdisc add dev $ifbdev root handle 3: htb default 30
tc class add dev $ifbdev parent 3: classid 3:3 htb rate 8Mbit
tc class add dev $ifbdev parent 3:3 classid 3:30 htb rate 8Mbit ceil 8Mbit
tc qdisc add dev $ifbdev parent 3:30 handle 330: sfq perturb 10
tc filter add dev $ifbdev parent 3:0 protocol ip u32 match u32 0 0 flowid 3:30
