old-www/HOWTO/Adv-Routing-HOWTO/index.html

<HTML
><HEAD
><TITLE
>Linux Advanced Routing &#38; Traffic Control HOWTO</TITLE
><META
NAME="GENERATOR"
CONTENT="Modular DocBook HTML Stylesheet Version 1.7"><LINK
REL="NEXT"
TITLE="Dedication"
HREF="lartc.dedication.html"></HEAD
><BODY
CLASS="BOOK"
BGCOLOR="#FFFFFF"
TEXT="#000000"
LINK="#0000FF"
VLINK="#840084"
ALINK="#0000FF"
><DIV
CLASS="BOOK"
><A
NAME="LARTC"
></A
><DIV
CLASS="TITLEPAGE"
><H1
CLASS="TITLE"
><A
NAME="AEN2"
></A
>Linux Advanced Routing &#38; Traffic Control HOWTO</H1
><H3
CLASS="AUTHOR"
><A
NAME="AEN5"
></A
>Bert Hubert</H3
><DIV
CLASS="AFFILIATION"
><SPAN
CLASS="ORGNAME"
>Netherlabs BV<BR></SPAN
><DIV
CLASS="ADDRESS"
><P
CLASS="ADDRESS"
><TT
CLASS="EMAIL"
>&#60;<A
HREF="mailto:bert.hubert@netherlabs.nl"
>bert.hubert@netherlabs.nl</A
>&#62;</TT
></P
></DIV
></DIV
><SPAN
CLASS="COLLAB"
><SPAN
CLASS="COLLABNAME"
>Gregory Maxwell</SPAN
><DIV
CLASS="AFFILIATION"
><DIV
CLASS="ADDRESS"
><P
CLASS="ADDRESS"
><TT
CLASS="EMAIL"
>&#60;<A
HREF="mailto:greg@linuxpower.cx"
>greg@linuxpower.cx</A
>&#62;</TT
></P
></DIV
></DIV
><BR></SPAN
><SPAN
CLASS="COLLAB"
><SPAN
CLASS="COLLABNAME"
>Remco van Mook</SPAN
><DIV
CLASS="AFFILIATION"
><DIV
CLASS="ADDRESS"
><P
CLASS="ADDRESS"
><TT
CLASS="EMAIL"
>&#60;<A
HREF="mailto:remco@virtu.nl"
>remco@virtu.nl</A
>&#62;</TT
></P
></DIV
></DIV
><BR></SPAN
><SPAN
CLASS="COLLAB"
><SPAN
CLASS="COLLABNAME"
>Martijn van Oosterhout</SPAN
><DIV
CLASS="AFFILIATION"
><DIV
CLASS="ADDRESS"
><P
CLASS="ADDRESS"
><TT
CLASS="EMAIL"
>&#60;<A
HREF="mailto:kleptog@cupid.suninternet.com"
>kleptog@cupid.suninternet.com</A
>&#62;</TT
></P
></DIV
></DIV
><BR></SPAN
><SPAN
CLASS="COLLAB"
><SPAN
CLASS="COLLABNAME"
>Paul B Schroeder</SPAN
><DIV
CLASS="AFFILIATION"
><DIV
CLASS="ADDRESS"
><P
CLASS="ADDRESS"
><TT
CLASS="EMAIL"
>&#60;<A
HREF="mailto:paulsch@us.ibm.com"
>paulsch@us.ibm.com</A
>&#62;</TT
></P
></DIV
></DIV
><BR></SPAN
><SPAN
CLASS="COLLAB"
><SPAN
CLASS="COLLABNAME"
>Jasper Spaans</SPAN
><DIV
CLASS="AFFILIATION"
><DIV
CLASS="ADDRESS"
><P
CLASS="ADDRESS"
><TT
CLASS="EMAIL"
>&#60;<A
HREF="mailto:jasper@spaans.ds9a.nl"
>jasper@spaans.ds9a.nl</A
>&#62;</TT
></P
></DIV
></DIV
><BR></SPAN
><DIV
CLASS="REVHISTORY"
><TABLE
WIDTH="100%"
BORDER="0"
><TR
><TH
ALIGN="LEFT"
VALIGN="TOP"
COLSPAN="3"
><B
>Revision History</B
></TH
></TR
><TR
><TD
ALIGN="LEFT"
>Revision 1.1</TD
><TD
ALIGN="LEFT"
>2002-07-22</TD
><TD
ALIGN="LEFT"
></TD
></TR
><TR
><TD
ALIGN="LEFT"
COLSPAN="3"
>DocBook Edition</TD
></TR
></TABLE
></DIV
><DIV
><DIV
CLASS="ABSTRACT"
><A
NAME="AEN42"
></A
><P
></P
><P
>A very hands-on approach to <SPAN
CLASS="APPLICATION"
>iproute2</SPAN
>,
     traffic shaping and a bit of <SPAN
CLASS="APPLICATION"
>netfilter</SPAN
>.
     </P
><P
></P
></DIV
></DIV
><HR></DIV
><DIV
CLASS="TOC"
><DL
><DT
><B
>Table of Contents</B
></DT
><DT
>1. <A
HREF="lartc.dedication.html"
>Dedication</A
></DT
><DT
>2. <A
HREF="lartc.intro.html"
>Introduction</A
></DT
><DD
><DL
><DT
>2.1. <A
HREF="lartc.intro.disclaimer.html"
>Disclaimer &#38; License</A
></DT
><DT
>2.2. <A
HREF="lartc.intro.prior.html"
>Prior knowledge</A
></DT
><DT
>2.3. <A
HREF="lartc.intro.linux.html"
>What Linux can do for you</A
></DT
><DT
>2.4. <A
HREF="lartc.intro.houskeeping.html"
>Housekeeping notes</A
></DT
><DT
>2.5. <A
HREF="lartc.intro.cvs.html"
>Access, CVS &#38; submitting updates</A
></DT
><DT
>2.6. <A
HREF="lartc.intro.mlist.html"
>Mailing list</A
></DT
><DT
>2.7. <A
HREF="lartc.intro.layout.html"
>Layout of this document</A
></DT
></DL
></DD
><DT
>3. <A
HREF="lartc.iproute2.html"
>Introduction to iproute2</A
></DT
><DD
><DL
><DT
>3.1. <A
HREF="lartc.iproute2.why.html"
>Why iproute2?</A
></DT
><DT
>3.2. <A
HREF="lartc.iproute2.tour.html"
>iproute2 tour</A
></DT
><DT
>3.3. <A
HREF="lartc.iproute2.package.html"
>Prerequisites</A
></DT
><DT
>3.4. <A
HREF="lartc.iproute2.explore.html"
>Exploring your current configuration</A
></DT
><DT
>3.5. <A
HREF="lartc.iproute2.arp.html"
>ARP</A
></DT
></DL
></DD
><DT
>4. <A
HREF="lartc.rpdb.html"
>Rules - routing policy database</A
></DT
><DD
><DL
><DT
>4.1. <A
HREF="lartc.rpdb.simple.html"
>Simple source policy routing</A
></DT
><DT
>4.2. <A
HREF="lartc.rpdb.multiple-links.html"
>Routing for multiple uplinks/providers</A
></DT
></DL
></DD
><DT
>5. <A
HREF="lartc.tunnel.html"
>GRE and other tunnels</A
></DT
><DD
><DL
><DT
>5.1. <A
HREF="lartc.tunnel.remarks.html"
>A few general remarks about tunnels:</A
></DT
><DT
>5.2. <A
HREF="lartc.tunnel.ip-ip.html"
>IP in IP tunneling</A
></DT
><DT
>5.3. <A
HREF="lartc.tunnel.gre.html"
>GRE tunneling</A
></DT
><DT
>5.4. <A
HREF="lartc.tunnel.userland.html"
>Userland tunnels</A
></DT
></DL
></DD
><DT
>6. <A
HREF="lartc.ipv6-tunnel.html"
>IPv6 tunneling with Cisco and/or 6bone</A
></DT
><DD
><DL
><DT
>6.1. <A
HREF="lartc.tunnel-ipv6.addressing.html"
>IPv6 Tunneling</A
></DT
></DL
></DD
><DT
>7. <A
HREF="lartc.ipsec.html"
>IPsec: secure IP over the Internet</A
></DT
><DT
>8. <A
HREF="lartc.multicast.html"
>Multicast routing</A
></DT
><DT
>9. <A
HREF="lartc.qdisc.html"
>Queueing Disciplines for Bandwidth Management</A
></DT
><DD
><DL
><DT
>9.1. <A
HREF="lartc.qdisc.explain.html"
>Queues and Queueing Disciplines explained</A
></DT
><DT
>9.2. <A
HREF="lartc.qdisc.classless.html"
>Simple, classless Queueing Disciplines</A
></DT
><DT
>9.3. <A
HREF="lartc.qdisc.advice.html"
>Advice for when to use which queue</A
></DT
><DT
>9.4. <A
HREF="lartc.qdisc.terminology.html"
>Terminology</A
></DT
><DT
>9.5. <A
HREF="lartc.qdisc.classful.html"
>Classful Queueing Disciplines</A
></DT
><DT
>9.6. <A
HREF="lartc.qdisc.filters.html"
>Classifying packets with filters</A
></DT
><DT
>9.7. <A
HREF="lartc.imq.html"
>The Intermediate queueing device (IMQ)</A
></DT
></DL
></DD
><DT
>10. <A
HREF="lartc.loadshare.html"
>Load sharing over multiple interfaces</A
></DT
><DD
><DL
><DT
>10.1. <A
HREF="lartc.loadshare.caveats.html"
>Caveats</A
></DT
><DT
>10.2. <A
HREF="lartc.loadshare.other.html"
>Other possibilities</A
></DT
></DL
></DD
><DT
>11. <A
HREF="lartc.netfilter.html"
>Netfilter &#38; iproute - marking packets</A
></DT
><DT
>12. <A
HREF="lartc.adv-filter.html"
>Advanced filters for (re-)classifying packets</A
></DT
><DD
><DL
><DT
>12.1. <A
HREF="lartc.adv-filter.u32.html"
>The <TT
CLASS="OPTION"
>u32</TT
> classifier</A
></DT
><DT
>12.2. <A
HREF="lartc.adv-filter.route.html"
>The <TT
CLASS="OPTION"
>route</TT
> classifier</A
></DT
><DT
>12.3. <A
HREF="lartc.adv-filter.policing.html"
>Policing filters</A
></DT
><DT
>12.4. <A
HREF="lartc.adv-filter.hashing.html"
>Hashing filters for very fast massive filtering</A
></DT
></DL
></DD
><DT
>13. <A
HREF="lartc.kernel.html"
>Kernel network parameters</A
></DT
><DD
><DL
><DT
>13.1. <A
HREF="lartc.kernel.rpf.html"
>Reverse Path Filtering</A
></DT
><DT
>13.2. <A
HREF="lartc.kernel.obscure.html"
>Obscure settings</A
></DT
></DL
></DD
><DT
>14. <A
HREF="lartc.adv-qdisc.html"
>Advanced &#38; less common queueing disciplines</A
></DT
><DD
><DL
><DT
>14.1. <A
HREF="lartc.adv-qdisc.bfifo-pfifo.html"
><TT
CLASS="LITERAL"
>bfifo</TT
>/<TT
CLASS="LITERAL"
>pfifo</TT
></A
></DT
><DT
>14.2. <A
HREF="lartc.adv-qdisc.csz.html"
>Clark-Shenker-Zhang algorithm (CSZ)</A
></DT
><DT
>14.3. <A
HREF="lartc.adv-qdisc.dsmark.html"
>DSMARK</A
></DT
><DT
>14.4. <A
HREF="lartc.adv-qdisc.ingress.html"
>Ingress qdisc</A
></DT
><DT
>14.5. <A
HREF="lartc.adv-qdisc.red.html"
>Random Early Detection (RED)</A
></DT
><DT
>14.6. <A
HREF="lartc.adv-qdisc.gred.html"
>Generic Random Early Detection</A
></DT
><DT
>14.7. <A
HREF="lartc.adv-qdisc.vc-atm.html"
>VC/ATM emulation</A
></DT
><DT
>14.8. <A
HREF="lartc.adv-qdisc.wrr.html"
>Weighted Round Robin (WRR)</A
></DT
></DL
></DD
><DT
>15. <A
HREF="lartc.cookbook.html"
>Cookbook</A
></DT
><DD
><DL
><DT
>15.1. <A
HREF="lartc.cookbook.sla.html"
>Running multiple sites with different SLAs</A
></DT
><DT
>15.2. <A
HREF="lartc.cookbook.synflood-protect.html"
>Protecting your host from SYN floods</A
></DT
><DT
>15.3. <A
HREF="lartc.cookbook.icmp-ratelimit.html"
>Rate limit ICMP to prevent dDoS</A
></DT
><DT
>15.4. <A
HREF="lartc.cookbook.interactive-prio.html"
>Prioritizing interactive traffic</A
></DT
><DT
>15.5. <A
HREF="lartc.cookbook.squid.html"
>Transparent web-caching using <SPAN
CLASS="APPLICATION"
>netfilter</SPAN
>,
  <SPAN
CLASS="APPLICATION"
>iproute2</SPAN
>, <SPAN
CLASS="APPLICATION"
>ipchains</SPAN
> and 
  <SPAN
CLASS="APPLICATION"
>squid</SPAN
></A
></DT
><DT
>15.6. <A
HREF="lartc.cookbook.mtu-discovery.html"
>Circumventing Path MTU Discovery issues with per route MTU settings</A
></DT
><DT
>15.7. <A
HREF="lartc.cookbook.mtu-mss.html"
>Circumventing Path MTU Discovery issues with MSS Clamping
  (for ADSL, cable, PPPoE &#38; PPtP users)</A
></DT
><DT
>15.8. <A
HREF="lartc.cookbook.ultimate-tc.html"
>The Ultimate Traffic Conditioner: Low Latency, Fast Up &#38; Downloads</A
></DT
><DT
>15.9. <A
HREF="lartc.ratelimit.single.html"
>Rate limiting a single host or netmask</A
></DT
></DL
></DD
><DT
>16. <A
HREF="lartc.bridging.html"
>Building bridges, and pseudo-bridges with Proxy ARP</A
></DT
><DD
><DL
><DT
>16.1. <A
HREF="lartc.bridging.iptables.html"
>State of bridging and iptables</A
></DT
><DT
>16.2. <A
HREF="lartc.bridging.shaping.html"
>Bridging and shaping</A
></DT
><DT
>16.3. <A
HREF="lartc.bridging.proxy-arp.html"
>Pseudo-bridges with Proxy-ARP</A
></DT
></DL
></DD
><DT
>17. <A
HREF="lartc.dynamic-routing.html"
>Dynamic routing - OSPF and BGP</A
></DT
><DT
>18. <A
HREF="lartc.other.html"
>Other possibilities</A
></DT
><DT
>19. <A
HREF="lartc.further.html"
>Further reading</A
></DT
><DT
>20. <A
HREF="lartc.ack.html"
>Acknowledgements</A
></DT
></DL
></DIV
></DIV
><DIV
CLASS="NAVFOOTER"
><HR
ALIGN="LEFT"
WIDTH="100%"><TABLE
SUMMARY="Footer navigation table"
WIDTH="100%"
BORDER="0"
CELLPADDING="0"
CELLSPACING="0"
><TR
><TD
WIDTH="33%"
ALIGN="left"
VALIGN="top"
>&nbsp;</TD
><TD
WIDTH="34%"
ALIGN="center"
VALIGN="top"
>&nbsp;</TD
><TD
WIDTH="33%"
ALIGN="right"
VALIGN="top"
><A
HREF="lartc.dedication.html"
ACCESSKEY="N"
>Next</A
></TD
></TR
><TR
><TD
WIDTH="33%"
ALIGN="left"
VALIGN="top"
>&nbsp;</TD
><TD
WIDTH="34%"
ALIGN="center"
VALIGN="top"
>&nbsp;</TD
><TD
WIDTH="33%"
ALIGN="right"
VALIGN="top"
>Dedication</TD
></TR
></TABLE
></DIV
></BODY
></HTML
>