fabarca
September 12, 2008, 9:34am
1
Hi,
I have this problem:
For VoIP priority reasons, I need to mark the packets that flow in a bridge.
In particular I have to mark the packets with a particular DSCP.
I’ve make this setup:
In the bridge:
use-ip-firewall = yes
In the ip firewall:
0 chain=forward action=mark-connection new-connection-mark=VoIP
1 chain=forward action=mark-packet new-packet-mark=VoIP pck passthrough=no
But doesn’t function…
If I set the Bridge Filters like this:
0 chain=forward out-bridge=bridge2 action=mark-packet new-packet-mark=Users
I’m able to mark (with Users) the packet that flow the bridge, but I’m not able to use that for my purposes…
Please anyone can help me?
Thanks.
sergejs
September 12, 2008, 10:05am
2
Do you want to mark packet that are coming with DSCP=40
fabarca
September 12, 2008, 10:11am
3
Hi Sergejs,
thanks for your replay.
I want mark packet that flow in the bridge with DSCP=40 to put their in a queue with high priority.
sergejs
September 12, 2008, 10:28am
4
Do you have DSCP on this flow, before it’s entering the router ?
fabarca
September 12, 2008, 10:32am
5
Yes,
but for verify the configuration I’ve tried also to mark all packet that flow the bridge (without DSCP=40) , but the problem is that the counter is always 0…is like the rule doesn’t see any packets flowing the bridge…but I’m sure to have traffic.
fabarca
September 12, 2008, 11:01am
6
Please any suggestion? I need very much…thanks…
fabarca
September 16, 2008, 12:31pm
7
It’s impossible that nobody has tried to do shaping with bridge using DSCP…c’mon!!!
Have you tried using prerouting chain ? Forward chain in firewall is habitualy used for routed packets.
sergejs
November 17, 2008, 2:51pm
9
For the bridge and firewall configuration,
set ‘interface bridge settings set use-ip-firewall=yes’.
