So, I need to make a QOS iptables rule to set lowest QOS priority for all traffic to a certain IP, a backup service.
So, I use this:
iptables -t mangle -I QOSO 3 -p tcp -d 173.255.4.178 -j RETURN
iptables -t mangle -I QOSO 3 -p tcp -d 173.255.4.178 -j CONNMARK --set-return 0x5/0x7
When I do this, I see no difference. Other machines crawl. An iptables list shows:
3 CONNMARK tcp -- anywhere 173.255.4.178 CONNMARK set-return 0x5/0x7
4 RETURN tcp -- anywhere 173.255.4.178
Now, if I instead make the entire machine lowest priority, I see a vast difference in speed on other machines. An IPtables list shows:
21 CONNMARK tcp -- anywhere anywhere MAC 0C:4D:E9:A1:27:EA CONNMARK set-return 0x5/0x7
22 RETURN tcp -- anywhere anywhere MAC 0C:4D:E9:A1:27:EA
Why would the outbound IP based rule not work? I really don't want the machine as lowest priority as it does many other things, just the backup, which goes to that IP. Wireshark shows it's tcp traffic to the IP, and, the doc for the backup software states the same.
Something must be missing?
So, I use this:
iptables -t mangle -I QOSO 3 -p tcp -d 173.255.4.178 -j RETURN
iptables -t mangle -I QOSO 3 -p tcp -d 173.255.4.178 -j CONNMARK --set-return 0x5/0x7
When I do this, I see no difference. Other machines crawl. An iptables list shows:
3 CONNMARK tcp -- anywhere 173.255.4.178 CONNMARK set-return 0x5/0x7
4 RETURN tcp -- anywhere 173.255.4.178
Now, if I instead make the entire machine lowest priority, I see a vast difference in speed on other machines. An IPtables list shows:
21 CONNMARK tcp -- anywhere anywhere MAC 0C:4D:E9:A1:27:EA CONNMARK set-return 0x5/0x7
22 RETURN tcp -- anywhere anywhere MAC 0C:4D:E9:A1:27:EA
Why would the outbound IP based rule not work? I really don't want the machine as lowest priority as it does many other things, just the backup, which goes to that IP. Wireshark shows it's tcp traffic to the IP, and, the doc for the backup software states the same.
Something must be missing?
