Find the answer to your Linux question:
Results 1 to 2 of 2
I've been trying to get the Linux advanced router features to work for traffic shaping for the last few days, and I haven't gotten very far with it. This is ...
Enjoy an ad free experience by logging in. Not a member yet? Register.
  1. #1
    Just Joined!
    Join Date
    Sep 2003
    Posts
    46

    RTNETLINK answers: Invalid argument


    I've been trying to get the Linux advanced router features to work for traffic shaping for the last few days, and I haven't gotten very far with it.

    This is on my Firewall/IDS box, running Gentoo with Kernel "linux-2.6.9-gentoo-r13". I do have the iproute2 package installed.

    Here's an example:

    Code:
    % ip rule show
    RTNETLINK answers: Invalid argument
    Dump terminated
    Trying to run wondershaper:
    Code:
    + DOWNLINK=800
    + UPLINK=220
    + DEV=eth1
    + NOPRIOHOSTSRC=80
    + NOPRIOHOSTDST=
    + NOPRIOPORTSRC=
    + NOPRIOPORTDST=
    + '[' '' = status ']'
    + tc qdisc del dev eth1 root
    + tc qdisc del dev eth1 ingress
    + '[' '' = stop ']'
    + tc qdisc add dev eth1 root handle 1: cbq avpkt 1000 bandwidth 10mbit
    RTNETLINK answers: Invalid argument
    + tc class add dev eth1 parent 1: classid 1:1 cbq rate 220kbit allot 1500 prio 5 bounded i
     *solated
    RTNETLINK answers: Invalid argument
    + tc class add dev eth1 parent 1:1 classid 1:10 cbq rate 220kbit allot 1600 prio 1 avpkt 1
     *000
    RTNETLINK answers: Invalid argument
    + tc class add dev eth1 parent 1:1 classid 1:20 cbq rate 198kbit allot 1600 prio 2 avpkt 1
     *000
    RTNETLINK answers: Invalid argument
    + tc class add dev eth1 parent 1:1 classid 1:30 cbq rate 176kbit allot 1600 prio 2 avpkt 1
     *000
    RTNETLINK answers: Invalid argument
    + tc qdisc add dev eth1 parent 1:10 handle 10: sfq perturb 10
    RTNETLINK answers: Invalid argument
    + tc qdisc add dev eth1 parent 1:20 handle 20: sfq perturb 10
    RTNETLINK answers: Invalid argument
    + tc qdisc add dev eth1 parent 1:30 handle 30: sfq perturb 10
    RTNETLINK answers: Invalid argument
    + tc filter add dev eth1 parent 1:0 protocol ip prio 10 u32 match ip tos 0x10 0xff flowid 
     *1:10
    RTNETLINK answers: Invalid argument
    We have an error talking to the kernel
    + tc filter add dev eth1 parent 1:0 protocol ip prio 11 u32 match ip protocol 1 0xff flowi
     *d 1:10
    RTNETLINK answers: Invalid argument
    We have an error talking to the kernel
    + tc filter add dev eth1 parent 1: protocol ip prio 12 u32 match ip protocol 6 0xff match 
     *u8 0x05 0x0f at 0 match u16 0x0000 0xffc0 at 2 flowid 1:10
    RTNETLINK answers: Invalid argument
    We have an error talking to the kernel
    + tc filter add dev eth1 parent 1: protocol ip prio 16 u32 match ip src 80 flowid 1:30
    RTNETLINK answers: Invalid argument
    We have an error talking to the kernel
    + tc filter add dev eth1 parent 1: protocol ip prio 18 u32 match ip dst 0.0.0.0/0 flowid 1
     *:20
    RTNETLINK answers: Invalid argument
    We have an error talking to the kernel
    + tc qdisc add dev eth1 handle ffff: ingress
    RTNETLINK answers: Invalid argument
    + tc filter add dev eth1 parent ffff: protocol ip prio 50 u32 match ip src 0.0.0.0/0 polic
     *e rate 800kbit burst 10k drop flowid :1
    RTNETLINK answers: Invalid argument
    We have an error talking to the kernel
    
    (*) WARNING 9 long line(s) split
    After searching google for a while, everything seems to say that I don't have enough features enabled in the kernel. Unfortunately, I've enabled pretty much everything I can find that might need to be enabled.

    Any ideas? Here are some relevant sections of the current .config for the kernel:

    Code:
    #
    # Networking options
    #
    CONFIG_PACKET=y
    # CONFIG_PACKET_MMAP is not set
    CONFIG_NETLINK_DEV=y
    CONFIG_UNIX=y
    # CONFIG_NET_KEY is not set
    CONFIG_INET=y
    # CONFIG_IP_MULTICAST is not set
    CONFIG_IP_ADVANCED_ROUTER=y
    CONFIG_IP_MULTIPLE_TABLES=y
    CONFIG_IP_ROUTE_FWMARK=y
    # CONFIG_IP_ROUTE_MULTIPATH is not set
    CONFIG_IP_ROUTE_VERBOSE=y
    # CONFIG_IP_PNP is not set
    # CONFIG_NET_IPIP is not set
    # CONFIG_NET_IPGRE is not set
    # CONFIG_ARPD is not set
    CONFIG_SYN_COOKIES=y
    # CONFIG_INET_AH is not set
    # CONFIG_INET_ESP is not set
    # CONFIG_INET_IPCOMP is not set
    # CONFIG_INET_TUNNEL is not set
    # IP: Netfilter Configuration
    #
    CONFIG_IP_NF_CONNTRACK=y
    CONFIG_IP_NF_CT_ACCT=y
    # CONFIG_IP_NF_CT_PROTO_SCTP is not set
    CONFIG_IP_NF_FTP=y
    CONFIG_IP_NF_IRC=y
    CONFIG_IP_NF_TFTP=y
    CONFIG_IP_NF_AMANDA=y
    CONFIG_IP_NF_QUEUE=y
    CONFIG_IP_NF_IPTABLES=y
    CONFIG_IP_NF_MATCH_LIMIT=y
    CONFIG_IP_NF_MATCH_IPRANGE=y
    CONFIG_IP_NF_MATCH_MAC=y
    CONFIG_IP_NF_MATCH_PKTTYPE=y
    CONFIG_IP_NF_MATCH_MARK=y
    CONFIG_IP_NF_MATCH_MULTIPORT=y
    CONFIG_IP_NF_MATCH_TOS=y
    CONFIG_IP_NF_MATCH_RECENT=y
    CONFIG_IP_NF_MATCH_ECN=y
    CONFIG_IP_NF_MATCH_DSCP=y
    CONFIG_IP_NF_MATCH_AH_ESP=y
    CONFIG_IP_NF_MATCH_LENGTH=y
    CONFIG_IP_NF_MATCH_TTL=y
    CONFIG_IP_NF_MATCH_TCPMSS=y
    CONFIG_IP_NF_MATCH_HELPER=y
    CONFIG_IP_NF_MATCH_STATE=y
    CONFIG_IP_NF_MATCH_CONNTRACK=y
    CONFIG_IP_NF_MATCH_OWNER=y
    # CONFIG_IP_NF_MATCH_ADDRTYPE is not set
    # CONFIG_IP_NF_MATCH_REALM is not set
    # CONFIG_IP_NF_MATCH_SCTP is not set
    # CONFIG_IP_NF_MATCH_COMMENT is not set
    CONFIG_IP_NF_FILTER=y
    CONFIG_IP_NF_TARGET_REJECT=y
    CONFIG_IP_NF_TARGET_LOG=y
    CONFIG_IP_NF_TARGET_ULOG=y
    CONFIG_IP_NF_TARGET_TCPMSS=y
    CONFIG_IP_NF_NAT=y
    CONFIG_IP_NF_NAT_NEEDED=y
    CONFIG_IP_NF_TARGET_MASQUERADE=y
    CONFIG_IP_NF_TARGET_REDIRECT=y
    CONFIG_IP_NF_TARGET_NETMAP=y
    CONFIG_IP_NF_TARGET_SAME=y
    # CONFIG_IP_NF_NAT_LOCAL is not set
    # CONFIG_IP_NF_NAT_SNMP_BASIC is not set
    CONFIG_IP_NF_NAT_IRC=y
    CONFIG_IP_NF_NAT_FTP=y
    CONFIG_IP_NF_NAT_TFTP=y
    CONFIG_IP_NF_NAT_AMANDA=y
    CONFIG_IP_NF_MANGLE=y
    CONFIG_IP_NF_TARGET_TOS=y
    CONFIG_IP_NF_TARGET_ECN=y
    CONFIG_IP_NF_TARGET_DSCP=y
    CONFIG_IP_NF_TARGET_MARK=y
    CONFIG_IP_NF_TARGET_CLASSIFY=y
    # CONFIG_IP_NF_RAW is not set
    CONFIG_IP_NF_ARPTABLES=y
    CONFIG_IP_NF_ARPFILTER=y
    CONFIG_IP_NF_ARP_MANGLE=y
    #
    # QoS and/or fair queueing
    #
    CONFIG_NET_SCHED=y
    CONFIG_NET_SCH_CLK_JIFFIES=y
    # CONFIG_NET_SCH_CLK_GETTIMEOFDAY is not set
    # CONFIG_NET_SCH_CLK_CPU is not set
    CONFIG_NET_SCH_CBQ=y
    CONFIG_NET_SCH_HTB=y
    CONFIG_NET_SCH_HFSC=y
    CONFIG_NET_SCH_PRIO=y
    CONFIG_NET_SCH_RED=y
    CONFIG_NET_SCH_SFQ=y
    CONFIG_NET_SCH_TEQL=y
    CONFIG_NET_SCH_TBF=y
    CONFIG_NET_SCH_GRED=y
    CONFIG_NET_SCH_DSMARK=y
    # CONFIG_NET_SCH_NETEM is not set
    CONFIG_NET_SCH_INGRESS=y
    CONFIG_NET_QOS=y
    CONFIG_NET_ESTIMATOR=y
    CONFIG_NET_CLS=y
    CONFIG_NET_CLS_TCINDEX=y
    CONFIG_NET_CLS_ROUTE4=y
    CONFIG_NET_CLS_ROUTE=y
    CONFIG_NET_CLS_FW=y
    CONFIG_NET_CLS_U32=y
    CONFIG_CLS_U32_PERF=y
    CONFIG_NET_CLS_IND=y
    # CONFIG_NET_CLS_RSVP is not set
    # CONFIG_NET_CLS_RSVP6 is not set
    # CONFIG_NET_CLS_ACT is not set
    CONFIG_NET_CLS_POLICE=y

  2. #2
    xav
    xav is offline
    Just Joined!
    Join Date
    Jun 2006
    Posts
    1
    Trying to work with pretty much the same methods. Though I use the easier(less configurable) TBF protocol for shaping.
    i.e: tc qdisc add dev DEV root tbf rate 8000kbit latency 50ms burst 10000k
    have no problems with that, but have the same problem when it comes to the policing. Using this line:

    -tc qdisc add dev DEV handle 1: ingress
    Ingress scheduler: Classifier actions prefered over netfilter
    -tc filter add dev DEV parent 1: protocol ip prio 50 u32 match ip src 0.0.0.0/0 police rate 8000kbit burst 10k drop
    RTNETLINK answers: Invalid argument
    We have an error tarlking to the kernel

    And, yes, Im not too leet with iproute, so an easy answer how to fix this would be nice..

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •