This is a target that changes the DSCP (Differentiated Services Field) marks
inside a packet. The DSCP target is able to set any DSCP
value inside a TCP packet, which is a way of telling routers the priority of
the packet in question. For more information about DSCP, look at the RFC 2474 - Definition of the Differentiated Services Field
(DS Field) in the IPv4 and IPv6 Headers RFC document.
Basically, DSCP is a way of differentiating different services into separate
categories, and based on this, give them different priority through the routers.
This way, you can give interactive TCP sessions (such as telnet, SSH, POP3) a
very high fast connection, that may not be very suitable for large bulk
transfers. If on the other hand the connection is one of low importance (SMTP,
or whatever you classify as low priority), you could send it over a large bulky
network with worse latency than the other network, that is cheaper to utilize
than the faster and lower latency connections.
Table 11-3. DSCP target options
| Option | --set-dscp |
| Example | iptables -t mangle -A FORWARD -p tcp --dport 80 -j
DSCP --set-dscp 1
|
| Explanation | This sets the DSCP value to the specified value. The values can be set either
via class, see below, or with the --set-dscp, which takes
either an integer value, or a hex value.
|
| Option | --set-dscp-class |
| Example | iptables -t mangle -A FORWARD -p tcp --dport 80 -j
DSCP --set-dscp-class EF
|
| Explanation | This sets the DSCP field according to a predefined DiffServ class. Some of the
possible values are EF, BE and the CSxx and AFxx values available. You can find
more information at Implementing Quality of Service Policies with DSCP site. Do note that the
--set-dscp-class and --set-dscp commands
are mutually exclusive, which means you can not use both of them in the same
command!
|
 | Works under Linux kernel 2.3, 2.4, 2.5 and 2.6.
|
