Direct server return commands (tc filter) on Nginx blog

Sékine Coulibaly scoulibaly at
Thu Jan 18 16:46:49 UTC 2018


I'm using this resource (
to setup a UDP load balancer, with DSR and Origin NAT.

Everything went fine in the walkthrough until I reached the traffic control
stuff :

tc qdisc add dev eth0 root handle 10: htb
tc filter add dev eth0 parent 10: protocol ip prio 10 u32 match ip src match ip sport 53 action nat egress

The second command fails with :
Illegal "match"

>From what I can read here (, the syntax looks
correct though.
Of course I replaced with the actual IP of the upstream I'm
configuring, and with the IP of the host hosting the Nginx.
The interface name is eth0.

I'm running Ubuntu 16.04.02 LTS.

Is the "tc filter" command correct, or am I doing something wrong ?

Thank you

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <>

More information about the nginx mailing list