From: Wolfgang Hennerbichler <wolfgang.hennerbichler@risc-software.at>
To: lartc@vger.kernel.org
Subject: Re: question on fwmark speed boost
Date: Wed, 03 Jul 2013 12:46:29 +0000 [thread overview]
Message-ID: <51D41D25.3080402@risc-software.at> (raw)
In-Reply-To: <51D41B65.8020006@wogri.com>
Follow-Up: This is the only pice of information I have found on my problem:
http://marc.info/?l=lartc&m\x105421129231583&w=2
=> You can reduce the number of fw filters rules if you use the mark as
hash key.
So if you add
tc filter add dev eth0 parent 1:0 protocol ip handle 1 fw
and you have a packet with mark 39, it will placed in class 1:39.
Wolfgang
On 07/03/2013 02:39 PM, Wolfgang Hennerbichler wrote:
> Hi,
>
> following tc config:
>
> tc qdisc add dev wan0 root handle 1: htb default 12
> tc class add dev wan0 parent 1:0 classid 1:12 htb rate 9500mbit ceil
> 9500mbit
> tc class add dev wan0 parent 1:0 classid 1:2001 htb rate 9500mbit ceil
> 9500mbit
> tc class add dev wan0 parent 1:0 classid 1:2002 htb rate 100kbit ceil
> 100kbit
>
> # add filter - all marked packets should be classified automatically
> according to the fwmark - as far as I've read online
>
> tc filter add dev wan0 parent 1:0 protocol ip fw
>
> iptables -A POSTROUTING -t mangle -j CONNMARK --restore-mark
> iptables -A POSTROUTING -t mangle -m mark ! --mark 0 -j ACCEPT
> iptables -A POSTROUTING -m physdev --physdev-out wan0 -p udp -s 1.2.3.4
> -t mangle -j MARK --set-mark 2001
> iptables -A POSTROUTING -m physdev --physdev-out wan0 -p tcp -s 1.2.3.4
> -t mangle -j MARK --set-mark 2002
> iptables -A POSTROUTING -t mangle -j CONNMARK --save-mark
>
>
> my filter does not work as intended. I thought it would automatically
> use the marks, and put the traffic into the right classes. It doesn't
> seem to work. I have troubles finding documentation on this, so maybe
> anybody can shed some light on this.
>
> Wolfgang
>
--
DI (FH) Wolfgang Hennerbichler
Software Development
Unit Advanced Computing Technologies
RISC Software GmbH
A company of the Johannes Kepler University Linz
IT-Center
Softwarepark 35
4232 Hagenberg
Austria
Phone: +43 7236 3343 245
Fax: +43 7236 3343 250
wolfgang.hennerbichler@risc-software.at
http://www.risc-software.at
next prev parent reply other threads:[~2013-07-03 12:46 UTC|newest]
Thread overview: 7+ messages / expand[flat|nested] mbox.gz Atom feed top
2013-07-03 12:39 question on fwmark speed boost Wolfgang Hennerbichler
2013-07-03 12:46 ` Wolfgang Hennerbichler [this message]
2013-07-03 22:29 ` Andy Furniss
2013-07-04 5:40 ` Wolfgang Hennerbichler
2013-07-10 10:00 ` Andy Furniss
2013-07-10 10:20 ` Wolfgang Hennerbichler
2013-07-11 19:52 ` Wolfgang Hennerbichler
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=51D41D25.3080402@risc-software.at \
--to=wolfgang.hennerbichler@risc-software.at \
--cc=lartc@vger.kernel.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.