From mboxrd@z Thu Jan 1 00:00:00 1970 From: Andy Furniss Date: Wed, 03 Jul 2013 22:29:04 +0000 Subject: Re: question on fwmark speed boost Message-Id: <51D4A5B0.102@gmail.com> List-Id: References: <51D41B65.8020006@wogri.com> In-Reply-To: <51D41B65.8020006@wogri.com> MIME-Version: 1.0 Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: 7bit To: lartc@vger.kernel.org Wolfgang Hennerbichler wrote: > Follow-Up: This is the only pice of information I have found on my problem: > > http://marc.info/?l=lartc&m5421129231583&w=2 > > => You can reduce the number of fw filters rules if you use the mark as > hash key. > So if you add > tc filter add dev eth0 parent 1:0 protocol ip handle 1 fw > and you have a packet with mark 39, it will placed in class 1:39. I've never tried that, if it does work maybe you need to use 0x39 for the mark as classes are in hex. iptables can do this -j CLASSIFY --set-class 1:39 If you have a lot of marks and a complicated set up you could consider the u32 mark match which will let you use masks and I guess explicitly set up hashing - again be sure to work in hex.