From: Andy Furniss <adf.lists@gmail.com>
To: lartc@vger.kernel.org
Subject: Re: question on fwmark speed boost
Date: Wed, 10 Jul 2013 10:00:35 +0000 [thread overview]
Message-ID: <51DD30C3.1070706@gmail.com> (raw)
In-Reply-To: <51D41B65.8020006@wogri.com>
Wolfgang Hennerbichler wrote:
> Follow-Up: This is the only pice of information I have found on my problem:
>
> http://marc.info/?l=lartc&m\x105421129231583&w=2
>
> => You can reduce the number of fw filters rules if you use the mark as
> hash key.
> So if you add
> tc filter add dev eth0 parent 1:0 protocol ip handle 1 fw
> and you have a packet with mark 39, it will placed in class 1:39.
OK, so after saying I've never done this I remembered I had long ago and
found a test :-)
Using "handle 1" seems to get the filter rejected - but the main thing
is the way you have to mark to match the first part of your classid -
tc qdisc add dev eth0 root handle 1: htb
tc class add dev eth0 parent 1: classid 1:a htb rate 1mbit
tc class add dev eth0 parent 1: classid 1:b htb rate 1mbit
tc class add dev eth0 parent 1: classid 1:c htb rate 1mbit
tc filter add dev eth0 parent 1:0 protocol ip fw
iptables -t mangle -I OUTPUT -o eth0 -p tcp -j MARK --set-mark 0x1000a
iptables -t mangle -I OUTPUT -o eth0 -p icmp -j MARK --set-mark 0x1000b
iptables -t mangle -I OUTPUT -o eth0 -p udp -j MARK --set-mark 0x1000c
ph4[/home/andy]# iptables -L OUTPUT -vnt mangle
Chain OUTPUT (policy ACCEPT 84 packets, 14747 bytes)
pkts bytes target prot opt in out source
destination
3 196 MARK udp -- * eth0 0.0.0.0/0
0.0.0.0/0 MARK set 0x1000c
7 588 MARK icmp -- * eth0 0.0.0.0/0
0.0.0.0/0 MARK set 0x1000b
74 13963 MARK tcp -- * eth0 0.0.0.0/0
0.0.0.0/0 MARK set 0x1000a
ph4[/home/andy]# tc -s class ls dev eth0
class htb 1:c root prio 0 rate 1000Kbit ceil 1000Kbit burst 2850b cburst
2850b
Sent 238 bytes 3 pkt (dropped 0, overlimits 0 requeues 0)
rate 0bit 0pps backlog 0b 0p requeues 0
lended: 3 borrowed: 0 giants: 0
tokens: 346750 ctokens: 346750
class htb 1:a root prio 0 rate 1000Kbit ceil 1000Kbit burst 2850b cburst
2850b
Sent 14999 bytes 74 pkt (dropped 0, overlimits 0 requeues 0)
rate 32bit 0pps backlog 0b 0p requeues 0
lended: 74 borrowed: 0 giants: 0
tokens: 348000 ctokens: 348000
class htb 1:b root prio 0 rate 1000Kbit ceil 1000Kbit burst 2850b cburst
2850b
Sent 686 bytes 7 pkt (dropped 0, overlimits 0 requeues 0)
rate 0bit 0pps backlog 0b 0p requeues 0
lended: 7 borrowed: 0 giants: 0
tokens: 344000 ctokens: 344000
next prev parent reply other threads:[~2013-07-10 10:00 UTC|newest]
Thread overview: 7+ messages / expand[flat|nested] mbox.gz Atom feed top
2013-07-03 12:39 question on fwmark speed boost Wolfgang Hennerbichler
2013-07-03 12:46 ` Wolfgang Hennerbichler
2013-07-03 22:29 ` Andy Furniss
2013-07-04 5:40 ` Wolfgang Hennerbichler
2013-07-10 10:00 ` Andy Furniss [this message]
2013-07-10 10:20 ` Wolfgang Hennerbichler
2013-07-11 19:52 ` Wolfgang Hennerbichler
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=51DD30C3.1070706@gmail.com \
--to=adf.lists@gmail.com \
--cc=lartc@vger.kernel.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.