From mboxrd@z Thu Jan 1 00:00:00 1970 From: Andy Furniss Date: Wed, 10 Jul 2013 10:00:35 +0000 Subject: Re: question on fwmark speed boost Message-Id: <51DD30C3.1070706@gmail.com> List-Id: References: <51D41B65.8020006@wogri.com> In-Reply-To: <51D41B65.8020006@wogri.com> MIME-Version: 1.0 Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: 7bit To: lartc@vger.kernel.org Wolfgang Hennerbichler wrote: > Follow-Up: This is the only pice of information I have found on my problem: > > http://marc.info/?l=lartc&m5421129231583&w=2 > > => You can reduce the number of fw filters rules if you use the mark as > hash key. > So if you add > tc filter add dev eth0 parent 1:0 protocol ip handle 1 fw > and you have a packet with mark 39, it will placed in class 1:39. OK, so after saying I've never done this I remembered I had long ago and found a test :-) Using "handle 1" seems to get the filter rejected - but the main thing is the way you have to mark to match the first part of your classid - tc qdisc add dev eth0 root handle 1: htb tc class add dev eth0 parent 1: classid 1:a htb rate 1mbit tc class add dev eth0 parent 1: classid 1:b htb rate 1mbit tc class add dev eth0 parent 1: classid 1:c htb rate 1mbit tc filter add dev eth0 parent 1:0 protocol ip fw iptables -t mangle -I OUTPUT -o eth0 -p tcp -j MARK --set-mark 0x1000a iptables -t mangle -I OUTPUT -o eth0 -p icmp -j MARK --set-mark 0x1000b iptables -t mangle -I OUTPUT -o eth0 -p udp -j MARK --set-mark 0x1000c ph4[/home/andy]# iptables -L OUTPUT -vnt mangle Chain OUTPUT (policy ACCEPT 84 packets, 14747 bytes) pkts bytes target prot opt in out source destination 3 196 MARK udp -- * eth0 0.0.0.0/0 0.0.0.0/0 MARK set 0x1000c 7 588 MARK icmp -- * eth0 0.0.0.0/0 0.0.0.0/0 MARK set 0x1000b 74 13963 MARK tcp -- * eth0 0.0.0.0/0 0.0.0.0/0 MARK set 0x1000a ph4[/home/andy]# tc -s class ls dev eth0 class htb 1:c root prio 0 rate 1000Kbit ceil 1000Kbit burst 2850b cburst 2850b Sent 238 bytes 3 pkt (dropped 0, overlimits 0 requeues 0) rate 0bit 0pps backlog 0b 0p requeues 0 lended: 3 borrowed: 0 giants: 0 tokens: 346750 ctokens: 346750 class htb 1:a root prio 0 rate 1000Kbit ceil 1000Kbit burst 2850b cburst 2850b Sent 14999 bytes 74 pkt (dropped 0, overlimits 0 requeues 0) rate 32bit 0pps backlog 0b 0p requeues 0 lended: 74 borrowed: 0 giants: 0 tokens: 348000 ctokens: 348000 class htb 1:b root prio 0 rate 1000Kbit ceil 1000Kbit burst 2850b cburst 2850b Sent 686 bytes 7 pkt (dropped 0, overlimits 0 requeues 0) rate 0bit 0pps backlog 0b 0p requeues 0 lended: 7 borrowed: 0 giants: 0 tokens: 344000 ctokens: 344000