From: devik <devik@cdi.cz>
To: lartc@vger.kernel.org
Subject: RE: [LARTC] How could I do this?
Date: Sun, 09 Dec 2001 12:05:22 +0000 [thread overview]
Message-ID: <marc-lartc-100790780831629@msgid-missing> (raw)
In-Reply-To: <marc-lartc-100778030300718@msgid-missing>
by the way I just found that if you attach fw filter without
rules it will simply select class with classid == fwmark
(nfmark in 2.4).
devik
On Sun, 9 Dec 2001, yangrunhua wrote:
> If I can modifiy skb->prio,
> How can I use it to distribute packets directly to a class?
>
> -----Original Message-----
> From: lartc-admin@mailman.ds9a.nl [mailto:lartc-admin@mailman.ds9a.nl] On Behalf Of devik
> Sent: 2001年12月8日 23:12
> To: yangrunhua
> Cc: lartc@mailman.ds9a.nl
> Subject: RE: [LARTC] How could I do this?
>
> I only wanted to mention it as interesting possibility
> but it can't be done in O(1). However it can be simply done
> in O(N^(1/M)) where M is integer > 1. You can do it by (untested):
>
> ipchains -N sub
> ipchains -A sub -s 0.0.0.1/0.0.0.255 -m +1
> ipchains -A sub -s 0.0.0.2/0.0.0.255 -m +2
> ..
> ..
> ipchains -A input 192.168.1.0/24 -m 0x10000 -j sub
> ipchains -A input 192.168.2.0/24 -m 0x10100 -j sub
> ..
> ..
>
> you would need 512 lines to handle 65536 adresses
> in 256 lookups on average. By creating another '-j subsub'
> level then you will end up with 96 rules for 65536
> addresses with 60 lookups on average.
>
> I didn't tested it, it is only idea. But should work.
>
> hth, devik
>
> On Sat, 8 Dec 2001, yangrunhua wrote:
>
> > But how I design a filter( O(1) ) to classify based on fwmark(hash on fwmark)?
> >
> > -----Original Message-----
> > From: lartc-admin@mailman.ds9a.nl [mailto:lartc-admin@mailman.ds9a.nl] On Behalf Of devik
> > Sent: 2001ĺš´12ćśˆ8ć—Ľ 18:18
> > To: yangrunhua
> > Cc: lartc@mailman.ds9a.nl
> > Subject: RE: [LARTC] How could I do this?
> >
> > Ehh sorry it is a lot of writting. Look at LARTC HOWTO
> > 12.4 section. Basicaly if you have ip A.B.C.D then you
> > can base hash source on D for several fixed A.B.C.
> > Then you will end with at most N/256+1 lookups for N
> > ip addresses.
> >
> > devik
> >
> > On Sat, 8 Dec 2001, yangrunhua wrote:
> >
> > > Can you give me an example?
> > > Thanks.
> > >
> > > -----Original Message-----
> > > From: lartc-admin@mailman.ds9a.nl [mailto:lartc-admin@mailman.ds9a.nl]
> > > On Behalf Of Martin Devera
> > > Sent: 2001Äę12ÔÂ8ČŠ15:58
> > > To: yangrunhua
> > > Cc: lartc@mailman.ds9a.nl
> > > Subject: Re: [LARTC] How could I do this?
> > >
> > > IMHO u32 with hashes could be used for this. Other interesting
> > > way is that CBQ & HTB allows you to set packet's class from
> > > priority. When priority is 0x10003 then the packet is queued
> > > directly into 1:3 queue.
> > > You can simly modify classifier (in fact I will do it for
> > > HTB) to allow such selection thru fwmark.
> > > You can then mark flows by iptables .... --set-mark 0x10003 to
> > > assign packet into 1:3 class ..
> > >
> > > HTH, devik
> > >
> > > On Sat, 8 Dec 2001, yangrunhua wrote:
> > >
> > > > If I want to limit bandwidth from a lot of ip addresses( every ip has
> > > a
> > > > limit),
> > > > How could I improve performance( If I could use netfilter to mark the
> > > > ip packet with the bandwidth assigned to
> > > > the src ip of packet), normally, this could only be done only by: one
> > > > qdisc per ip, then there will be too many
> > > > filters to classify them based on fwmark(and u32 + hash can't satisfy
> > > my
> > > > demand that limit bandwidth for every ip, not for ip group),
> > > > but it try to match line by line, then if many, the performance will
> > > go
> > > > down.
> > > > Many thanks
> > > >
> > >
> > >
> > > _______________________________________________
> > > LARTC mailing list / LARTC@mailman.ds9a.nl
> > > http://mailman.ds9a.nl/mailman/listinfo/lartc HOWTO:
> > > http://ds9a.nl/2.4Routing/
> > >
> > >
> >
> >
> > _______________________________________________
> > LARTC mailing list / LARTC@mailman.ds9a.nl
> > http://mailman.ds9a.nl/mailman/listinfo/lartc HOWTO: http://ds9a.nl/2.4Routing/
> >
> >
>
>
> _______________________________________________
> LARTC mailing list / LARTC@mailman.ds9a.nl
> http://mailman.ds9a.nl/mailman/listinfo/lartc HOWTO: http://ds9a.nl/2.4Routing/
>
>
_______________________________________________
LARTC mailing list / LARTC@mailman.ds9a.nl
http://mailman.ds9a.nl/mailman/listinfo/lartc HOWTO: http://ds9a.nl/lartc/
prev parent reply other threads:[~2001-12-09 12:05 UTC|newest]
Thread overview: 8+ messages / expand[flat|nested] mbox.gz Atom feed top
2001-12-08 2:58 [LARTC] How could I do this? yangrunhua
2001-12-08 7:57 ` Martin Devera
2001-12-08 10:18 ` devik
2001-12-08 11:52 ` Stef Coene
2001-12-08 14:00 ` Stef Coene
2001-12-08 15:11 ` devik
2001-12-09 10:41 ` devik
2001-12-09 12:05 ` devik [this message]
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=marc-lartc-100790780831629@msgid-missing \
--to=devik@cdi.cz \
--cc=lartc@vger.kernel.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.