All of lore.kernel.org
 help / color / mirror / Atom feed
* [LARTC] marking packets vs. tc filter
@ 2002-09-15 18:03 curt brune
  2002-09-15 18:50 ` Werner Almesberger
  0 siblings, 1 reply; 2+ messages in thread
From: curt brune @ 2002-09-15 18:03 UTC (permalink / raw)
  To: lartc

Using tc filter is there a way to direct a range of ports (say ports 5000 to 5100) to a
particular flowid ?

I am aware I can use iptables to mark packets and that iptables has a syntax for port
ranges -- so I could us this method.

Theoretical question:  Has anyone done an experiment to test wether filtering with "tc" or
"iptables" is more performant?  I.e. given two ways to solve the problem which way is
better, tc filter or iptables w/ marking?

Cheers,
Curt

_______________________________________________
LARTC mailing list / LARTC@mailman.ds9a.nl
http://mailman.ds9a.nl/mailman/listinfo/lartc HOWTO: http://lartc.org/

^ permalink raw reply	[flat|nested] 2+ messages in thread
* Re: [LARTC] marking packets vs. tc filter
  2002-09-15 18:03 [LARTC] marking packets vs. tc filter curt brune
@ 2002-09-15 18:50 ` Werner Almesberger
  0 siblings, 0 replies; 2+ messages in thread
From: Werner Almesberger @ 2002-09-15 18:50 UTC (permalink / raw)
  To: lartc

curt brune wrote:
> Using tc filter is there a way to direct a range of ports (say ports 5000
> to 5100) to a particular flowid ?

You can translate relational operators (<, >=, etc.) into individual
tests of bits or prefixes, which can then be used by u32.
For the algorithms, see tcng's tcng/tcc/iflib_arith.c:rel_general
and the functions it calls.

If using tcc to generate such classifiers, you can speed up
configuration-time processing considerably with -Oprefix -Onocse

> Theoretical question:  Has anyone done an experiment to test wether
> filtering with "tc" or "iptables" is more performant?

In this case, iptables should win hands down, because it uses
CPU instructions that accomplish the task much more directly.

I don't know how iptables and tc compare in cases where the
actual classifications have similar cost. If somebody's going
to run some comparisons, the results may be interesting,
though.

- Werner

-- 
  _________________________________________________________________________
 / Werner Almesberger, Buenos Aires, Argentina         wa@almesberger.net /
/_http://www.almesberger.net/____________________________________________/
_______________________________________________
LARTC mailing list / LARTC@mailman.ds9a.nl
http://mailman.ds9a.nl/mailman/listinfo/lartc HOWTO: http://lartc.org/

^ permalink raw reply	[flat|nested] 2+ messages in thread
end of thread, other threads:[~2002-09-15 18:50 UTC | newest]

Thread overview: 2+ messages (download: mbox.gz follow: Atom feed
-- links below jump to the message on this page --
2002-09-15 18:03 [LARTC] marking packets vs. tc filter curt brune
2002-09-15 18:50 ` Werner Almesberger

This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.