From: Stephen Hemminger <shemminger@vyatta.com>
To: Eric Dumazet <eric.dumazet@gmail.com>
Cc: Patrick McHardy <kaber@trash.net>,
David Miller <davem@davemloft.net>,
netdev@vger.kernel.org
Subject: Re: [PATCH] CHOKe flow scheduler (0.9)
Date: Mon, 17 Jan 2011 09:25:32 -0800 [thread overview]
Message-ID: <20110117092532.7d5f5a5b@nehalam> (raw)
In-Reply-To: <1295077542.3977.20.camel@edumazet-laptop>
On Sat, 15 Jan 2011 08:45:42 +0100
Eric Dumazet <eric.dumazet@gmail.com> wrote:
> Le vendredi 14 janvier 2011 à 15:45 -0800, Stephen Hemminger a écrit :
> > CHOKe ("CHOose and Kill" or "CHOose and Keep") is an alternative
> > packet scheduler based on the Random Exponential Drop (RED) algorithm.
> >
> > The core idea is:
> > For every packet arrival:
> > Calculate Qave
> > if (Qave < minth)
> > Queue the new packet
> > else
> > Select randomly a packet from the queue
> > if (both packets from same flow)
> > then Drop both the packets
> > else if (Qave > maxth)
> > Drop packet
> > else
> > Admit packet with proability p (same as RED)
> >
> > See also:
> > Rong Pan, Balaji Prabhakar, Konstantinos Psounis, "CHOKe: a stateless active
> > queue management scheme for approximating fair bandwidth allocation",
> > Proceeding of INFOCOM'2000, March 2000.
> >
> > Help from:
> > Eric Dumazet <eric.dumazet@gmail.com>
> > Patrick McHardy <kaber@trash.net>
> >
> > Signed-off-by: Stephen Hemminger <shemminger@vyatta.com>
> >
> > ---
> > This version is based on net-next, and assumes Eric's patch for
> > corrected bstats is already applied.
> >
> > 0.9 incorporate patches from Patrick/Eric
> > rework the peek_random and drop code to simplify and fix bug where
> > random_N needs to called with full length (including holes).
>
> Nice catch, I now have more "matched" counts after my test :
>
> qdisc choke 11: parent 1:11 limit 130000b min 10833b max 32500b ewma 13 Plog 21 Scell_log 30
> Sent 93944198 bytes 170889 pkt (dropped 829140, overlimits 436686 requeues 0)
> rate 48bit 0pps backlog 0b 0p requeues 0
> marked 0 early 436686 pdrop 0 other 0 matched 196227
>
> You missed the qdisc_bstats_update() move from enqueue() to dequeue()
>
> And some minor CodingStyle / checkpatch.pl changes, here is my
> latest diff on top of 0.9
>
> I believe you can release v1 :)
>
> Thanks !
I rolled in your changes. But there is one more change I want to make.
The existing flow match based on hash is vulnerable to side-channel DoS attack.
It is possible for a hostile flow to send packets that match the same
hash value which would effectively kill a targeted flow.
The solution is to match based on full source and destination, not hash value.
Still coding that up.
--
next prev parent reply other threads:[~2011-01-17 17:25 UTC|newest]
Thread overview: 26+ messages / expand[flat|nested] mbox.gz Atom feed top
2011-01-13 17:27 [PATCH] CHOKe flow scheduler (0.7) Stephen Hemminger
2011-01-13 17:48 ` [PATCH] CHOKe flow scheduler (iproute) Stephen Hemminger
2011-01-13 21:01 ` Eric Dumazet
2011-01-13 18:00 ` [PATCH] CHOKe flow scheduler (0.7) Eric Dumazet
2011-01-13 18:02 ` Eric Dumazet
2011-01-13 20:37 ` Eric Dumazet
2011-01-13 23:34 ` [PATCH] CHOKe flow scheduler (0.8) Stephen Hemminger
2011-01-14 3:29 ` Eric Dumazet
2011-01-14 3:34 ` Eric Dumazet
2011-01-14 3:58 ` Eric Dumazet
2011-01-14 11:32 ` Eric Dumazet
2011-01-14 13:54 ` Patrick McHardy
2011-01-14 13:55 ` Patrick McHardy
2011-01-14 14:24 ` Eric Dumazet
2011-01-14 23:45 ` [PATCH] CHOKe flow scheduler (0.9) Stephen Hemminger
2011-01-15 7:45 ` Eric Dumazet
2011-01-17 17:25 ` Stephen Hemminger [this message]
2011-01-17 17:54 ` Eric Dumazet
2011-01-18 19:06 ` Stephen Hemminger
2011-01-18 19:34 ` Eric Dumazet
2011-01-20 17:38 ` [PATCH] CHOKe flow scheduler (0.10) Stephen Hemminger
2011-01-20 18:19 ` Eric Dumazet
2011-01-20 22:46 ` Eric Dumazet
2011-02-03 1:21 ` [PATCH net-next] CHOKe flow scheduler (0.11) Stephen Hemminger
2011-02-03 1:59 ` Eric Dumazet
2011-02-03 4:53 ` David Miller
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20110117092532.7d5f5a5b@nehalam \
--to=shemminger@vyatta.com \
--cc=davem@davemloft.net \
--cc=eric.dumazet@gmail.com \
--cc=kaber@trash.net \
--cc=netdev@vger.kernel.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).