You cannot select more than 25 topics
Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
dba5a01358
savedscp is a method of storing the DSCP of an ip packet into conntrack mark. In combination with a suitable tc filter action (conndscp but may end up being integrated into connmark) DSCP values are able to be stored on egress and restored on ingress across links that otherwise alter or bleach DSCP. This is useful for qdiscs such as CAKE which are able to shape according to policies based on DSCP. Ingress classification is traditionally a challenging task since iptables rules haven't yet run and tc filter/eBPF programs are pre-NAT lookups, hence are unable to see internal IPv4 addresses as used on the typical home masquerading gateway. The ingress problem is solved by the tc filter, but the tc people didn't like the idea of tc setting conntrack mark values, though they are ok with reading conntrack values and hence restoring DSCP from conntrack marks. x_tables CONNMARK with the new savedscp action solves the problem of storing the DSCP to the conntrack mark. It accepts 2 parameters. The mark is a 32bit value with usually one 1 bit set. This bit is set when savedscp saves the DSCP to the mark. This is useful to implement a 'one shot' iptables based classification where the 'complicated' iptables rules are only run once to classify the connection on initial (egress) packet and subsequent packets are all marked/restored with the same DSCP. A mark of zero disables the setting of a status bit/s. The mask is a 32bit value of at least 6 contiguous bits and represents the area where the DSCP will be stored. e.g. iptables -A QOS_MARK_eth0 -t mangle -j CONNMARK --savedscp-mark 0xfc000000/0x01000000 Would store the DSCP in the top 6 bits of the 32bit mark field, and use the LSB of the top byte as the 'DSCP has been stored' marker. Signed-off-by: Kevin Darbyshire-Bryant <ldir@darbyshire-bryant.me.uk> |
5 years ago | |
|---|---|---|
| .. | ||
| apm821xx | 5 years ago | |
| ar7 | 5 years ago | |
| ar71xx | 5 years ago | |
| arc770 | 6 years ago | |
| archs38 | 6 years ago | |
| armvirt | 5 years ago | |
| at91 | 5 years ago | |
| ath25 | 5 years ago | |
| ath79 | 5 years ago | |
| bcm53xx | 5 years ago | |
| brcm47xx | 5 years ago | |
| brcm63xx | 5 years ago | |
| brcm2708 | 5 years ago | |
| cns3xxx | 5 years ago | |
| gemini | 5 years ago | |
| generic | 5 years ago | |
| imx6 | 5 years ago | |
| ipq40xx | 5 years ago | |
| ipq806x | 5 years ago | |
| ixp4xx | 5 years ago | |
| kirkwood | 5 years ago | |
| lantiq | 5 years ago | |
| layerscape | 5 years ago | |
| malta | 5 years ago | |
| mediatek | 5 years ago | |
| mpc85xx | 5 years ago | |
| mvebu | 5 years ago | |
| mxs | 5 years ago | |
| octeon | 5 years ago | |
| octeontx | 5 years ago | |
| omap | 5 years ago | |
| orion | 5 years ago | |
| oxnas | 5 years ago | |
| pistachio | 5 years ago | |
| ramips | 5 years ago | |
| rb532 | 5 years ago | |
| samsung | 5 years ago | |
| sunxi | 5 years ago | |
| tegra | 5 years ago | |
| uml | 5 years ago | |
| x86 | 5 years ago | |
| zynq | 5 years ago | |
| Makefile | ||