From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: from mail-lf0-x236.google.com (mail-lf0-x236.google.com [IPv6:2a00:1450:4010:c07::236]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by lists.bufferbloat.net (Postfix) with ESMTPS id 2C13A3B25D for ; Fri, 3 Jun 2016 00:20:38 -0400 (EDT) Received: by mail-lf0-x236.google.com with SMTP id s64so46715078lfe.0 for ; Thu, 02 Jun 2016 21:20:38 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113; h=mime-version:subject:from:in-reply-to:date:cc :content-transfer-encoding:message-id:references:to; bh=ndMegEFvD94xgsCqCrW+vLCpl/m882s/McsieY8gEXI=; b=JCa+BgdaX4wKUcQjdD5P9pbzMkbSSEzCxjOCuxXgeAh+twC2UTZdtSy9E5Unku3DEE Y1PTscWGU6XkzUNGoMM57PnyJTwUHoeLG3ACoB5yrq3UMgIhHLcIn93yCSjteEumXcmR /8MhyOt/6sjWSNQDN07kFfpPfyxQ9AlYFtxv5+sM1i93FQtYqLSRARTRTgNcsw5yhQyi Ib8zF8rtEdZZcU4dZ9JQZjaMWnIm0vXnj3vIkfo0i9WWUaI/M5ehHHZ+NR1UHYP5uask 1kcpDDmB+3P1TwwqIo/4ciKg/OjVgfFB9xJWUYhIo3BSOGPHQ+nCYuJng6X7H6Srkv7g SZyA== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20130820; h=x-gm-message-state:mime-version:subject:from:in-reply-to:date:cc :content-transfer-encoding:message-id:references:to; bh=ndMegEFvD94xgsCqCrW+vLCpl/m882s/McsieY8gEXI=; b=ITs9+/tl4yD7Pd/AwmtqlFy+9XxH5nN7CN3DRQ6XUUDywJ0GUt9AVtQm2tWXYrX284 Oq5hiSZznJorpKFt6tN7xQrVWlOLWRs3shGI8lhL52c/IJl29xeo0VfK+loq3DccGIaH 1uAo2eORjyLf14MQRz8ojGd0rX2K3IXebv2RyN64QMLoaTI8syswdgTGcpu2NWmE2/Kj whbBE92ytWr9GAKHAjHX/eQW9RntKNrw/0I89BFDmhuWTZl7m11dIVPd+k3ukz4472Xd ++RJBjvCOtfDElH2gntptfMonBpQF1shpqimj6o1byRjo8UYKDLWa+yaV+RE8/mtbnP9 VB9g== X-Gm-Message-State: ALyK8tLV0YFDM8A+qq5phlVl37XBHTjDaL3T3VQOguTVt3y6EGinX+AuKZqqZoGDk2rWJg== X-Received: by 10.25.10.2 with SMTP id 2mr403004lfk.170.1464927636781; Thu, 02 Jun 2016 21:20:36 -0700 (PDT) Received: from [192.168.100.11] (37-33-56-85.bb.dnainternet.fi. [37.33.56.85]) by smtp.gmail.com with ESMTPSA id f93sm180682lji.46.2016.06.02.21.20.35 (version=TLSv1/SSLv3 cipher=OTHER); Thu, 02 Jun 2016 21:20:36 -0700 (PDT) Content-Type: text/plain; charset=utf-8 Mime-Version: 1.0 (Mac OS X Mail 9.3 \(3124\)) From: Jonathan Morton In-Reply-To: Date: Fri, 3 Jun 2016 07:20:34 +0300 Cc: bloat@lists.bufferbloat.net Content-Transfer-Encoding: quoted-printable Message-Id: References: To: Noah Causin X-Mailer: Apple Mail (2.3124) Subject: Re: [Bloat] Possible Companion Software for Cake and SQM X-BeenThere: bloat@lists.bufferbloat.net X-Mailman-Version: 2.1.20 Precedence: list List-Id: General list for discussing Bufferbloat List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 03 Jun 2016 04:20:38 -0000 > On 3 Jun, 2016, at 02:39, Noah Causin wrote: >=20 > I found this netfilter module that could be useful for traffic shaping = with Cake or SQM. >=20 > https://github.com/betolj/ndpi-netfilter >=20 > It uses an open source deep packet inspection engine to determine what = application a flow is, and it works with iptables. My idea is that this = could be used to apply diffserv markings to traffic like Netflix, so = that they can be placed into the appropriate classes. >=20 > iptables -t mangle -A FORWARD -o eth2 -m ndpi --netflix -j DSCP = --set-dscp-class cs2 >=20 > What do you think? I think this has the potential to be a major CPU hog. That=E2=80=99s a = problem on consumer-grade routers. It=E2=80=99s also not a general solution which can be deployed by ISPs = subject to Net Neutrality regulations - because it explicitly works by = identifying applications and marking them for discriminatory treatment, = which is precisely what Net Neutrality outlaws. A secondary problem is that iptables currently gets applied *after* the = ingress qdisc has finished with the packet. This limits the utility. - Jonathan Morton