From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: from mail-lf0-x233.google.com (mail-lf0-x233.google.com [IPv6:2a00:1450:4010:c07::233]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by lists.bufferbloat.net (Postfix) with ESMTPS id BDD303B25E for ; Wed, 12 Oct 2016 03:26:24 -0400 (EDT) Received: by mail-lf0-x233.google.com with SMTP id x79so66688485lff.0 for ; Wed, 12 Oct 2016 00:26:24 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113; h=mime-version:subject:from:in-reply-to:date:cc :content-transfer-encoding:message-id:references:to; bh=bGU29/mb9A8WziIcoXS+Vxi7WMtfqsdVqiElgx5ijv4=; b=Rg6/CtzVYL8vTmk9FmXhnDoA3HYRyGrLiN1R+bk8wSuIdntFMoQe1rRTqLHScoEPQt qzu/1VrjeGsZhqtXWQvicanhXCPRkc1RCrFGfK5vz9bfFH6VM69Rgs5h/NSh+fu3CRuo zqSsWMMsSUt7OOjb9X8JGXpannIFgXUOVuVP/ZhonbSXdTWVWRVmSTAaR/yCQg29xzQ4 pbWhIrILPyoopJnoNRP0jCbB1CIDCcEi2mu4wMjsrb5G6c4VLjHNATEguNNWTQzs1M4s C3PvmMeoTnd9NTsyWtK07bInHbG44xj1apwpUf0tZ9kJIfC8qTAn/JBv3SUepXP+OcwC SK9w== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20130820; h=x-gm-message-state:mime-version:subject:from:in-reply-to:date:cc :content-transfer-encoding:message-id:references:to; bh=bGU29/mb9A8WziIcoXS+Vxi7WMtfqsdVqiElgx5ijv4=; b=DeMy/bdsUrWPLWbOaW8q2KRnop2DiRpHrJCQccY/xxZjPHB5pQ54F/PklcdCF4U3OG gNL0+L+XieH9KSy71HxQVNn+5fhYXMSKtrusNOY5BxqggdMnL8w7RcB1MlHtA/DLBMEQ 3onontuu4IUEplWWhS0K9OiTBMRTjDNmqevhDGm9YRjGIZxMBbzsV5LHRIYI3aBOb7qm +0Z9S0hIsOhecxLrofaY5I5RjfpAp+gb9jeb1RxWqweY3FRm6Q/KoEqcF1ut7NxEokJ1 m4p6H1m8l21OBxide1V3N2AfhArpqAbdrWYkwJF35h0vPuP6QZpSVkiMjwr+/xtiJlui pXtQ== X-Gm-Message-State: AA6/9RlTvwUJ1GXEf0D4ZCuqpV8SA7F46BesnaMUndK7nVv5qChujsa4swviDaqKrJzrzg== X-Received: by 10.25.35.6 with SMTP id j6mr6170771lfj.147.1476257183503; Wed, 12 Oct 2016 00:26:23 -0700 (PDT) Received: from [192.168.100.13] (37-33-90-35.bb.dnainternet.fi. [37.33.90.35]) by smtp.gmail.com with ESMTPSA id f23sm1818716lji.12.2016.10.12.00.26.22 (version=TLS1 cipher=ECDHE-RSA-AES128-SHA bits=128/128); Wed, 12 Oct 2016 00:26:22 -0700 (PDT) Content-Type: text/plain; charset=utf-8 Mime-Version: 1.0 (Mac OS X Mail 9.3 \(3124\)) From: Jonathan Morton In-Reply-To: Date: Wed, 12 Oct 2016 10:26:20 +0300 Cc: cake@lists.bufferbloat.net Content-Transfer-Encoding: quoted-printable Message-Id: <4D2419FB-6649-4250-9D42-E6EDECFFCCDE@gmail.com> References: To: ching lu X-Mailer: Apple Mail (2.3124) Subject: Re: [Cake] diffserv based on firewall mark X-BeenThere: cake@lists.bufferbloat.net X-Mailman-Version: 2.1.20 Precedence: list List-Id: Cake - FQ_codel the next generation List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 12 Oct 2016 07:26:25 -0000 > On 12 Oct, 2016, at 08:52, ching lu wrote: >=20 > I deprioritize bittorrent traffic by marking related connections in > iptables (e.g. detect by port number) and route them to corresponding > HTB class and qdisc. >=20 > How can i archive the same goal using the cake qdisc? Modify your iptables rules to set the DSCP rather than a kernel-internal = mark. You probably want "-j DSCP =E2=80=94set-dscp-class CS1=E2=80=9D, = as CS1 is the =E2=80=9Cbulk low priority=E2=80=9D code. Cake=E2=80=99s = default Diffserv mode will pick that up appropriately. You also need to make sure Cake sees your packets *after* they=E2=80=99ve = been through the firewall, which generally means attaching it to the = egress port in each direction, not the ingress port. You=E2=80=99ve = probably already done this, if you=E2=80=99re happy with your HTB setup. If you have multiple LAN interfaces (eg, both Ethernet and wifi), you = should loop the inbound traffic through a common IFB device (and attach = Cake to that instead of the physical interfaces) to simplify = configuration. - Jonathan Morton