From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: from mail.toke.dk (mail.toke.dk [52.28.52.200]) (using TLSv1.2 with cipher ADH-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by lists.bufferbloat.net (Postfix) with ESMTPS id 57E4E3BA8E for ; Thu, 6 Sep 2018 14:05:00 -0400 (EDT) From: Toke =?utf-8?Q?H=C3=B8iland-J=C3=B8rgensen?= DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=toke.dk; s=20161023; t=1536257099; bh=H7/qaAqJladLrj5koJY6dj6g+knpcAiibw7WcQmVQGQ=; h=From:To:Cc:Subject:In-Reply-To:References:Date:From; b=uVNlzQOvoTxg8C+PkNbj8T2ovyPlLX06H+QXe2NKQlg/Guw4XKqTAkjrfb7LTBToq FbYgWI3WWgH/0iXcyGqfB+hRTqitOAZ60XZug6meiyy7p7BjbaWCGWr+YNc70F1ZW2 WDYj2EZrIZpE8eaFqAKHUbUKivXNV2L/nD9S98PUh58wG5xrye/cbW4PoQ/lPO+SUk UTISDk8+vfPmJ5QLbRPEif6SLRYdZzH8IsCwrjsQLKQm/NOcyQ63m3aTEdvMZxRscx dsZtw6btaIPGwyW012nZFzRWOKQNDmKYfWwF7O9A/41WxwyOnwlUf6vkqnGjVeRyQm 1P7QIQZqqXqSQ== To: Pete Heist , Georgios Amanakis Cc: Cake List In-Reply-To: <139B295B-7371-43DE-B472-DE629C9B8432@heistp.net> References: <87zhwxzh8o.fsf@toke.dk> <139B295B-7371-43DE-B472-DE629C9B8432@heistp.net> Date: Thu, 06 Sep 2018 20:04:58 +0200 X-Clacks-Overhead: GNU Terry Pratchett Message-ID: <87efe65wol.fsf@toke.dk> MIME-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: quoted-printable Subject: Re: [Cake] Cake on elements of a bridge X-BeenThere: cake@lists.bufferbloat.net X-Mailman-Version: 2.1.20 Precedence: list List-Id: Cake - FQ_codel the next generation List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 06 Sep 2018 18:05:00 -0000 Pete Heist writes: > I happen to also be working on a bridge setup, but it=E2=80=99s different= . For > one, I used fq_codel on a transparent bridge for a couple years in > production and it worked well, so I trust it also would for cake. > > But now, my neighbor will access the Internet through my CPE device, > but they must have a separate IP obtained through DHCP (i.e. a > separate MAC address as well), and I want to use cake to manage the > queue for both of us. I could do this with two routers and a > transparent bridge, but I want to see if I can make it work with as > few devices as possible, preferably just one EdgeRouter-X. I had two > failures thus far: > > Fail #1: Do routing for the neighbors on their NS5AC Loco, and use the > ER-X=E2=80=99s internal switch to bridge the neighbor=E2=80=99s and my WA= N interfaces > to the CPE. Doing cake on switch0 results in my WAN traffic going > through the qdisc, but unsurprisingly, the neighbor=E2=80=99s traffic pas= ses > through the switch without going through the qdisc layer. > > Fail #2: Use the ER-X=E2=80=99s pseudo-ethernet functionality to add a se= cond > virtual Ethernet interface to the ER-X=E2=80=99s WAN interface. I could u= se > IFB if I got two WAN interfaces working on the same box. This looks > promising and I can pick up two DHCP addresses on one physical > interface, but the ER-X doesn=E2=80=99t handle the routing situation wher= e two > interfaces have the same default router IP. (Using policy-based > routing, what does it do when next-hop is the same for two different > LAN subnets?) > > There will be a solution here, I just haven=E2=80=99t found it yet. I=E2= =80=99m now > thinking of a setup with a smart switch / VLANs and a transparent > bridge through two physical interfaces of the ER-X (which only has 5 > ports total), but I=E2=80=99ll figure it out=E2=80=A6 :) DHCP relay and normal routing? Or bridging with a kernel software bridge rather than the hardware switch? -Toke