From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: from mail-qk0-x22c.google.com (mail-qk0-x22c.google.com [IPv6:2607:f8b0:400d:c09::22c]) by lists.bufferbloat.net (Postfix) with ESMTPS id 794B13B2B2 for ; Thu, 14 Jan 2016 11:05:16 -0500 (EST) Received: by mail-qk0-x22c.google.com with SMTP id y67so41865643qkc.2 for ; Thu, 14 Jan 2016 08:05:16 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113; h=content-type:mime-version:subject:from:in-reply-to:date:cc :content-transfer-encoding:message-id:references:to; bh=5L/reGFUZVouCUJJ1P8dhgA7oO38w267+X5iIUtMTPY=; b=iqo6aOs7XkZLWHOky8ZgH0jZhvlXzxnvFZr9UBbNV5uYpIQif0T2eWNfs6UVYy8DKk ipMRU8ZPbavbup9y2XSo8SfL18LONiMaPCbLwvVrdzfLHP1rlYeNNfB/4RXl19wKwyGa CXobVNmvEn5c/L3YGuCoCI1E9FpietsYAmE3u9jN1itH/QIwpeaj+0m/LpnMvv6+2+eF jFuLZTg9xgoB27Cg9Euump8C/+sZizFeqpri7xS54FjMJ1HtkyKK0fXJm1rrtJbaJaQ+ CaPEQ5/U9J/3Hv38DjH9PaT2JYlc2Yivg1s+XLwGMSBNFOzolxsbqBN8Lql11Q+4JFXB jdEQ== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20130820; h=x-gm-message-state:content-type:mime-version:subject:from :in-reply-to:date:cc:content-transfer-encoding:message-id:references :to; bh=5L/reGFUZVouCUJJ1P8dhgA7oO38w267+X5iIUtMTPY=; b=YR5kiShwUNrKHnqMOHSC+8b8JmmohNdLnGhH4kyYQGFXrWbG+G0UM70rxat/j9Kr4m dFygw3QY13PFxPyz9+Dq4o0MDyjzzc9zV4y1nqxWrXDOWzMDva0DDSdVDtjTY4UAjk3z Lv4QCiJzyEBcWHR0PXWlIcfooXNppJb7ZWZWkWWcBUzyy1kUQPr1YcmNdaWRyI5XOHpV LEenLWlwBaUQJrP5dIwrS0DUevSFeWI3BUv9DZTGT4h033kGzuJLD+WhpFMq0gBKfb3C JzQZoxdBlGPFCyLyzphuewvpCtKKSEuicRrMpnCb9sAiknCsiEOfuTJRvvr6JSBr9IUB 9ISg== X-Gm-Message-State: ALoCoQnIQeuEOKcWZ/3MloQLGi6PanZ2FyY6nHAbvFt9jjZ6Lvi53zrq3/qkK0fjJZwhbQ97VoCkvNL+NcSlTUyQe4egK2Ip+g== X-Received: by 10.25.39.8 with SMTP id n8mr1273266lfn.117.1452787514516; Thu, 14 Jan 2016 08:05:14 -0800 (PST) Received: from [192.168.238.201] (37-33-99-74.bb.dnainternet.fi. [37.33.99.74]) by smtp.gmail.com with ESMTPSA id p1sm857996lbo.30.2016.01.14.08.05.13 (version=TLS1 cipher=ECDHE-RSA-AES128-SHA bits=128/128); Thu, 14 Jan 2016 08:05:14 -0800 (PST) Content-Type: text/plain; charset=utf-8 Mime-Version: 1.0 (Mac OS X Mail 9.2 \(3112\)) From: Jonathan Morton In-Reply-To: Date: Thu, 14 Jan 2016 18:05:12 +0200 Cc: Kevin Darbyshire-Bryant , cake@lists.bufferbloat.net Content-Transfer-Encoding: quoted-printable Message-Id: References: <5693E8FA.4000803@darbyshire-bryant.me.uk> <56941191.1010601@darbyshire-bryant.me.uk> <452D0F47-931B-4412-AC59-C308388AA1E4@gmail.com> To: moeller0 X-Mailer: Apple Mail (2.3112) Subject: Re: [Cake] triple flow isolation X-BeenThere: cake@lists.bufferbloat.net X-Mailman-Version: 2.1.20 Precedence: list List-Id: Cake - FQ_codel the next generation List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 14 Jan 2016 16:05:16 -0000 > On 14 Jan, 2016, at 17:48, moeller0 wrote: >=20 > I am still curious about the non-NAT fairness by internal IP addresses = only performance, as far as I understand that is the main request/use = case people seem to have. Non-NAT should work fine, once I=E2=80=99ve fixed the algorithm. = That=E2=80=99s a major part of what I intended triple-isolation to do. = It still won=E2=80=99t isolate a given host from it=E2=80=99s *own* = swarm traffic, unless you also apply Diffserv, but it should prevent one = host from monopolising the link with a swarm. NAT is a problem for Cake instances operating on the =E2=80=9Coutside=E2=80= =9D of the boundary, in both directions; they see only the public IP = address of the local network, and the addresses of the remote hosts. = The only real solution is probably to integrate connection tracking with = the flow dissector (or to hurry along the migration to IPv6). That=E2=80=99= s beyond my area of expertise in the kernel. - Jonathan Morton