From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: from mout.gmx.net (mout.gmx.net [212.227.15.15]) (using TLSv1.2 with cipher DHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by lists.bufferbloat.net (Postfix) with ESMTPS id 810423B2A3 for ; Mon, 26 Sep 2016 04:54:19 -0400 (EDT) Received: from [172.17.3.48] ([134.76.241.253]) by mail.gmx.com (mrgmx002) with ESMTPSA (Nemesis) id 0LuxG5-1aosxX1JVR-0108sm; Mon, 26 Sep 2016 10:54:10 +0200 Content-Type: text/plain; charset=utf-8 Mime-Version: 1.0 (Mac OS X Mail 8.2 \(2104\)) From: moeller0 In-Reply-To: <3a99770e-6350-471f-72b6-b209d7d77d75@darbyshire-bryant.me.uk> Date: Mon, 26 Sep 2016 10:54:09 +0200 Cc: cake@lists.bufferbloat.net Content-Transfer-Encoding: quoted-printable Message-Id: References: <3a99770e-6350-471f-72b6-b209d7d77d75@darbyshire-bryant.me.uk> To: Kevin Darbyshire-Bryant X-Mailer: Apple Mail (2.2104) X-Provags-ID: V03:K0:vQs87kHwFLsmQG7KWZ+BxiQBXuUmLIsaQdeJhiAkaHG198CUDGz ixPNEKVPV3unyzIjM2iZbu8kI88R0NlPA8JXaNIWQbaGEB3hFA3RDDj1E9Xj2PPsCQ7RT4P 9WspzD8eq1QYFOfOgw4pZs1kVHQNqX3J7cYwVs9zwlDAp6eD9qUj23qq6tjY6fT6MlzFc4T RvmyEZ/D07QaheLQE/3Aw== X-UI-Out-Filterresults: notjunk:1;V01:K0:jxJWVs5y2qw=:2wmov2PDiW6HXE8lrGGbVw FxE4bEFVsa/1BXou0QRWdsCiV/NcjccfHviavuY+SIyHQpy84udS1ixBCvwXxjb0/8RkTGXKR wWeGVArEj/9jSr+gH4jC9N3Hy6pOG0dVUprypXE6R++Z+QnvgFM8MSLs1qZzjA3eqPr1qoTkZ TaVLp6y45mbTJpPEyDawTBKjI4WFHunxRSGkiJqho9WcZx3XhYnIHXD2vaSNdS0vB84HLpqW7 kTGosLqPaPeg2XvAJdCpSxtNXSBoGmCK/vY7bZImlCYq2teqJOHD4zlhi/TEvH86t5deYSqoh CzfaPvRJaDUTVLC4OrxcIAyWcqQ6kipIEJTgUE7wdDgJzkUSw4VTflszdGHTbj8Vi1/WGQCn+ WDFW89Smywq6Ga9H8cIK7ainE1bIb1dsfYZ/pf/4gCwq1JMRFcCk+aN3E6/RAJr/oG/EG/gFh wSHn31BpiBCl8lGdBoytYlgRr9UEfRiXKaf355s6pGiKc7vNpHIZbkCxV07jeY5XO1A/1nQja I1pfd0FTAd+LCvfQJjab56fX4NfwTCFIe9czZ8Xm1uk/uUYu2poggjWLf2AKE08EcxxlLmgyR IVG8MbPMr4TvjbaJn33IFR3qyLweucvhfe7tMPhtYNzFEZ1rRMdxkgYrMcHJ9gUixP9I2v1Q8 HEOmalRenSRHigdwxP4WrW/8aH9M83gOoT45goRgGiuj2VrQ/G1HBP3ne0wOe0Abq9LiBRw86 rZqWG/dyMsczIEkqWeVWvxVl4tXNKPGfah5W5HjlYIInlD3AIF8EqLvxppleaYKcSmaFMk0rT XOroEvZ Subject: Re: [Cake] de-natting & host fairness X-BeenThere: cake@lists.bufferbloat.net X-Mailman-Version: 2.1.20 Precedence: list List-Id: Cake - FQ_codel the next generation List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 26 Sep 2016 08:54:19 -0000 Hi Kevin, this is like the missing puzzle piece, if you solved this, most home = users might end up deep in your debt (without them realizing it of = course). Question, if I enable this on my link how will it deal with the typical = differences between IPv4 and IPv6? I believe that the situation I have = at home, NAT for IPv4 but no NAT for IPv6 (or if NAT, at least NAT with = identifying last 64 bits of the IPv6 addresses, no port remapping games) = is quite common now a days. I assume it will do the right thing for IPv4 = but will it still do the right thing for IPv6 flows as well? And what if = for $DEITY=E2=80=99s sake someone would insist on using a port-remapping = NAT on IPv6? If, what I assume it will do the right thing by default, I would vote = for enabling this by default and introduce keywords to disable this if = required (in what I assume to be one of cake=E2=80=99s main ideas use = reasonable defaults that in general do the right thing, but also allow = crazy stuff if need be). Do you have any idea how expensive this is computationally? I realize = that this is a tad hard to measure as cake will not simply reduce the = available bandwidth when running out of CPU cycles but first will allow = the latency to increase. Best Regards Sebastian > On Sep 26, 2016, at 05:20 , Kevin Darbyshire-Bryant = wrote: >=20 > Greetings! >=20 > A while back I started on a quest to make cake 'nat' aware as the lack = of host fairness in a typical home router environment was the only thing = that prevented cake from being the ultimate qdisc in my opinion. This = involves dealing with conntrack which on egress is easy (the kernel = fills in a data structure for us), ingress is less clear. I hacked = something together but wasn't really happy with it. >=20 > Another github user 'tegularius' presented some beautifully crafted = code that did the lookups in a much neater way. Originally it too had = an 'ingress' lookup problem. This was worked on and I hacked some = conditional 'denat' options into cake & tc. >=20 > For your 'delight' a denat cake = https://github.com/kdarbyshirebryant/sch_cake/tree/natoptions along with = a matching tc https://github.com/kdarbyshirebryant/tc-adv/tree/denat >=20 > Typically I use 'dual-srchost srcnat' options on the egress interface, = with 'dual-dsthost dstnat' in the ingress ifb interface. In *brief* = testing, bandwidth is shared fairly between hosts, and fairly by flow = within each host. And it's not crashed yet. >=20 > Kevin > _______________________________________________ > Cake mailing list > Cake@lists.bufferbloat.net > https://lists.bufferbloat.net/listinfo/cake