From: David Lang <david@lang.hm>
To: Stephen Hemminger <stephen@networkplumber.org>
Cc: moeller0 <moeller0@gmx.de>, cake@lists.bufferbloat.net
Subject: Re: [Cake] Fwd: [Codel] fq_codel_drop vs a udp flood
Date: Fri, 6 May 2016 11:50:26 -0700 (PDT) [thread overview]
Message-ID: <alpine.DEB.2.02.1605061149290.1768@nftneq.ynat.uz> (raw)
In-Reply-To: <20160506083114.0730d9f1@xeon-e3>
[-- Attachment #1: Type: TEXT/PLAIN, Size: 2035 bytes --]
On Fri, 6 May 2016, Stephen Hemminger wrote:
> On Fri, 6 May 2016 02:00:02 -0700 (PDT)
> David Lang <david@lang.hm> wrote:
>
>> On Fri, 6 May 2016, moeller0 wrote:
>>
>>> Hi Jonathan,
>>>
>>>> On May 6, 2016, at 06:44 , Jonathan Morton <chromatix99@gmail.com> wrote:
>>>>
>>>>
>>>>> On 6 May, 2016, at 07:35, Dave Taht <dave.taht@gmail.com> wrote:
>>>>>
>>>>> this would be a pretty nifty feature for cake to have in this hostile universe.
>>>>
>>>> Yes, but difficult to implement since the trailing fragments lose the proto/port information, and thus get sorted into a different queue than the leading fragment. We would essentially need to implement the same tracking mechanisms as for actual reassembly.
>>>
>>> But the receiver needs to be able to re-segment the fragments so all required information needs to be there; what about looking at src and dst address and the MF flag in the header as well as the fragment offset and scrape proto/port from the leading fragment and “virtually” apply it to all following fragments, that way cake will do the right thing. All of this might be too costly in implementation and computation to be feasible…
>>
>> wait a minute here. If the fragments are going to go over the network as
>> separate packets, each fragment must include source/dest ip and source/dest
>> port, otherwise the recipient isn't going to be able to figure out what to do
>> with it.
>>
>> David Lang
>
> Fragments are reassembled by IP id, not src/dest port.
> Only the first fragment has the L4 header with src/dest port,
> all the rest are just data.
>
> That is why most firewalls reassemble all packets (and then refragment as needed)
> to allow matching on port values.
actually, many firewalls do not reassemble packets, they pass packets through
without reassembly.
what IP id are you referring to? I don't remember any such field in the packet
header.
David Lang
> For several cases where flow information is necessary most code does:
> flowid = is_fragementd(ip) ? ip->id : hash(ip + tcp)
>
>
next prev parent reply other threads:[~2016-05-06 18:50 UTC|newest]
Thread overview: 15+ messages / expand[flat|nested] mbox.gz Atom feed top
[not found] <CAA93jw6QLyx9EaS+ntB0D3duoysu_Z-UYyQfHnRa=pfqPDfWOw@mail.gmail.com>
[not found] ` <1462125592.5535.194.camel@edumazet-glaptop3.roam.corp.google.com>
[not found] ` <865DA393-262D-40B6-A9D3-1B978CD5F6C6@gmail.com>
[not found] ` <1462128385.5535.200.camel@edumazet-glaptop3.roam.corp.google.com>
[not found] ` <C5D365DA-18EE-446E-9D25-41F48B1C583E@gmail.com>
[not found] ` <1462136140.5535.219.camel@edumazet-glaptop3.roam.corp.google.com>
[not found] ` <CACiydbKUu11=zWitkDha0ddgk1-G_Z4-e1+=9ky776VktF5HHg@mail.gmail.com>
[not found] ` <1462201620.5535.250.camel@edumazet-glaptop3.roam.corp.google.com>
[not found] ` <CACiydbKeKUENncrc-NmYRcku-DGVeGqqzYMqsCqKdxPsR7yUOQ@mail.gmail.com>
[not found] ` <1462205669.5535.254.camel@edumazet-glaptop3.roam.corp.google.com>
[not found] ` <CACiydbL26Jj3EcEL4EmqaH=1Dm-Q0dpVwoWxqUSZ7ry10bRgeg@mail.gmail.com>
[not found] ` <CAA93jw5Y3DSzuOZo=S6_dsUqJvy_3ThNe6tMic2ZJ14kQPnFHg@mail.gmail.com>
[not found] ` <CACiydb+kOLNBwEn+gDU3fZrXEQxp5FMFLH_mDS1ZO5J8r9yiBA@mail.gmail.com>
[not found] ` <2D83E4F6-03DD-4421-AAE0-DD3C6A8AFCE0@gmail.com>
[not found] ` <CAA93jw6Aj3Rcsm=Q=KZVrW_TGThVwu6pRAN3nNQ4tvSODY_zUg@mail.gmail.com>
2016-05-06 4:35 ` Dave Taht
2016-05-06 4:44 ` Jonathan Morton
2016-05-06 4:57 ` Dave Taht
2016-05-06 8:49 ` moeller0
2016-05-06 9:00 ` David Lang
2016-05-06 9:36 ` moeller0
2016-05-06 15:31 ` Stephen Hemminger
2016-05-06 18:50 ` David Lang [this message]
2016-05-06 18:53 ` Jonathan Morton
2016-05-06 19:14 ` David Lang
2016-05-06 19:33 ` Jonathan Morton
2016-05-06 19:54 ` David Lang
2016-05-06 19:58 ` David Lang
2016-05-06 23:14 ` Benjamin Cronce
2016-05-07 2:09 ` David Lang
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
List information: https://lists.bufferbloat.net/postorius/lists/cake.lists.bufferbloat.net/
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=alpine.DEB.2.02.1605061149290.1768@nftneq.ynat.uz \
--to=david@lang.hm \
--cc=cake@lists.bufferbloat.net \
--cc=moeller0@gmx.de \
--cc=stephen@networkplumber.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox