From: Dave Taht <dave.taht@gmail.com>
To: Aaron Wood <woody77@gmail.com>
Cc: "Toke Høiland-Jørgensen" <toke@toke.dk>,
cerowrt-devel <cerowrt-devel@lists.bufferbloat.net>
Subject: Re: [Cerowrt-devel] fq_pie for linux
Date: Tue, 11 Dec 2018 10:37:51 -0800 [thread overview]
Message-ID: <CAA93jw5unaZidZ2Jo-p4OwJEnxCG9zDNJ4ZZXnCZDZJ0TPVBWw@mail.gmail.com> (raw)
In-Reply-To: <CALQXh-OgbGDM2qMtNy0iNf3b=0GYQRj5quAg1dPg76T3JwQwLg@mail.gmail.com>
On Tue, Dec 11, 2018 at 10:32 AM Aaron Wood <woody77@gmail.com> wrote:
>
> On Wed, Dec 5, 2018 at 11:51 PM Toke Høiland-Jørgensen <toke@toke.dk> wrote:
>>
>> Dave Taht <dave.taht@gmail.com> writes:
>>
>> > https://github.com/gautamramk/FQ-PIE-for-Linux-Kernel/issues/2
>>
>> With all the variants of fq+AQM, maybe decoupling the FQ part and the
>> AQM part would be worthwhile, instead of reimplementing it for each
>> variant...
>
>
> That's a great idea, Toke. There are a lot of places where I think it could work well, especially if it took a pluggable hash function for the hashing (at which point it's very general-purpose, and works on all sorts of different kinds of packets and workloads). That would let it be used for userspace VPN links (as an example), or within QUIC (or similar), where the kernel can't see the embedded flows that are hidden by the TLS encryption.
>
> And having it pluggable in the kernel would also allow IPSec to work without bloat (last I checked it was horribly bufferbloated, but that was ~5 years ago).
ipsec terminating on the router was made to work beautifully with
fq_codel with this commit, below.
Before:
http://www.taht.net/~d/ipsec_fq_codel/oldqos.png
After:
http://www.taht.net/~d/ipsec_fq_codel/newqos.png
It's why we keep hoping to do the same thing to wireguard.
commit 264b87fa617e758966108db48db220571ff3d60e
Author: Andrew Collins <acollins@cradlepoint.com>
Date: Wed Jan 18 14:04:28 2017 -0700
fq_codel: Avoid regenerating skb flow hash unless necessary
The fq_codel qdisc currently always regenerates the skb flow hash.
This wastes some cycles and prevents flow seperation in cases where
the traffic has been encrypted and can no longer be understood by the
flow dissector.
Change it to use the prexisting flow hash if one exists, and only
regenerate if necessary.
--
Dave Täht
CTO, TekLibre, LLC
http://www.teklibre.com
Tel: 1-831-205-9740
next prev parent reply other threads:[~2018-12-11 18:38 UTC|newest]
Thread overview: 12+ messages / expand[flat|nested] mbox.gz Atom feed top
2018-12-05 22:27 Dave Taht
2018-12-06 7:50 ` Toke Høiland-Jørgensen
2018-12-06 20:03 ` Dave Taht
2018-12-06 19:13 ` David Lang
2018-12-06 20:21 ` Dave Taht
2018-12-11 18:32 ` Aaron Wood
2018-12-11 18:37 ` Dave Taht [this message]
2018-12-11 18:38 ` Dave Taht
2018-12-11 18:38 ` Jonathan Morton
2018-12-11 18:39 ` Dave Taht
2018-12-11 20:23 ` Toke Høiland-Jørgensen
2018-12-11 20:35 ` Dave Taht
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
List information: https://lists.bufferbloat.net/postorius/lists/cerowrt-devel.lists.bufferbloat.net/
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=CAA93jw5unaZidZ2Jo-p4OwJEnxCG9zDNJ4ZZXnCZDZJ0TPVBWw@mail.gmail.com \
--to=dave.taht@gmail.com \
--cc=cerowrt-devel@lists.bufferbloat.net \
--cc=toke@toke.dk \
--cc=woody77@gmail.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox