From mboxrd@z Thu Jan  1 00:00:00 1970
Return-Path: <eric.dumazet@gmail.com>
Received: from mail-pa0-x22d.google.com (mail-pa0-x22d.google.com
	[IPv6:2607:f8b0:400e:c03::22d])
	(using TLSv1 with cipher RC4-SHA (128/128 bits))
	(Client CN "smtp.gmail.com",
	Issuer "Google Internet Authority" (verified OK))
	by huchra.bufferbloat.net (Postfix) with ESMTPS id 38CD421F151
	for <codel@lists.bufferbloat.net>; Fri, 12 Jul 2013 09:54:19 -0700 (PDT)
Received: by mail-pa0-f45.google.com with SMTP id bi5so9161213pad.32
	for <codel@lists.bufferbloat.net>; Fri, 12 Jul 2013 09:54:18 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113;
	h=message-id:subject:from:to:cc:date:in-reply-to:references
	:content-type:x-mailer:content-transfer-encoding:mime-version;
	bh=82nxvIXWMN/ZtavBdZ1BqYHY2OEWft95sx71525MBQE=;
	b=oXBHVXZozveRSIHMdnO6oXSfK62uVig8HPVzoVoAhqVEzGKmG/SaPknYzzlIW/XI0L
	pi8lfn2hX9I5qOJCN6HC8OatcjTpo6X/dAhThuZMfVX1aTOdUWHNX56EviPvBbu9FOVV
	7XXc2HMAYgALNfftCWKGl590QkePKeFKbPdsw08PfwBe1u+x/VvnCGNeHes4LVgyEZsN
	5kNIu+0jieHUObzXgtotbbdmNHyOQH27U2RpAgj68YomDzfS3HxR87CXEsiVzbb8arNI
	Edn84CzPHHy1rwLABVGm3P8f3BPwYCCIa4yldC63s2Okr6N986BjCzCa6Pf2jDDoUAxf
	VOHw==
X-Received: by 10.66.226.111 with SMTP id rr15mr11401962pac.122.1373648058667; 
	Fri, 12 Jul 2013 09:54:18 -0700 (PDT)
Received: from ?IPv6:2620:0:1000:3304:2f:cc3b:ee84:65d9?
	([2620:0:1000:3304:2f:cc3b:ee84:65d9])
	by mx.google.com with ESMTPSA id z14sm33167240pbt.0.2013.07.12.09.54.17
	for <multiple recipients>
	(version=SSLv3 cipher=RC4-SHA bits=128/128);
	Fri, 12 Jul 2013 09:54:18 -0700 (PDT)
Message-ID: <1373648057.10804.29.camel@edumazet-glaptop>
From: Eric Dumazet <eric.dumazet@gmail.com>
To: Sebastian Moeller <moeller0@gmx.de>
Date: Fri, 12 Jul 2013 09:54:17 -0700
In-Reply-To: <FAD20AE2-21C2-43E2-8DDD-B695BA6FE6E2@gmx.de>
References: <CAA93jw5SBtsz3=L9M7mhASg9oAVyvysFL9VNwc-52mOk4HWg8A@mail.gmail.com>
	<1373564673.4600.55.camel@edumazet-glaptop>
	<CAA93jw6rd1G2Q4pmfAB5GPuwfqCbVPDw6njCaceszD9q5Avz_A@mail.gmail.com>
	<1373568848.4600.66.camel@edumazet-glaptop>
	<CAA93jw4+TcWOBH8mMpsk6EAO-EVzemHvx1FjPbrevEzqTJmr_A@mail.gmail.com>
	<20130712113413.4b601800@redhat.com>
	<1373642001.10804.18.camel@edumazet-glaptop>
	<FAD20AE2-21C2-43E2-8DDD-B695BA6FE6E2@gmx.de>
Content-Type: text/plain; charset="UTF-8"
X-Mailer: Evolution 3.2.3-0ubuntu6 
Content-Transfer-Encoding: 7bit
Mime-Version: 1.0
Cc: codel@lists.bufferbloat.net, Jesper Dangaard Brouer <jbrouer@redhat.com>
Subject: Re: [Codel] hardware multiqueue in fq_codel?
X-BeenThere: codel@lists.bufferbloat.net
X-Mailman-Version: 2.1.13
Precedence: list
List-Id: CoDel AQM discussions <codel.lists.bufferbloat.net>
List-Unsubscribe: <https://lists.bufferbloat.net/options/codel>,
	<mailto:codel-request@lists.bufferbloat.net?subject=unsubscribe>
List-Archive: <https://lists.bufferbloat.net/pipermail/codel>
List-Post: <mailto:codel@lists.bufferbloat.net>
List-Help: <mailto:codel-request@lists.bufferbloat.net?subject=help>
List-Subscribe: <https://lists.bufferbloat.net/listinfo/codel>,
	<mailto:codel-request@lists.bufferbloat.net?subject=subscribe>
X-List-Received-Date: Fri, 12 Jul 2013 16:54:19 -0000

On Fri, 2013-07-12 at 18:36 +0200, Sebastian Moeller wrote:

> 
> 	Question, what stops the same attacker to also fudge the TOS bits (say to land in priority band 0)? Just asking...

This kind of thing is filtered before those packets arrive to the tx
queue where pfifo_fast is plugged ;)

TOS is properly checked/rewritten when alien packets enter your network.

People caring with this do their own classification using iptables or tc
filter rules.