From: Jesper Dangaard Brouer <jbrouer@redhat.com>
To: Eric Dumazet <eric.dumazet@gmail.com>
Cc: codel@lists.bufferbloat.net
Subject: Re: [Codel] hardware multiqueue in fq_codel?
Date: Mon, 15 Jul 2013 15:40:09 +0200 [thread overview]
Message-ID: <20130715154009.4c0d4531@redhat.com> (raw)
In-Reply-To: <1373648057.10804.29.camel@edumazet-glaptop>
On Fri, 12 Jul 2013 09:54:17 -0700
Eric Dumazet <eric.dumazet@gmail.com> wrote:
> On Fri, 2013-07-12 at 18:36 +0200, Sebastian Moeller wrote:
>
> >
> > Question, what stops the same attacker to also fudge the
> > TOS bits (say to land in priority band 0)? Just asking...
>
> This kind of thing is filtered before those packets arrive to the tx
> queue where pfifo_fast is plugged ;)
>
> TOS is properly checked/rewritten when alien packets enter your
> network.
>
> People caring with this do their own classification using iptables or
> tc filter rules.
Then they should also be smart enough to change their default fq_codel
qdisc, to be a prio band based qdisc... shouldn't they ;-)
Something as "easy" like:
ETH=eth66
NQUEUES=16 # or more, check how many tx queues your NIC supports
tc qdisc del dev $ETH root 2>/dev/null
tc qdisc add dev $ETH root handle 100: mq
for i in `seq 1 $NQUEUES`; do
tc qdisc add dev $ETH parent 100:$i handle $i: prio bands 3
tc qdisc add dev $ETH parent $i:1 pfifo limit 10
tc qdisc add dev $ETH parent $i:2 fq_codel
tc qdisc add dev $ETH parent $i:3 fq_codel
done
(p.s. sorry, I'm in a troll mood today ;-))
--
Best regards,
Jesper Dangaard Brouer
MSc.CS, Sr. Network Kernel Developer at Red Hat
Author of http://www.iptv-analyzer.org
LinkedIn: http://www.linkedin.com/in/brouer
next prev parent reply other threads:[~2013-07-15 13:40 UTC|newest]
Thread overview: 28+ messages / expand[flat|nested] mbox.gz Atom feed top
2013-07-11 17:09 Dave Taht
2013-07-11 17:44 ` Eric Dumazet
2013-07-11 18:06 ` Dave Taht
2013-07-11 18:54 ` Eric Dumazet
2013-07-11 21:18 ` Dave Taht
2013-07-12 0:06 ` Eric Dumazet
2013-07-12 0:48 ` Dave Taht
2013-07-12 9:34 ` Jesper Dangaard Brouer
2013-07-12 15:13 ` Eric Dumazet
2013-07-12 16:36 ` Sebastian Moeller
2013-07-12 16:54 ` Eric Dumazet
2013-07-12 17:00 ` Dave Taht
2013-07-15 13:40 ` Jesper Dangaard Brouer [this message]
2013-07-15 13:57 ` Eric Dumazet
2013-07-15 14:24 ` Jesper Dangaard Brouer
2013-07-15 15:30 ` Eric Dumazet
2013-07-15 17:19 ` Dave Taht
2013-07-12 16:37 ` Dave Taht
2013-07-12 16:39 ` Dave Taht
2013-07-12 16:50 ` Eric Dumazet
2013-07-12 16:54 ` Dave Taht
2013-07-12 17:19 ` Eric Dumazet
2013-07-12 17:35 ` Dave Taht
2013-07-12 17:47 ` Eric Dumazet
2013-07-12 18:06 ` Dave Taht
2013-07-15 12:56 ` Jesper Dangaard Brouer
2013-07-12 17:32 ` luca.muscariello
2013-07-11 19:41 ` Jonathan Morton
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
List information: https://lists.bufferbloat.net/postorius/lists/codel.lists.bufferbloat.net/
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20130715154009.4c0d4531@redhat.com \
--to=jbrouer@redhat.com \
--cc=codel@lists.bufferbloat.net \
--cc=eric.dumazet@gmail.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox