From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: from mail-yb1-xb36.google.com (mail-yb1-xb36.google.com [IPv6:2607:f8b0:4864:20::b36]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by lists.bufferbloat.net (Postfix) with ESMTPS id 905493B2A4 for ; Wed, 9 Nov 2022 11:07:07 -0500 (EST) Received: by mail-yb1-xb36.google.com with SMTP id r3so21541075yba.5 for ; Wed, 09 Nov 2022 08:07:07 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20210112; h=cc:to:subject:message-id:date:from:in-reply-to:references :mime-version:from:to:cc:subject:date:message-id:reply-to; bh=XMrBo39TMvkEbUAQmZJ/LiwJZ/uN1P5vEIaD0N281pg=; b=SpdqxQy6vFu55eMPsMRzpBIIHhGhU3jkfbXBgA4IgT2VyC8Fj7CGgjLwX4f4DFKC36 aMF7fFj3ndALixNfr0YWz47mX/H5U1hMDs7xpg6A3FdxQNCOFcaxq1pMOxya2FsYOmaj Cbsb/G6f1XvmP3YtB6nlgL0RrZdVqt+D49wYnfR6rnU3YRbcFakpYmWxmRynUlelgQMS 08k3nmFYqP3XVNndOscCa+YX1YQB/Ads0XrH8W1mn/2NiCeoBp5skcRxAshntCnPQT+5 5iKUgeRd4PIZeTf5yLduCurOWIZRLazeqayGGEj2CRGMWYwK1lh/PNeI8MCZXGrGRftA u+7A== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20210112; h=cc:to:subject:message-id:date:from:in-reply-to:references :mime-version:x-gm-message-state:from:to:cc:subject:date:message-id :reply-to; bh=XMrBo39TMvkEbUAQmZJ/LiwJZ/uN1P5vEIaD0N281pg=; b=w48P7WBiI6egV++5LFSpgvGSgZFMTkYHqYCmxMtdoz3hvqlDEGvJQnxZwReiSDN/yD uAJQDxipULp8c8Uip6TiglXwaIGCXjsEgmINTn8i7C2P9Y13Y9D9DaAgh4kWXbfcKUNg wUbzaQA2lHOjnC8kz7M0bZwxytgH+iRXXw4zKUK+kIqfgzG3zIwB2fXZD335f3YMb+2T Umk4EaQeSbSUoH9M3eIu/ZQd29SxEUn3DzWNv1Viu0JftNeUb4/W8x6rPFWAOE8aQhVX 2sDZV1so9Qzs+D7WeJfeOIhx+is/X66CwGKt53S8SrmUlQyx2WOi4mI6uSXBaa/V+9/X Bbag== X-Gm-Message-State: ACrzQf1ECPMHFgb9T2bo4Bq/AI9dFQiY8SVDiDp8I689/P2lAnCWxnv+ qlJruHylVDz6tJGHAzPF4Hbe07r1Qg0UcOmxlfc= X-Google-Smtp-Source: AMsMyM7GgC3qRd72s3lpYY57/8Y1G+VGx/oEi/itw9G7KwGs6CCitNx3coot2a4/yxCjT7mcIs2AxOEI3Xr/AMZ1BvM= X-Received: by 2002:a25:2d63:0:b0:6ca:3fe:3f2d with SMTP id s35-20020a252d63000000b006ca03fe3f2dmr58710459ybe.90.1668010026696; Wed, 09 Nov 2022 08:07:06 -0800 (PST) MIME-Version: 1.0 References: In-Reply-To: From: dan Date: Wed, 9 Nov 2022 09:06:55 -0700 Message-ID: To: =?UTF-8?Q?Robert_Chac=C3=B3n?= Cc: Herbert Wolverson , libreqos Content-Type: multipart/alternative; boundary="0000000000001f85ad05ed0bd963" Subject: Re: [LibreQoS] Tracking unknown IPs (maybe for 1.4?) X-BeenThere: libreqos@lists.bufferbloat.net X-Mailman-Version: 2.1.20 Precedence: list List-Id: Many ISPs need the kinds of quality shaping cake can do List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 09 Nov 2022 16:07:07 -0000 --0000000000001f85ad05ed0bd963 Content-Type: text/plain; charset="UTF-8" Content-Transfer-Encoding: quoted-printable How are you linking UISP to RADIUS? On Sat, Nov 5, 2022 at 10:29 AM Robert Chac=C3=B3n via LibreQoS < libreqos@lists.bufferbloat.net> wrote: > In our particular case we use RADIUS tied to UISP so we don't have the > immediate need, but I think it's an important feature to add. > > Perhaps cpumap-pping can have a feature to define "shaped subnets" during > the filter setup, and then we could query cpumap-pping for a JSON output = of > IPs detected in traffic that are in the "shaped subnets" groups, but not > defined in the hash map. > > Curious to hear what others think here. Would others need this in order t= o > adopt LibreQoS? > > > On Sat, Nov 5, 2022 at 7:33 AM Herbert Wolverson via LibreQoS < > libreqos@lists.bufferbloat.net> wrote: > >> As we approach the v1.3 pre-release feature freeze, I've been thinking a >> little bit about nice things to have. One thing I found useful in both >> BracketQoS and Preseem was the ability to grab a list of IP addresses th= at >> had been through the shaper, but weren't mapped to a queue (obviously, o= nly >> from within the "allowed IP" range - we're not trying to map the Interne= t!). >> >> In Preseem, there's a link to download a CSV file containing all the >> unmapped IP addresses and how much traffic they have consumed. BracketQo= S >> (pre cpumap-pping) has a report showing the IPs (no traffic). >> >> *Why is this useful?* >> >> Knowing which local IP addresses were processed but not mapped lets you >> find: >> >> * the times that a device was installed, but the on-boarding process >> wasn't completed. Yes, that shouldn't happen. And - unfortunately - it >> occasionally does. If you're using RADIUS-based authentication, it's rea= lly >> difficult for this to happen - but not everyone is. >> * If there's a bug in your shaper integration, it's helpful to see "oops= , >> I put X on the default" >> * Just occasionally, you get a customer who needs a special setup; it's >> helpful to see that it worked. >> >> *Current Status* >> >> Before cpumap-pping, Bracket was grabbing them by reading the pping >> output and listing addresses that didn't match a shaping rule. That does= n't >> work now: >> >> * xdp_pping is spitting out TC handles, rather than IP addresses. >> * With a default rule in place, and handling for IPv6 and IPv4 subnets, >> an IP address might not exactly match an entry (requires an LPM trie >> lookup) - and IPs matching a default rule (::/0 or 0.0.0.0/0) will >> always come back with the "default" handle. >> >> It's currently pretty tricky to do. >> >> So I'm curious; would others like to see this? I have a few ideas for ho= w >> to make it work, but don't want to start serious planning/design if I'm = the >> only one who wants the feature. >> _______________________________________________ >> LibreQoS mailing list >> LibreQoS@lists.bufferbloat.net >> https://lists.bufferbloat.net/listinfo/libreqos >> > > > -- > Robert Chac=C3=B3n > CEO | JackRabbit Wireless LLC > Dev | LibreQoS.io > > _______________________________________________ > LibreQoS mailing list > LibreQoS@lists.bufferbloat.net > https://lists.bufferbloat.net/listinfo/libreqos > --0000000000001f85ad05ed0bd963 Content-Type: text/html; charset="UTF-8" Content-Transfer-Encoding: quoted-printable
How are you linking UISP to RADIUS?

On Sat, Nov 5, 2022 at = 10:29 AM Robert Chac=C3=B3n via LibreQoS <libreqos@lists.bufferbloat.net> wrote:
=
In our particular case we use RADIUS tied to UISP so we don't h= ave the immediate need, but I think it's an important feature to add.

Perhaps cpumap-pping can have a feature to define &= quot;shaped subnets" during the filter setup, and then we could query = cpumap-pping for a JSON output of IPs detected in traffic that are in the &= quot;shaped subnets" groups, but not defined in the hash map.

Curious to hear what others think here. Would others need = this in order to adopt LibreQoS?




* the times that a device was installed, but the on-boarding process wasn&= #39;t completed. Yes, that shouldn't happen. And - unfortunately - it o= ccasionally does. If you're using RADIUS-based authentication, it's= really difficult for this to happen - but not everyone is.


Before cpumap-pping, Bracket was grabbing them by reading the pping outp= ut and listing addresses that didn't match a shaping rule. That doesn&#= 39;t work now:


<= div>It's currently pretty tricky to do.

So I&#= 39;m curious; would others like to see this? I have a few ideas for how to = make it work, but don't want to start serious planning/design if I'= m the only one who wants the feature.
_______________________________________________
LibreQoS mailing list
LibreQo= S@lists.bufferbloat.net
https://lists.bufferbloat.net/listinfo/libreqos

--
Robert Chac=C3=B3n

<= /div>
_______________________________________________
LibreQoS mailing list
LibreQo= S@lists.bufferbloat.net
https://lists.bufferbloat.net/listinfo/libreqos
--0000000000001f85ad05ed0bd963--