[Bloat] cake + ipv6

Daniel Sterling sterling.daniel at gmail.com
Wed Sep 23 13:36:28 EDT 2020 

Thanks to everyone for their input,

I ran some updates on the xbox and watched iftop. I found that the
xbox does the following:

* uses up to four http (TCP port 80) connections at once to download data
* connects (seemingly randomly) to both ipv4 and ipv6 update hosts

That means at any given time, the xbox could be downloading solely via
ipv4, solely via ipv6, or a with mix of the two.

I believe this means when it's using both v4 and v6, it's getting
double its "share" of the bandwidth since cake can't tell that the v4
and v6 traffic is coming from the same LAN host -- is that correct?

I'm using the default "triple-isolate" parameter. I can try switching
to dual-src/dest host or even plain srchost / dsthost isolation. In
theory that should limit traffic more per download host, even if cake
can't determine the LAN host that's doing the downloading, right?

For reference here is my tc config:

root at OpenWrt:~# tc -s qdisc | grep cake
qdisc cake 1: dev eth1 root refcnt 2 bandwidth 20Mbit besteffort
triple-isolate nat nowash no-ack-filter split-gso rtt 100.0ms noatm
overhead 38 mpu 84
qdisc cake 1: dev eth0 root refcnt 2 bandwidth 40Mbit besteffort
triple-isolate nat nowash ingress no-ack-filter split-gso rtt 100.0ms
noatm overhead 38 mpu 84

eth1 is WAN, eth0 is LAN. This is openwrt running on a sandy bridge
PC, so both are real NICs. eth0 is an intel PCI NIC, eth1 is
motherboard NIC.

root at OpenWrt:~# uname -a
Linux OpenWrt 4.14.195 #0 SMP Mon Sep 7 18:27:30 2020 x86_64 GNU/Linux

root at OpenWrt:~# cat /proc/cpuinfo | grep name
model name      : Intel(R) Celeron(R) CPU 847 @ 1.10GHz

root at OpenWrt:~# for i in 0 1 ; do ethtool -i eth$i | grep driver ; done
driver: e1000e
driver: r8169

Thanks,
Dan

On Tue, Aug 18, 2020 at 5:55 PM Michael Richardson
<mcr+ietf at sandelman.ca> wrote:
>
>
> Daniel Sterling <sterling.daniel at gmail.com> wrote:
>     > As I'm sure you know ipv6 addresses are essentially random on the
>     > internal LAN as compared to v4 -- a box can grab as many v6 addresses
>     > as it wants, and I don't believe my linux router can really know which
>     > box is using which address, can it?
>
> So, IPv6 privacy extensions do this.
> But, they aren't really supposed to change that fast, and should ideally be
> sticky to an application.  So a single batch of xbox downloads should all use
> the same IID in the IPv6.
>
> On a home *LAN*, the L2 ethernet address won't change for the xbox, so ideally,
> the home router could build some kind of set based upon that, and then use
> that.
>
> Adding a layer of L3 router, of course, defeats that, and this is mostly the
> point of how privacy extensions are supposed to work.
>
>     > Which means... ipv6 breaks cake's flow isolation.
>
>     > Cake can't throttle all those xbox downloads correctly cuz it doesn't
>     > know they're all going to/from that one device.
>
> Are you explicitely throttling by IP address, or are you letting cake figure
> it out?
>
>     > I can think of one general solution -- run more wires to more devices,
>     > and give devices their own VLAN, and tag / prioritize / deprioritize
>     > specific traffic that way...
>
>     > But.. are there better / more general solutions?
>
> --
> Michael Richardson <mcr+IETF at sandelman.ca>, Sandelman Software Works
>  -= IPv6 IoT consulting =-

More information about the Bloat mailing list