[Cake] flow isolation for ISPs

Pete Heist peteheist at gmail.com
Thu Apr 6 04:27:02 EDT 2017

Suppose there is a cooperative ISP that has some members who access the network through a single device (like a router with NAT), while others use multiple devices and leave routing to the ISPs routers. (No need to suppose, actually.)

There’s fairness at the IP address level (currently with esfq, maybe soon with Cake), but it's not fair that members with multiple devices effectively get one hash bucket per device, so if you have more devices connected at once, you win. There is a table of member ID to a list of MAC addresses for the member, so if there could somehow be fairness based on that table and by MAC address, that could solve it, but I don’t see how it could be implemented.

Is it possible to customize the hashing algorithm used for flow isolation, either with Cake or some other way?

The only options I can think of now:

- force each member to use only one IP address (probably impractical at this point with hundreds of members)
- use one queue per member in an HTB hierarchy, for example, with filters matching each member’s devices, but that seems difficult to manage
- wait years for IPv6 deployment, allocate subnets to each member and wait for qdiscs that have the ability to hash by IPv6 subnet :)

More information about the Cake mailing list