[Cake] flow isolation for ISPs
Dave Taht
dave at taht.net
Thu Apr 6 10:41:37 EDT 2017
If I had a "vision" here, it was to create a more advanced version
of the the ipset facility, where a customer was represented by
all the IP addresses they might have.
Mac addresses might be hard to get at especially if you were
trying to do this at a layer back from the DSLAM or CMTS.
IP 222.22.22.1 -> 1 customer address
IP 222::1/128 -> 1 v6 p2p on the external interface
IP 222::2/128 -> 1 customer router
IP 222:1::/56 -> 1 customer internal delegation
IP 222.22.22.2 -> 2 customer address
IP 222::3/128 -> 2 v6 p2p on the external interface
IP 222::4/128 -> 2 customer router
IP 222:2::/56 -> 2 customer internal delegation
These would all get thrown into one big ipset (and route)
table, and you'd use the index to hand off to a cake-like
qdisc hanging off of something htb-like.
Sadly:
A) Ipset doesn't work this way (you only get matches)
B) Line conditions vary
C) Total throughput possible on the link varies
as a function of the total bandwidth being used.
Who do you throttle when you are out?
PS (this is my first test of switching back to emacs
again to send mail, let me know if it looks funny)
More information about the Cake
mailing list