[Cake] flow isolation for ISPs
peteheist at gmail.com
Fri Apr 7 04:13:31 EDT 2017
> On Apr 6, 2017, at 11:26 AM, Pete Heist <peteheist at gmail.com> wrote:
>> On Apr 6, 2017, at 11:11 AM, Jonathan Morton <chromatix99 at gmail.com> wrote:
>> On 6 Apr, 2017, at 11:27, Pete Heist <peteheist at gmail.com> wrote:
>>> There is a table of member ID to a list of MAC addresses for the member, so if there could somehow be fairness based on that table and by MAC address, that could solve it, but I don’t see how it could be implemented.
>> One option would be to use HTB with FLOWER filters to sort out the subscribers into classes, and use Cake or fq_codel as a child qdisc per class. Remember that Cake can be used in “unlimited” mode to rely on an external shaping source.
One more thought, would it be possible for Cake to optionally include the packet’s mark in the hash?
I know it’s additional functionality, and another keyword, but it could get you out of the business of the myriad of ways people might want to do flow isolation, and you’d still have a catch-all answer for such cases.
There could be a keyword ‘hash-mark’, let’s say, which first includes the mark in the hash, then does on to deal with any other flow isolation keywords as usual. So for example if I have ‘hash-mark’ and ‘dual-srchost’, the hash is first on the mark, then by source host, then by flow. I could set the mark to be the member number with iptables.
It looks like the mark could be obtained from the ‘mark' field of the sk_buff struct, but I don’t know the validity of the field in various cases. For example, I don’t think I can set the mark on ingress before it reaches a qdisc on an IFB device.
More information about the Cake