[Cake] conntrack lookup continuation
John Sager
john at sager.me.uk
Fri Feb 3 11:42:15 EST 2017
I would support this. It would allow cake to behave pretty much as I have
HTB+fq_codel currently set up for both egress and ingress (via ifb0) on my
border router/firewall. I fwmark egress traffic based on various criteria
using ip[6]tables & transfer the marks to conntrack where they are recovered
on ingress to classify inbound responses to outbound requests.
It would also classify inbound traffic better if cake could use fwmarks in
that way as diffserv is currently pretty much useless for that purpose with
most ISPs.
John
On 31/01/17 21:14, chromatix99 at gmail.com (Jonathan Morton) wrote:
>> On 31 Jan, 2017, at 16:49, Felix Resch <fuller at beif.de> wrote:
>>
>> Since we now already do the conntrack-lookup for the nat keyword, would it be
>> expensive to implement a kind of internal conntrack-mark-and-restore by cake-tin?
>>
>> E.g. when traffic leaves throu canke tin#x, the conntrack entry will get a fwmark and return traffic is put in the corresponding tin/bin on the ingress cake.
>
> That's an interesting idea. At this point I don't know how easy it is to implement, though.
>
> Certainly we need to clean up some other things first.
>
> - Jonathan Morton
>
>
More information about the Cake
mailing list