[Cake] conntrack lookup continuation

Dave Taht dave.taht at gmail.com
Fri Feb 3 12:08:31 EST 2017


On Fri, Feb 3, 2017 at 8:42 AM, John Sager <john at sager.me.uk> wrote:
> I would support this. It would allow cake to behave pretty much as I have
> HTB+fq_codel currently set up for both egress and ingress (via ifb0) on my
> border router/firewall. I fwmark egress traffic based on various criteria
> using ip[6]tables & transfer the marks to conntrack where they are recovered
> on ingress to classify inbound responses to outbound requests.

I'm not huge on using fwmarks. Is this because you cannot re-mark
w/dscp consistently via conntrack?

>
> It would also classify inbound traffic better if cake could use fwmarks in
> that way as diffserv is currently pretty much useless for that purpose with
> most ISPs.

My understanding of this is that cake runs before iptables does on
inbound. (?) so fw marks won't help here. But it's probable I'm wrong.

> John
>
> On 31/01/17 21:14, chromatix99 at gmail.com (Jonathan Morton) wrote:
>>> On 31 Jan, 2017, at 16:49, Felix Resch <fuller at beif.de> wrote:
>>>
>>> Since we now already do the conntrack-lookup for the nat keyword, would it be
>>> expensive to implement a kind of internal conntrack-mark-and-restore by cake-tin?
>>>
>>> E.g. when traffic leaves throu canke tin#x, the conntrack entry will get a fwmark and return traffic is put in the corresponding tin/bin on the ingress cake.
>>
>> That's an interesting idea.  At this point I don't know how easy it is to implement, though.
>>
>> Certainly we need to clean up some other things first.
>>
>>  - Jonathan Morton
>>
>>
> _______________________________________________
> Cake mailing list
> Cake at lists.bufferbloat.net
> https://lists.bufferbloat.net/listinfo/cake



-- 
Dave Täht
Let's go make home routers and wifi faster! With better software!
http://blog.cerowrt.org


More information about the Cake mailing list