<html><head><meta http-equiv="Content-Type" content="text/html; charset=utf-8"></head><body style="word-wrap: break-word; -webkit-nbsp-mode: space; line-break: after-white-space;" class=""><br class=""><div><br class=""><blockquote type="cite" class=""><div class="">On Aug 22, 2018, at 11:37 AM, Toke Høiland-Jørgensen <<a href="mailto:toke@toke.dk" class="">toke@toke.dk</a>> wrote:</div><br class="Apple-interchange-newline"><div class=""><div class="">Pete Heist <<a href="mailto:pete@heistp.net" class="">pete@heistp.net</a>> writes:<br class=""><br class=""><blockquote type="cite" class=""><blockquote type="cite" class="">On Aug 22, 2018, at 8:17 AM, Jonathan Morton <<a href="mailto:chromatix99@gmail.com" class="">chromatix99@gmail.com</a>> wrote:<br class=""><br class="">One difference between fq_codel and Cake is that the former - which<br class="">has no shaper - will "bypass" packets when it's empty and there's no<br class="">back-pressure filling it. In that case no packet classification<br class="">occurs and filters will not be called. Or at least, that's how it<br class="">used to be set up; I haven't looked at it recently. Cake does not<br class="">rely on the same set of assumptions, so will always call the filter.<br class=""></blockquote><br class="">Aha, that sounds likely, I’ll try with htb and a rate limit. Testing<br class="">with fq_codel was challenging as I had to “do stuff” until my printk’s<br class="">were eventually called, but it’s easier now that I can use cake. I<br class="">suppose in my case fq_codel’s behavior would be ok in production,<br class="">because if there’s no queue then there’s no need to classify. Maybe in<br class="">some other cases (like gathering stats), it could be problematic.<br class=""></blockquote><br class="">fq_codel turns off the bypass capability if you attach a tc filter to<br class="">it, though, so if the issue you're seeing is that you filter function is<br class="">not being called, that sounds... strange...<br class=""><br class="">How do you check if the function is being called?<br class=""></div></div></blockquote></div><br class=""><div class="">With printk and "sudo tc exec bpf dbg” to tail the output. For example, in act_main of this file I just added one more line to print “act_main” if TCU_DEBUG is defined:</div><div class=""><br class=""></div><div class=""><a href="https://github.com/heistp/tc-users/blob/master/tc-users-bpf.c" class="">https://github.com/heistp/tc-users/blob/master/tc-users-bpf.c</a></div><div class=""><br class=""></div><div class="">And here’s an example of verifier weirdness (not that you need to look into this)…</div><div class=""><br class=""></div><div class="">If IPV6_SUPPORT_V2 is defined but TCU_DEBUG is not, the verifier error is:</div><div class=""><br class=""></div><div class="">"math between pkt pointer and 4294901760 is not allowed"</div><div class=""><br class=""></div><div class="">If IPV6_SUPPORT_V2 is defined but TCU_DEBUG *is* (which just defines the prink func and adds two printk lines, and otherwise works without IPV6_SUPPORT_V2 defined), the verifier error is:</div><div class=""><br class=""></div><div class="">"R3 bitwise operator &= on pointer prohibited"</div></body></html>