Martin Devera schrieb: > > I thought about changing qos subsystem to support real ingress queueing > > without imq or something. Kind of two root qdiscs per device. What do > > you > > (and others) think about this ? > > There already is somethink like it (ingres) only it doesn't queue .. :) In my eyes current ingres is just a hack. > IMO the main problem will be to understand whole machinery in > sch_generic.c and likes. > Also Jamal and Alexey are against this ... But I think it is worth Why ? I guess IMQ prooves ingress shaping DOES work so i can't see any good reason .. > of doing it. Especially in 2.4 where we have both rx and tx softirqs > it should not be so comlicated to do it. One problem i see is that unlike imq it would probably be placed in net_rx_action so you can't use netfilter marks for filters which i guess is really bad for ingress because without iptables you cannot use any kind of connection state etc. information for filters so preventing DOS will be much harder, but that will probably remain unsolvable .. Patrick
