Dave Taht wrote:
On Fri, Jan 13, 2017 at 5:49 AM, Alan Goodman
<notifications@xxxxxxxxxxxxxxxxxxxxxxxx> wrote:
'Just works' for me.
TF + HFSC + FQ_Codel. QoS categoriser written in iptables rules which mark
the traffic was 'cloned' across using ip6tables. Slight adjustments needed.
I pointed to a common mistake folk tend to make when dealing with
ipv6, in writing a filter rule, or a default bin, here:
https://www.bufferbloat.net/projects/cerowrt/wiki/Wondershaper_Must_Die/
When I started that rant I was seeing in nearly every off the shelf
shaper a tc pattern match that looked like this:
tc filter add dev $DEV parent ffff: protocol ip prio 50 u32 match ip src \
0.0.0.0/0 police rate ${DOWNLINK}kbit burst 10k drop flowid :1
Instead of
tc filter add dev ${DEV} parent ffff: protocol all match u32 0 0 \
police rate ${DOWNLINK}kbit burst 100k drop flowid :1
Not matching protocol "all", thus ipv4 only - and thus the instant you
added ipv6 to a network, the shaper (or policer in this case), failed
to shape successfully any traffic. Additional problems listed in the
link above. I went on a search-and-destroy mission on every shaper I
could find that was public to fix it a few years ago, but there's so
much copy/pasted tc code out there...
I was about to post that ip is just v4, but would also add - be careful
with protocol all as well. You may end up shaping/dropping "critical"
packets like arp.
--
To unsubscribe from this list: send the line "unsubscribe lartc" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
