On Fri, Jan 13, 2017 at 10:02 AM, Andy Furniss <adf.lists@xxxxxxxxx> wrote: > Dave Taht wrote: >> >> On Fri, Jan 13, 2017 at 5:49 AM, Alan Goodman >> <notifications@xxxxxxxxxxxxxxxxxxxxxxxx> wrote: >>> >>> 'Just works' for me. >>> >>> TF + HFSC + FQ_Codel. QoS categoriser written in iptables rules which >>> mark >>> the traffic was 'cloned' across using ip6tables. Slight adjustments >>> needed. >> >> >> I pointed to a common mistake folk tend to make when dealing with >> ipv6, in writing a filter rule, or a default bin, here: >> >> https://www.bufferbloat.net/projects/cerowrt/wiki/Wondershaper_Must_Die/ >> >> When I started that rant I was seeing in nearly every off the shelf >> shaper a tc pattern match that looked like this: >> >> tc filter add dev $DEV parent ffff: protocol ip prio 50 u32 match ip src \ >> 0.0.0.0/0 police rate ${DOWNLINK}kbit burst 10k drop flowid :1 >> >> Instead of >> >> tc filter add dev ${DEV} parent ffff: protocol all match u32 0 0 \ >> police rate ${DOWNLINK}kbit burst 100k drop flowid :1 >> >> >> Not matching protocol "all", thus ipv4 only - and thus the instant you >> added ipv6 to a network, the shaper (or policer in this case), failed >> to shape successfully any traffic. Additional problems listed in the >> link above. I went on a search-and-destroy mission on every shaper I >> could find that was public to fix it a few years ago, but there's so >> much copy/pasted tc code out there... > > > I was about to post that ip is just v4, but would also add - be careful > with protocol all as well. You may end up shaping/dropping "critical" > packets like arp. Not sure I understand, arp is matched with all? ip v4 is not? We ended up adding an explicit arp prioritization to cake recently. (see https://github.com/dtaht/sch_cake/commit/644b7efb2a552ba76871e65033c58275c15207f9 ) cake eliminates a whole raft of other oft-required tc magic, I hope we get around to mainlining it this year. -- Dave Täht Let's go make home routers and wifi faster! With better software! http://blog.cerowrt.org -- To unsubscribe from this list: send the line "unsubscribe lartc" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html
