2016-09-12 5:12 GMT+08:00 Florian Westphal <fw@xxxxxxxxx>:
> Liping Zhang <zlpnobody@xxxxxxx> wrote:
>> So similer to nft_nat, take two registers to select the queue numbers,
>> then we can add one simple rule to mapping queues, maybe like this:
>> queue num tcp dport map { 80:0, 81:1, 82:2 ... }
>
> I like this.
>
> My first thought was that it would be better to just support one single
> sreg (the queue number) and eventually externalize the hashing/queue
> selection:
>
> queue num jhash ip saddr . ip daddr mod ...
Sounds good.
At first, my another intention is use _SREG_FROM and _SREG_TO to replace
_QUEUE_NUM and _QUEUE_TOTAL, there's no restriction to use range 0-65535:
[ immediate reg 1 0x00000000 ]
[ immediate reg 2 0x0000ffff ]
[ queue num 0 reg_from 1 reg_to 2 ]
But I think your "queue num jhash ip saddr . ip daddr mod ..." is more
flexible and
there's no restriction to use range 0-65535 too.
I agree with you, one sreg seems enough. I will send V2 later.
> Problem is that with plain jhash we won't get a symmetric hash
> for origin and reply, so for this we would need a new expression/hash
> mode.
>
> We would also need another expression to allow distribution
> starting with a queue other than 0.
I think Laura is developing this option, see
https://patchwork.ozlabs.org/patch/666334/.
--
To unsubscribe from this list: send the line "unsubscribe netfilter-devel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
