Patch to apply QoS for DTLS

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



This looks good, thanks!

Please could you include a Signed-off-by: tag as discussed at
http://www.infradead.org/openconnect/contribute.html ?


On Thu, 2015-08-13 at 17:31 +0200, Ralph Schmieder wrote:
> diff -rupN openconnect-7.06/dtls.c openconnect-7.06-rschmied/dtls.c
> --- openconnect-7.06/dtls.c> 	> 2015-02-27 10:56:03.000000000 +0000
> +++ openconnect-7.06-rschmied/dtls.c> 	> 2015-08-13 15:05:46.400228058 +0000
> @@ -25,6 +25,8 @@
>  #include 
>  #include 
>  #include 
> +#include 
> +#include 
>  
>  #include "openconnect-internal.h"
>  
> @@ -901,7 +903,38 @@ int dtls_mainloop(struct openconnect_inf
>  > 	> while (vpninfo->outgoing_queue.head) {
>  > 	> 	> struct pkt *this = dequeue_packet(&vpninfo->outgoing_queue);
>  > 	> 	> struct pkt *send_pkt = this;
> -> 	> 	> int ret;
> +> 	> 	> int ret, valid=1;
> +> 	> 	> struct ip *iph;
> +> 	> 	> struct ip6_hdr *ip6h;
> +> 	> 	> uint8_t tos;
> +
> +> 	> 	> /* Unless no-tos-copy is set we want to copy the TOS/TCLASS header */
> +> 	> 	> /* to the outer UDP packet */
> +> 	> 	> if (!vpninfo->dtls_no_tos_copy) {

qv.

> +			/* get the TOS / TCLASS value of the original frame */
> +> 	> 	> 	> iph = (struct ip *)this->data;
> +> 	> 	> 	> if (iph->ip_v == 6 && this->len > sizeof(struct ip6_hdr)) {
> +> 	> 	> 	> 	> /* AF_INET6 */
> +> 	> 	> 	> 	> ip6h = (struct ip6_hdr *)this->data;
> +> 	> 	> 	> 	> tos = (ntohl(0x0FF00000) & ip6h->ip6_flow) >> 20;
> +> 	> 	> 	> } else if (iph->ip_v == 4 && this->len > sizeof(struct iphdr)) {
> +> 	> 	> 	> 	> /* AF_INET */
> +> 	> 	> 	> 	> tos = iph->ip_tos;
> +> 	> 	> 	> } else {

This is the right thing to do. However, it's painful. The definitions
of IPv6 and Legacy IP headers are in different places on different
systems. In oncp.c you'll see I eventually bailed on doing it 'nicely'
and just did it manually ? see the code which gets 'iplen' at around
line 997.

Please could you do the same here for the TOS/TCLASS bits? It's not so
nice, but you can console yourself with the fact that the IPv4 and IPv6
header structures *aren't* going to change...

> --- openconnect-7.06/ssl.c> 	> 2015-03-17 13:29:49.000000000 +0000
> +++ openconnect-7.06-rschmied/ssl.c> 	> 2015-08-13 14:43:38.848221182 +0000
> @@ -810,9 +810,13 @@ int udp_sockaddr(struct openconnect_info
>  > 	> if (vpninfo->peer_addr->sa_family == AF_INET) {
>  > 	> 	> struct sockaddr_in *sin = (void *)vpninfo->dtls_addr;
>  > 	> 	> sin->sin_port = htons(port);
 #ifdef IP_TOS
    if (!vpninfo->dtls_no_tos_copy) {
> +		vpninfo->dtls_tos_level = IPPROTO_IP;
> +> 	> 	> vpninfo->dtls_tos_optname = IP_TOS;
    }
 #endif
>  	} else if (vpninfo->peer_addr->sa_family == AF_INET6) {
>  > 	> 	> struct sockaddr_in6 *sin = (void *)vpninfo->dtls_addr;
>  > 	> 	> sin->sin6_port = htons(port);
 #ifdef IPV6_TCLASS
    if (vpninfo->dtls_no_tos_copy) {
> +		vpninfo->dtls_tos_level = IPPROTO_IPV6;
> +> 	> 	> vpninfo->dtls_tos_optname = IPV6_TCLASS;
    }
>  	} else {
>  > 	> 	> vpn_progress(vpninfo, PRG_ERR,
>  > 	> 	> 	>      _("Unknown protocol family %d. Cannot create UDP server address\n"),

You can probably get away without a configure check, iuf you do what I
showed above.  And then up there where I said 'qv' to your
'if (!vpninfo->dtls_no_tos_copy)', make that
'if (vpninfo->dtls_tos_optname)' instead.

Which will make it happen if it's not disabled *and* if the system
we're running on supports it for the IP protocol that we happen to be
connected over.

Does that make sense?

You'll want to reset vpninfo->dtls_tos_optname when the connection is
reset, to prevent it being inappropriately reused. 

-- 
David Woodhouse                            Open Source Technology Centre
David.Woodhouse at intel.com                              Intel Corporation
-------------- next part --------------
A non-text attachment was scrubbed...
Name: smime.p7s
Type: application/x-pkcs7-signature
Size: 5691 bytes
Desc: not available
URL: <http://lists.infradead.org/pipermail/openconnect-devel/attachments/20150813/ad3b7fd6/attachment.bin>


[Index of Archives]     [Linux Samsung SoC]     [Linux Rockchip SoC]     [Linux Actions SoC]     [Linux for Synopsys ARC Processors]     [Linux NFS]     [Linux NILFS]     [Linux USB Devel]     [Video for Linux]     [Linux Audio Users]     [Yosemite News]     [Linux Kernel]     [Linux SCSI]


  Powered by Linux