Search squid archive

Re: Re: squid qos_flows - copying mark from client side to upstream request?

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



On Thu, 2013-03-28 at 22:52 +0000, Ed W wrote:
[...]
> Users have a choice of gateways to use the internet via (each will have 
> a cost). Their choice of gateway is marked on packets from their 
> machine, we then route through the appropriate gateway based on the 
> connection mark (hence why I need it passed upstream through squid)
>
> Also we mark each connection with a unique per user mark so that 
> iptables can account for the traffic they consume and bill them. 
> Technically this could be done inside squid, but all other traffic is 
> accounted in iptables and there is some hairy calculations needed to 
> bill differently for different gateways, so I don't want to reproduce 
> this in multiple locations

Ah, I see. In which case I can't think of any other way around it.

> Hence I think I need to implement the reverse of the current code?

Yes, you're probably right.

> Now, as for implementation, I don't have the code in front of me, but I 
> think I noticed there is a single code path to open a new upstream 
> connection?

I can't remember the exact details off the top of my head, but there are
various places that deal with the upstream network connection. Some
parts are only run on connection to a new website host, others are run
every time data is sent.

> At present this applies a packet mark based on tcp_outgoing_mark.

Well, there is various ways of applying a mark. tcp_outgoing_mark is
only one of them. You'd probably be better looking at the qos_flows
code, as this specifically transfers the connection mark from the server
side to the client side.

> Is the client connection information available at this point, so that I
> could mark the connection at this point based on the client connection
> mark?

Again, off the top of my head I'm not 100% sure, but I imagine it would
be possible. The key thing is that you can only retrieve the
*connection* mark from the socket, not the *packet* mark, but I don't
think that would be a problem for you.

> However, I think squid uses persistent connections to upstream?

Only if configured to do so, and even then you can still change the mark
on an existing connection.

> (I will always have another proxy as my upstream).  If so then actually
> I need to reset the mark for each request?

I *think* you could just set the mark on the upstream connection for
each request.

> Where would be the correct location to put the marking code in this
> case, ie I guess where the packet is sent to the upstream socket?

I'd need to look into this in slower time.

> (I guess I need to be careful about pipelining also?)

Don't know.

As I said, the above are answers without checking the code (it's been a
couple of years since I've looked at it). I can have a look in due
course, or Amos might be able to chip in ;-)

In the meantime, you might want to look at the original patch for ideas:

http://bazaar.launchpad.net/~squid/squid/3.2/revision/10815

Andy






[Index of Archives]     [Linux Audio Users]     [Samba]     [Big List of Linux Books]     [Linux USB]     [Yosemite News]

  Powered by Linux