On 27/12/2013 5:32 a.m., yogii wrote: > Sorry I'm just back. > > I don't understand functionality of tcp_outgoing_mark. How it works. how to > use. > > Can I use this feature to set dscp field for every packet leaving squidbox > and go to the client? > do we need to do something with iptables after set tcp_outgoing_mark tag on > squid? > tcp_outgoing_mark sets the netfilter MARK value on packets exactly as if iptables/ip6tables/nftables/xtables had done it with a -j MARK rule. The MARK values are specific to the kernel they are set for and do not leave the machine. They have a 32-bit value range where TOS only has 4-bit value range once ECN is accounted for. You can set a MARK value by Squid and have iptables/ip6tables convert that to DSCP values as the packets leave the machine based on other criteria Squid is not aware of. NP: Squid adjusts tcp_outgoing_tos for ECN, so if you want to break ECN and use those bits for TOS values setting a MARK and translating it into a ECN-incompatible TOS value is the way to do that. tcp_outgoing_tos and qos_flows are what set the TOS/Differv values if you want to set them directly. Amos
