On Fri, Feb 3, 2017 at 8:42 AM, John Sager <j...@sager.me.uk> wrote: > I would support this. It would allow cake to behave pretty much as I have > HTB+fq_codel currently set up for both egress and ingress (via ifb0) on my > border router/firewall. I fwmark egress traffic based on various criteria > using ip[6]tables & transfer the marks to conntrack where they are recovered > on ingress to classify inbound responses to outbound requests.
I'm not huge on using fwmarks. Is this because you cannot re-mark w/dscp consistently via conntrack? > > It would also classify inbound traffic better if cake could use fwmarks in > that way as diffserv is currently pretty much useless for that purpose with > most ISPs. My understanding of this is that cake runs before iptables does on inbound. (?) so fw marks won't help here. But it's probable I'm wrong. > John > > On 31/01/17 21:14, chromatix99 at gmail.com (Jonathan Morton) wrote: >>> On 31 Jan, 2017, at 16:49, Felix Resch <fuller at beif.de> wrote: >>> >>> Since we now already do the conntrack-lookup for the nat keyword, would it >>> be >>> expensive to implement a kind of internal conntrack-mark-and-restore by >>> cake-tin? >>> >>> E.g. when traffic leaves throu canke tin#x, the conntrack entry will get a >>> fwmark and return traffic is put in the corresponding tin/bin on the >>> ingress cake. >> >> That's an interesting idea. At this point I don't know how easy it is to >> implement, though. >> >> Certainly we need to clean up some other things first. >> >> - Jonathan Morton >> >> > _______________________________________________ > Cake mailing list > Cake@lists.bufferbloat.net > https://lists.bufferbloat.net/listinfo/cake -- Dave Täht Let's go make home routers and wifi faster! With better software! http://blog.cerowrt.org _______________________________________________ Cake mailing list Cake@lists.bufferbloat.net https://lists.bufferbloat.net/listinfo/cake
