>-----Original Message----- >From: Simon Horman [mailto:[email protected]] >Sent: Wednesday, January 04, 2017 12:43 PM >To: Yotam Gigi <[email protected]> >Cc: Roopa Prabhu <[email protected]>; Jiri Pirko <[email protected]>; >[email protected]; [email protected]; Ido Schimmel ><[email protected]>; Elad Raz <[email protected]>; Nogah Frankel ><[email protected]>; Or Gerlitz <[email protected]>; >[email protected]; [email protected]; [email protected]; >[email protected]; [email protected]; [email protected] >Subject: Re: [patch net-next v2 5/8] Introduce sample tc action > >On Wed, Nov 16, 2016 at 04:26:44PM +0000, Yotam Gigi wrote: >> >-----Original Message----- >> >From: Roopa Prabhu [mailto:[email protected]] >> >Sent: Wednesday, November 16, 2016 6:15 PM >> >To: Jiri Pirko <[email protected]> >> >Cc: [email protected]; [email protected]; Yotam Gigi >> ><[email protected]>; Ido Schimmel <[email protected]>; Elad Raz >> ><[email protected]>; Nogah Frankel <[email protected]>; Or Gerlitz >> ><[email protected]>; [email protected]; [email protected]; >> >[email protected]; [email protected]; linux@roeck- >us.net; >> >[email protected]; [email protected] >> >Subject: Re: [patch net-next v2 5/8] Introduce sample tc action >> > >> >On 11/14/16, 7:00 AM, Jiri Pirko wrote: >> >> From: Yotam Gigi <[email protected]> >> >> >> >> This action allow the user to sample traffic matched by tc classifier. >> >> The sampling consists of choosing packets randomly, truncating them, >> >> adding some informative metadata regarding the interface and the original >> >> packet size and mark them with specific mark, to allow further tc rules to >> >> match and process. The marked sample packets are then injected into the >> >> device ingress qdisc using netif_receive_skb. >> >> >> >> The packets metadata is packed using the ife encapsulation protocol, and >> >> the outer packet's ethernet dest, source and eth_type, along with the >> >> rate, mark and the optional truncation size can be configured from >> >> userspace. >> >> >> >> Example: >> >> To sample ingress traffic from interface eth1, and redirect the sampled >> >> the sampled packets to interface dummy0, one may use the commands: >> >> >> >> tc qdisc add dev eth1 handle ffff: ingress >> >> >> >> tc filter add dev eth1 parent ffff: \ >> >> matchall action sample rate 12 mark 17 >> > >> >Yotham, I am guessing in the future if one does not want to use mark, >> >the sample api is extensible to allow for other actions to be added. >> >This is from the general concern we had on using mark: some may not want to >use >> >mark. >> >As long as the api is extensible to allow an alternate way in the future, >> > we should be good. (We would prefer to not go down the path of having to >> >introduce >> >a new 'action sample' if this limits us in some way). >> >> The code is extensible - if one does want to add another action to sample, >> he >> totally can :) >> >> By the way, one of the reasons we removed the patches for now is that we >> consider adding mirroring functionality to it instead of heaving two >> tc-rules. > >Hi Yotham, > >I see that this action combines several discrete sub-actions, some of which >duplicate functionality present in existing actions: > >* sample >* truncate >* IFE encapsulation with metadata >* mark >* output (proposed) > >I wonder if it would make sense to provided a mechanism whereby sampled >packets can be passed on to other actions. Something similar to the >existing pipe mechanism but allowing for the sampled and the original packets >to continue to be processed separately. > >If so, it may be worth white-listing actions for which sampled packets are >known to work well to limit the scope for unforseen side effects.
Hi Simon, The patches were removed and we intend to propose a different implementation for that, using a dedicated sampling netlink channel, thus removing the need to mark, mirror and IFE-pack the packets. We intend to send in the next few weeks, so I guess you can comment on the new version. Thanks!
