[WireGuard] fq, ecn, etc with wireguard
Jason A. Donenfeld
Jason at zx2c4.com
Mon Aug 29 21:23:57 CEST 2016
Hi again,
So I implemented a first stab of this, which I intend to refine with
your feedback:
https://git.zx2c4.com/WireGuard/commit/?id=a2dfc902e942cce8d5da4a42d6aa384413e7fc81
On the way out, the ECN is set to:
outgoing_skb->tos = encap_ecn(0, inner_skb->tos);
where encap_ecn is defined as:
u8 encap_ecn(u8 outer, u8 inner)
{
outer &= ~INET_ECN_MASK;
outer |= !INET_ECN_is_ce(inner) ? (inner & INET_ECN_MASK) :
INET_ECN_ECT_0;
return outer;
}
Since outer goes in as 0, this function can be reduced to simply:
outgoing_skb->tos = !INET_ECN_is_ce(inner_skb->tos) ? (inner_skb->tos
& INET_ECN_MASK) : INET_ECN_ECT_0;
QUESTION A: is 0 a good value to use here as outer? Or, in fact,
should I use the tos value that comes from the routing table for the
outer route?
On the way in, the ECN is set to:
if (INET_ECN_is_ce(outer_skb->tos))
IP_ECN_set_ce(inner_skb->tos)
I do NOT compute the following:
if (INET_ECN_is_not_ect(inner)) {
switch (outer & INET_ECN_MASK) {
case INET_ECN_NOT_ECT:
return EVERYTHING_IS_OKAY;
case INET_ECN_ECT_0:
case INET_ECN_ECT_1:
return BROKEN_SO_LOG_PACKET;
case INET_ECN_CE:
return BROKEN_SO_DROP_PACKET;
}
}
QUESTION B: is it okay that I do not compute the above checks? Or is
this potentially very problematic?
I await your answer on questions A and B.
Thanks,
Jason
More information about the WireGuard
mailing list