[WireGuard] WireGuard ECN Implementation
Jason A. Donenfeld
Jason at zx2c4.com
Thu Sep 29 20:59:39 CEST 2016
On Thu, Sep 29, 2016 at 8:19 PM, Dave Taht <dave.taht at gmail.com> wrote:
> I think the correct behavior here is to only set ce on the inner
> packet if the inner packet is marked as ecn capable.
IP_ECN_set_ce already does this. It exits early if it isn't already
ECT(1) or ECT(0):
static inline int IP_ECN_set_ce(struct iphdr *iph)
{
u32 check = (__force u32)iph->check;
u32 ecn = (iph->tos + 1) & INET_ECN_MASK;
/*
* After the last operation we have (in binary):
* INET_ECN_NOT_ECT => 01
* INET_ECN_ECT_1 => 10
* INET_ECN_ECT_0 => 11
* INET_ECN_CE => 00
*/
if (!(ecn & 2))
return !ecn;
/*
* The following gives us:
* INET_ECN_ECT_1 => check += htons(0xFFFD)
* INET_ECN_ECT_0 => check += htons(0xFFFE)
*/
check += (__force u16)htons(0xFFFB) + (__force u16)htons(ecn);
iph->check = (__force __sum16)(check + (check>=0xFFFF));
iph->tos |= INET_ECN_CE;
return 1;
}
>
> It looked to as tho leveraging the other newer ecn capable codebases
> in the kernel was sane also.
I tried to copy already existing code in the kernel for this. Is there
a certain driver that you think does it particularly well that I
should copy?
More information about the WireGuard
mailing list