[wireguard-devel ] traffic shapping
Baptiste Jonglez
baptiste at bitsofnetworks.org
Wed Mar 8 17:00:04 CET 2017
Hi Nicolas,
For posterity, can you be more specific about how you solved your issue?
You were simply missing traffic shaping support for IPv6 in your kernel?
Which symbols were needed?
Thanks,
Baptiste
On Wed, Mar 08, 2017 at 02:39:23PM +0100, Nicolas Prochazka wrote:
> hello,
> to close, it's working perfectly well in ipv4 and then when i correctly
> configure my kernel, perfectly well for ipv6.
> Regards,
> Nicolas
>
> 2017-03-08 12:26 GMT+01:00 Nicolas Prochazka <nicolas.prochazka at gmail.com>:
>
> > Hello again,
> > So i verify my configuration,
> > - on a virtual tap , traffic shaping is ok with same configuration
> > - on physical card, traffic shaping is ok
> > - on wg0 , all traffic are going to default queue,filter seems to be not
> > applied , tcpdump on wg0 is ok with my queue definition, only difference
> > is wg0 is configured as ipv6 tunnel.
> >
> >
> > Regards,
> > NIcolas
> >
> >
> >
> > 2017-03-06 18:40 GMT+01:00 Nicolas Prochazka <nicolas.prochazka at gmail.com>
> > :
> >
> >> Hello,
> >> is there an incompatibilty between wireguard and traffic shaping or i
> >> misconfig something ?
> >>
> >> After configuring Qos , I need to add filter to flow
> >>
> >> If i'm trying with simple tc command :
> >> tc filter add dev wg0 protocol ip parent 1: prio 10 u32 match ip dport 80
> >> 0xffff flowid 1:10
> >>
> >> or If i'm trying with tc + iptables,
> >>
> >> tc filter add dev wg0 protocol ip parent 1: prio 1 handle 6 fw flowid 1:10
> >> and iptables mark rules,
> >>
> >> traffic seems to be not "apply" to queue .
> >>
> >> Regards,
> >> Nicolas Prochazka.
> >>
> >> -----
> >> Example : after this configuration, traffic on wg0 on port 80,443,8080
> >> are going to 1:30 ,not to 1:10
> >> _trafficShappingMaxRate=15
> >>
> >> tc qdisc del dev wg0 root
> >>
> >> tc qdisc add dev wg0 root handle 1: htb default 30
> >>
> >> # Base
> >> tc class add dev wg0 parent 1: classid 1:1 htb rate
> >> ${_trafficShappingMaxRate}mbit burst 15k
> >>
> >> # http/https
> >>
> >> # Class 1:10,
> >> tc class add dev wg0 parent 1:1 classid 1:10 htb rate
> >> ${_trafficShappingMaxRate}mbit ceil ${_trafficShappingMaxRate} burst 15k
> >>
> >> # Class 1:20,
> >> tc class add dev wg0 parent 1:1 classid 1:20 htb rate
> >> ${_trafficShappingMaxRate}mbit ceil ${_trafficShappingMaxRate}mbit burst 15k
> >>
> >> # Class 1:30, which has a rate of 1kbit. This one is the default class.
> >> tc class add dev wg0 parent 1:1 classid 1:30 htb rate 10kbit ceil 1mbit
> >> burst 15k
> >>
> >> tc qdisc add dev wg0 parent 1:10 handle 10: fq_codel quantum 300 noecn
> >> tc qdisc add dev wg0 parent 1:20 handle 20: fq_codel quantum 300 noecn
> >> tc qdisc add dev wg0 parent 1:30 handle 30: fq_codel quantum 300 noecn
> >>
> >> # --- associate queue with traffic
> >>
> >> #tc filter add dev wg0 protocol ipv6 parent 1: prio 1 handle 6 fw flowid
> >> 1:10
> >> # http/https
> >> tc filter add dev wg0 protocol ipv6 parent 1: prio 10 u32 match ip dport
> >> 80 0xffff flowid 1:10
> >> tc filter add dev wg0 protocol ipv6 parent 1: prio 10 u32 match ip dport
> >> 443 0xffff flowid 1:10
> >> tc filter add dev wg0 protocol ipv6 parent 1: prio 10 u32 match ip dport
> >> 8080 0xffff flowid 1:10
> >> # ncfs
> >> tc filter add dev wg0 parent 1: protocol ipv6 prio 5 u32 match ip dport
> >> 16379 0xffff flowid 1:20
> >> # icmp
> >> tc filter add dev wg0 parent 1: protocol ip prio 1 u32 match ip protocol
> >> 1 0xff flowid 1:30
> >>
> >> tc -s qdisc ls dev wg0
> >>
> >>
> >
> _______________________________________________
> WireGuard mailing list
> WireGuard at lists.zx2c4.com
> https://lists.zx2c4.com/mailman/listinfo/wireguard
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 833 bytes
Desc: not available
URL: <http://lists.zx2c4.com/pipermail/wireguard/attachments/20170308/1e252d14/attachment.asc>
More information about the WireGuard
mailing list