Hello! I would like to set up a machine to introduce random (but controllable) dropping of packets that are being forwarded. I also need to classify the traffic because I want some traffic shaping. The obvious solution is to QUEUE packets to user level and if they are ACCEPTed, put a MARK (--set-mark) on them for classifying. This would seem logical: iptables -A FORWARD -j QUEUE -j MARK Of course, it is not possible. How do I do this than? That is, how to do it without using two identical rules, one with QUEUE action and another with MARK action which does not seem to be a nice solution. Thanks! Josip
On Thu, Oct 19, 2000 at 10:15:28AM +0200, Josip Gracin wrote:> Hello! > > I would like to set up a machine to introduce random (but controllable) > dropping of packets that are being forwarded. I also need to classify theTry to make a u32 match on a part of the header that changes a lot. I suspect the IP packet id would be a good candidate, but you need to make sure that resends of the same packet do get through. If you match, route to loopback.> traffic because I want some traffic shaping. The obvious solution is to > QUEUE packets to user level and if they are ACCEPTed, put a MARK > (--set-mark) on them for classifying. This would seem logical: > > iptables -A FORWARD -j QUEUE -j MARK > > Of course, it is not possible. How do I do this than? That is, how to do > it without using two identical rules, one with QUEUE action and another > with MARK action which does not seem to be a nice solution.Try asking the netfilter mailinglist. Regards, bert hubert -- PowerDNS Versatile DNS Services Trilab The Technology People ''SYN! .. SYN|ACK! .. ACK!'' - the mating call of the internet
Thanks for the reply! bert hubert (ahu@ds9a.nl) wrote:> On Thu, Oct 19, 2000 at 10:15:28AM +0200, Josip Gracin wrote: > > I would like to set up a machine to introduce random (but controllable) > > dropping of packets that are being forwarded. I also need to classify the > > Try to make a u32 match on a part of the header that changes a lot. IBut than I would not be able to control the randomness of drops. I need a drop policy based on various stochastic functions.> Try asking the netfilter mailinglist.Oops, I thought this was a perfect list to ask the question. Sorry, I''ll ask there. Best regards, Josip
bert hubert (ahu@ds9a.nl) wrote:> You could also use RED or GRED with strange configuration values. RED alsoI understand that what you are suggesting would be much better for router that handles high volumes of traffic. But, I will be using this for simulating a *slow* and congested (WAN) link between several machines so there won''t be too much traffic and consequently the performance is not an issue. Best regards, Josip
How do you want the packets be dropped? What do you want to achieve? Which rules will control which packets get dropped? Regards, Daniel> -----Ursprungligt meddelande----- > Från: lartc-admin@mailman.ds9a.nl > [mailto:lartc-admin@mailman.ds9a.nl]För Josip Gracin > Skickat: Thursday, October 19, 2000 2:06 PM > Till: bert hubert > Kopia: lartc@mailman.ds9a.nl > Ämne: Re: [LARTC] How to mark and queue > > > bert hubert (ahu@ds9a.nl) wrote: > > You could also use RED or GRED with strange configuration > values. RED also > > I understand that what you are suggesting would be much better for router > that handles high volumes of traffic. But, I will be using this for > simulating a *slow* and congested (WAN) link between several machines so > there won''t be too much traffic and consequently the performance is not an > issue. > > Best regards, > Josip > > > _______________________________________________ > LARTC mailing list / LARTC@mailman.ds9a.nl > http://mailman.ds9a.nl/mailman/listinfo/lartc HOWTO:http://ds9a.nl/2.4Routing/
On Thu, Oct 19, 2000 at 01:42:29PM +0200, Josip Gracin wrote:> > Try to make a u32 match on a part of the header that changes a lot. I > > But than I would not be able to control the randomness of drops. I need a > drop policy based on various stochastic functions.You could also use RED or GRED with strange configuration values. RED also does random dropping of packets, but normally only when routing a lot of traffic. You might be able to get it to drop in ways that please you.> > Try asking the netfilter mailinglist. > > Oops, I thought this was a perfect list to ask the question. Sorry, I''ll > ask there.For what you want, netfilter is suited best. Regards, bert hubert -- PowerDNS Versatile DNS Services Trilab The Technology People ''SYN! .. SYN|ACK! .. ACK!'' - the mating call of the internet
Daniel Bergqvist (daniel@netatonce.se) wrote:> How do you want the packets be dropped? What do you want to achieve? Which > rules will control which packets get dropped?We have performed some measurements of packet drops on real WAN link. I would like to reproduce the characteristics of (congested) WAN link/router as close as possible. Rules for dropping will not be based on packet contents but on a random variable with certain distribution which in turn depends on parametars such as packet size (e.g. for voice traffic). Josip
Before I found out about traffic control in the Linux kernel I used the rshaper module: http://freshmeat.net/news/1999/11/02/941520726.html. You might find it useful to drop packets. The rshaper module shapes incomming traffic depending on the destination ip address but it is easy to change it to only drop some packets according to a drop function. If you are unsure about how to make the necessary changes to the module I might help you, if you provide me with the algorithm for the packet drop function. Regards, Daniel> Från: grac@marsonia.tel.fer.hr [mailto:grac@marsonia.tel.fer.hr]För > Josip Gracin > > Daniel Bergqvist (daniel@netatonce.se) wrote: > > How do you want the packets be dropped? What do you want to > achieve? Which > > rules will control which packets get dropped? > > We have performed some measurements of packet drops on real WAN link. I > would like to reproduce the characteristics of (congested) WAN link/router > as close as possible. Rules for dropping will not be based on packet > contents but on a random variable with certain distribution which in turn > depends on parametars such as packet size (e.g. for voice traffic). > > Josip > >