CentOS - May 2014 - traffic distribution not happening in centos 6.5

Hi,

I am experimenting with libnetfilter_queue. libnetfilter_queue is a
userspace library providing an API to packets that have been queued by
the kernel packet filter.

I am using sample code(nfqnl_test.c) available on netfilter.org. I
have generated two binaries (queue0 and queue1) using that
nfqnl_test.c sample code.

These binaries are working as per expected behaviour in case of Centos
6.2 but with Centos 6.5 only one queue is receiving network traffic.

I am not able to understand why only one queue is receiving network
traffic in case of Centos 6.5 whereas same network traffic is being
distributed in both the queues with Centos 6.2.

uname ?a :-

Linux hwcentos8 2.6.32-431.el6.x86_64 #1 SMP Fri Nov 22 03:15:09 UTC
2013 x86_64 x86_64 x86_64 GNU/Linux

Machine Info:

16 core machine with 64GB RAM.

Command used for iptables in Centos 6.5 :-

iptables -A INPUT -j NFQUEUE --queue-balance 0:1


Output In Centos 6.5 :-


[varun at exp2 ~]$ ./queue0

opening library handle

unbinding existing nf_queue handler for AF_INET (if any)

binding nfnetlink_queue as nf_queue handler for AF_INET

binding this socket to queue '0'

setting copy_packet mode

pkt received

queue0 hw_protocol=0x0800 hook=1 id=0 hw_src_addr=fc:4d:d4:d3:7f:73
indev=2 payload_len=40

entering callback

pkt received

queue0 hw_protocol=0x0800 hook=1 id=1 hw_src_addr=fc:4d:d4:d3:7f:73
indev=2 payload_len=40

entering callback

pkt received

queue0 hw_protocol=0x0800 hook=1 id=2 hw_src_addr=fc:4d:d4:d3:7f:73
indev=2 payload_len=40

entering callback

pkt received

queue0 hw_protocol=0x0800 hook=1 id=3 hw_src_addr=fc:4d:d4:f1:e1:5f
indev=2 payload_len=78

entering callback



[varun at exp2 ~]$ ./queue1

opening library handle

unbinding existing nf_queue handler for AF_INET (if any)

binding nfnetlink_queue as nf_queue handler for AF_INET

binding this socket to queue '1'

setting copy_packet mode




Please let me know if more information is required.

Regards
varun

Em 25-05-2014 07:35, Varun Sharma escreveu:
> Hi,
>
> I am experimenting with libnetfilter_queue. libnetfilter_queue is a
> userspace library providing an API to packets that have been queued by
> the kernel packet filter.
>
> I am using sample code(nfqnl_test.c) available on netfilter.org. I
> have generated two binaries (queue0 and queue1) using that
> nfqnl_test.c sample code.
>
> These binaries are working as per expected behaviour in case of Centos
> 6.2 but with Centos 6.5 only one queue is receiving network traffic.
>
> I am not able to understand why only one queue is receiving network
> traffic in case of Centos 6.5 whereas same network traffic is being
> distributed in both the queues with Centos 6.2.
>
> uname ?a :-
>
> Linux hwcentos8 2.6.32-431.el6.x86_64 #1 SMP Fri Nov 22 03:15:09 UTC
> 2013 x86_64 x86_64 x86_64 GNU/Linux
>
> Machine Info:
>
> 16 core machine with 64GB RAM.
>
> Command used for iptables in Centos 6.5 :-
>
> iptables -A INPUT -j NFQUEUE --queue-balance 0:1
>
>
> Output In Centos 6.5 :-
>
>
> [varun at exp2 ~]$ ./queue0
>
> opening library handle
>
> unbinding existing nf_queue handler for AF_INET (if any)
>
> binding nfnetlink_queue as nf_queue handler for AF_INET
>
> binding this socket to queue '0'
>
> setting copy_packet mode
>
> pkt received
>
> queue0 hw_protocol=0x0800 hook=1 id=0 hw_src_addr=fc:4d:d4:d3:7f:73
> indev=2 payload_len=40
>
> entering callback
>
> pkt received
>
> queue0 hw_protocol=0x0800 hook=1 id=1 hw_src_addr=fc:4d:d4:d3:7f:73
> indev=2 payload_len=40
>
> entering callback
>
> pkt received
>
> queue0 hw_protocol=0x0800 hook=1 id=2 hw_src_addr=fc:4d:d4:d3:7f:73
> indev=2 payload_len=40
>
> entering callback
>
> pkt received
>
> queue0 hw_protocol=0x0800 hook=1 id=3 hw_src_addr=fc:4d:d4:f1:e1:5f
> indev=2 payload_len=78
>
> entering callback
>
>
>
> [varun at exp2 ~]$ ./queue1
>
> opening library handle
>
> unbinding existing nf_queue handler for AF_INET (if any)
>
> binding nfnetlink_queue as nf_queue handler for AF_INET
>
> binding this socket to queue '1'
>
> setting copy_packet mode
>
>
>
>
> Please let me know if more information is required.
Hi,

Considering the MAC address is the same, should I assume both IP 
addresses are the same too? Because it balances according to the hash of 
src ip, dst ip and ip proto (tcp, udp..).

That is, all packets from a single tcp stream will always go through the 
same queue, avoiding re-ordering.

Cheers,
Marcelo