The hash tables created with:
tc filter add ... handle A: u32 divisor B
and distributed to with:
tc filter add ... u32 ht C:: match ... hashkey mask D at E link A:
the first line creates a hash table A with B entries and the second line
directs packets to the table entries based on the result of applying the
mask D to the match value. This substantially reduces the number filters
that need to be searched for each packet since the kernel can simply use the
hashkey as an index into the table.
What I want to do is direct packets to hash table entries based on the
firewall mark. I only see documentation and directing packets to hash table
entries using the u32 selector. Since the firewall mark is not part of the
packet itself, I can''t use u32.
Paul C. Diem
PCDiem@FoxValley.net
> -----Original Message-----
> From: lartc-admin@mailman.ds9a.nl [mailto:lartc-admin@mailman.ds9a.nl]On
> Behalf Of George Alexandru Dragoi
> Sent: Thursday, August 12, 2004 5:14 AM
> To: lartc@mailman.ds9a.nl
> Subject: Re: [LARTC] Hashing table based on FWMARK
>
>
> WTF is "hash" or "hash table" ? are you looking into:
> ip rule help
> ?
>
> On Thu, 12 Aug 2004 00:53:40 -0500, Paul C. Diem
> <pcdiem@foxvalley.net> wrote:
> > We currently use iptables, matching packets based on IP address
> and marking
> > them with an ID. Multiple IP addresses can be marked with the
> same ID. We
> > then filter based on the ID. We have close to 2000 filters now and
I''m
> > looking into hashing tables. Is there any way to create a hashing
filter
> > based on the fwmark?
> >
> > Paul C. Diem
> > PCDiem@FoxValley.net
> >
> > _______________________________________________
> > LARTC mailing list / LARTC@mailman.ds9a.nl
> > http://mailman.ds9a.nl/mailman/listinfo/lartc HOWTO: http://lartc.org/
_______________________________________________
LARTC mailing list / LARTC@mailman.ds9a.nl
http://mailman.ds9a.nl/mailman/listinfo/lartc HOWTO: http://lartc.org/