lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Date:   Mon, 29 Aug 2022 17:03:08 +0200 (CEST)
From:   Thorsten Glaser <t.glaser@...ent.de>
To:     Jakub Kicinski <kuba@...nel.org>
cc:     netdev@...r.kernel.org
Subject: Re: inter-qdisc communication?

(note the communication aspect is still open, see near the end)

On Fri, 26 Aug 2022, Jakub Kicinski wrote:

> How do you add latency on ingress? šŸ¤”

Iā€™ve found something that might do it.

https://serverfault.com/a/386791/189656 and
https://wiki.linuxfoundation.org/networking/netem#how_can_i_use_netem_on_incoming_traffic

So, basically:

$ extif=eth0  # or eth1 or wlan0 orā€¦
$ sudo modprobe ifb  # once or via config
$ sudo ip link set dev ifb0 up
$ sudo tc qdisc add dev $extif handle FFFF: ingress
$ sudo tc filter add dev $extif parent FFFF: [ā€¦ (see below) ā€¦]
$ sudo tc qdisc add dev ifb0 root myqdiscname optsā€¦

All references to ifb seem to cargo-cult the following filterā€¦

	protocol ip u32 match u32 0 0 flowid 1:1
	 action mirred egress redirect dev ifb0

ā€¦ without explaining any of it. (Iā€™ve concerned myself more with
the implementing of the qdisc than with the configuring, which my
coworkers did before, and I found the info quiteā€¦ not easily
comprehensible.)

Iā€™ve found that mirred means mirror or redirect, so the action
partā€™s probably fine. Iā€™m very unsure of the protocol/match
part.

I require any and all traffic of all protocols to be redirected.
Not just IPv4, and not just traffic that matches anything. Can I
do that with the filter, and will this ā€œtrickā€ get me the effect
I want to have?

(I could just use netem but thereā€™s still the issue of inter-
qdisc communication which Iā€™d *very* much like to have, not just
for this but also for features that come laterā€¦ and, perhaps, one
thatā€™s already thereā€Šā€”ā€ŠRAN ā€œhandoverā€ emulation, i.e. stopping
all traffic for a few dozen ms or so.)

Thanks in advance,
//mirabilos
-- 
Infrastrukturexperte ā€¢ tarent solutions GmbH
Am Dickobskreuz 10, D-53121 Bonn ā€¢ http://www.tarent.de/
Telephon +49 228 54881-393 ā€¢ Fax: +49 228 54881-235
HRB AG Bonn 5168 ā€¢ USt-ID (VAT): DE122264941
GeschƤftsfĆ¼hrer: Dr. Stefan Barth, Kai Ebenrett, Boris Esser, Alexander Steeg

                        ****************************************************
/ā€\ The UTF-8 Ribbon
ā•²Ā ā•± Campaign against      Mit dem tarent-Newsletter nichts mehr verpassen:
Ā ā•³Ā  HTML eMail! Also,     https://www.tarent.de/newsletter
ā•±Ā ā•² header encryption!
                        ****************************************************

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ