mirror of
https://git.proxmox.com/git/mirror_iproute2
synced 2025-11-04 08:25:08 +00:00
a6bb5b9e7c
". If" gets interpreted as a macro, so move the period to the previous
line:
33: warning: macro `If' not defined
Fixes: 141b55f854 ("Add SKB Priority qdisc support in tc(8)")
Signed-off-by: Luca Boccassi <bluca@debian.org>
Signed-off-by: Stephen Hemminger <stephen@networkplumber.org>
71 lines
2.4 KiB
Groff
71 lines
2.4 KiB
Groff
.TH SKBPRIO 8 "13 August 2018" "iproute2" "Linux"
|
|
.SH NAME
|
|
skbprio \- SKB Priority Queue
|
|
|
|
.SH SYNOPSIS
|
|
.B tc qdisc ... add skbprio
|
|
.B [ limit
|
|
packets
|
|
.B ]
|
|
|
|
.SH DESCRIPTION
|
|
SKB Priority Queue is a queueing discipline intended to prioritize
|
|
the most important packets during a denial-of-service (
|
|
.B DoS
|
|
) attack. The priority of a packet is given by
|
|
.B skb->priority
|
|
, where a higher value places the packet closer to the exit of the queue. When
|
|
the queue is full, the lowest priority packet in the queue is dropped to make
|
|
room for the packet to be added if it has higher priority. If the packet to be
|
|
added has lower priority than all packets in the queue, it is dropped.
|
|
|
|
Without SKB priority queue, queue length limits must be imposed
|
|
on individual sub-queues, and there is no straightforward way to enforce
|
|
a global queue length limit across all priorities. SKBprio queue enforces
|
|
a global queue length limit while not restricting the lengths of
|
|
individual sub-queues.
|
|
|
|
While SKB Priority Queue is agnostic to how
|
|
.B skb->priority
|
|
is assigned. A typical use case is to copy
|
|
the 6-bit DS field of IPv4 and IPv6 packets using
|
|
.BR tc-skbedit (8).
|
|
If
|
|
.B skb->priority
|
|
is greater or equal to 64, the priority is assumed to be 63.
|
|
Priorities less than 64 are taken at face value.
|
|
|
|
SKB Priority Queue enables routers to locally decide which
|
|
packets to drop under a DoS attack.
|
|
Priorities should be assigned to packets such that the higher the priority,
|
|
the more expected behavior a source shows.
|
|
So sources have an incentive to play by the rules.
|
|
|
|
.SH ALGORITHM
|
|
|
|
Skbprio maintains 64 lists (priorities go from 0 to 63).
|
|
When a packet is enqueued, it gets inserted at the
|
|
.B tail
|
|
of its priority list. When a packet needs to be sent out to the network, it is
|
|
taken from the head of the highest priority list. When the queue is full,
|
|
the packet at the tail of the lowest priority list is dropped to serve the
|
|
ingress packet - if it is of higher priority, otherwise the ingress packet is
|
|
dropped. This algorithm allocates as much bandwidth as possible to high
|
|
priority packets, while only servicing low priority packets when
|
|
there is enough bandwidth.
|
|
|
|
.SH PARAMETERS
|
|
.TP
|
|
limit
|
|
Maximum queue size specified in packets. It defaults to 64.
|
|
The range for this parameter is [0, UINT32_MAX].
|
|
|
|
.SH SEE ALSO
|
|
.BR tc-prio (8),
|
|
.BR tc-skbedit (8)
|
|
|
|
.SH AUTHORS
|
|
Nishanth Devarajan <devarajn@uci.edu>, Michel Machado <michel@digirati.com.br>
|
|
|
|
This manpage maintained by Bert Hubert <ahu@ds9a.nl>
|