netdev
[Top] [All Lists]

Re: RFC: promote netfilter MARK value from IPv6 packets to sit packets

To: Erik Hensema <erik@xxxxxxxxxxx>
Subject: Re: RFC: promote netfilter MARK value from IPv6 packets to sit packets
From: Harald Welte <laforge@xxxxxxxxxxxxx>
Date: Sun, 23 Feb 2003 20:33:39 +0100
Cc: netdev@xxxxxxxxxxx, Netfilter Development Mailinglist <netfilter-devel@xxxxxxxxxxxxxxxxxxx>
In-reply-to: <20030217145727.GA3413@xxxxxxxxxxx>
Mail-followup-to: Harald Welte <laforge@xxxxxxxxxxxxx>, Erik Hensema <erik@xxxxxxxxxxx>, netdev@xxxxxxxxxxx, Netfilter Development Mailinglist <netfilter-devel@xxxxxxxxxxxxxxxxxxx>
References: <20030217145727.GA3413@xxxxxxxxxxx>
Sender: netdev-bounce@xxxxxxxxxxx
User-agent: Mutt/1.3.28i
On Mon, Feb 17, 2003 at 03:57:27PM +0100, Erik Hensema wrote:

> In order to be able to provide QoS on tunneled IPv6 connections, I've
> created a simple patch (definately not ready for inclusion in the kernel,
> since it surely needs a configuration option) which promotes the netfilter
> MARK value from the IPv6 packets to the sit packets.
> Now I can mark packets using ip6tables, and on the ipv4 level I can still
> differentiate between the priorities. Problem solved, I'm happy ;-)

I like this patch.  I think we should make it a kernel configuration
option, but for all kind of tunnel interfaces.  Something like
'propagate NFMARK while tunneling' (or maybe 'preserve' instead of
'propagate' is better language?)

DaveM: Would this be acceptable?

> Erik Hensema (erik@xxxxxxxxxxx)

-- 
- Harald Welte <laforge@xxxxxxxxxxxxx>             http://www.netfilter.org/
============================================================================
  "Fragmentation is like classful addressing -- an interesting early
   architectural error that shows how much experimentation was going
   on while IP was being designed."                    -- Paul Vixie

Attachment: pgplonSRZJXMd.pgp
Description: PGP signature

<Prev in Thread] Current Thread [Next in Thread>