I am adding u32 filters with commands like:
tc filter add dev eth0 parent 10:0 protocol ip prio 100 handle 800::2 u32 match
ip dst 10.30.40.3 flowid 10:2
...
getting:
filter parent 10: protocol ip pref 100 u32
filter parent 10: protocol ip pref 100 u32 fh 800: ht divisor 1
filter parent 10: protocol ip pref 100 u32 fh 800::2 order 2 key ht 800 bkt 0
flowid 10:2
match 0a1e2803/ffffffff at 16
filter parent 10: protocol ip pref 100 u32 fh 800::3 order 3 key ht 800 bkt 0
flowid 10:3
match 0a1e2809/ffffffff at 16
...
and then I can delete them with
tc filter del dev eth0 parent 10:0 protocol ip prio 100 handle 800::2 u32
match ip dst 10.30.40.3 flowid 10:2
It looks like the highest handle is 800::7ff (or maybe fff) and there may be
only 2048 filters with unique handles. They have to be unique to make single
filters deletetions possible.
Is it possible to setup the u32 filters in such a way that 64k or more unique
handles would be available?
I do not know if a single system would be able to carry such load but maybe it
is possible, I hope to be able to test it in the future. A company I work for
in principle may need tens of thousands of limits, putting every 2k of limits
on a separate machine would be limiting us to much.
R.
--
W iskier krzesaniu żywem/Materiał to rzecz główna
|