dscp set/get
Mark Martinec
Mark.Martinec+freebsd at ijs.si
Thu Oct 6 13:01:30 UTC 2016
Just adding recognition to a parser for a couple of DSCP constants
to be mapped to TOS is not the solution. Keep in mind that DSCP
is a 6-bit field, and TOS is an 8-bit field. The remaining two bits
are used for ECN (Explicit Congestion Notification).
Setting TOS field with the intention of changing DSCP
clobbers ECN bits. Pf needs a proper support for DSCP,
currently it is unusable for this purpose in FreeBSD
(one can use the PF from OpenBSD).
Mark
2016-10-06 11:03, je Kristof Provost napisal
> On 6 Oct 2016, at 10:30, Franco Fichtner wrote:
>>> On 06 Oct 2016, at 10:10 AM, Kristof Provost <kp at FreeBSD.org> wrote:
>>>
>>> On 6 Oct 2016, at 6:57, Eugene M. Zheganin wrote:
>>>> pf still lacks the DSCP handling, will it be difficult/expensive to
>>>> add
>>>> this ? AFAIK ipfw got this recently.
>>>>
>>> pf has set-tos and tos keywords. What is it not letting you do?
>>
>> I think it works already with the plain hex/decimal values given,
>> though we're missing OpenBSD's parser support for special DSCP
>> options with its funky naming:
>>
>> "This rule applies to packets with the specified TOS bits set. string
>> may be one of critical, inetcontrol, lowdelay, netcontrol,throughput,
>> reliability, or one of the DiffServ Code Points: ef, af11 ... af43,
>> cs0 ... cs7; number may be either a hex or decimal number."
>>
>> http://man.openbsd.org/OpenBSD-current/man5/pf.conf.5
>>
>> Looks like pfctl(8) is the only thing to "fix" here. I'll take a
>> look.
>>
> Oh, yes, if you want those constants that should be a straightforward
> port of
> their changes to parse.y. I have no objections to including that. It’s
> another
> (small) step in bringing our pf closer to openbsd pf.
>
> Regards,
> Kristof
More information about the freebsd-pf
mailing list