Re: Marking uncached packets with a netfilter mark value

> So, do you have a clear use-case we can add to the wiki and commit
> message?

I propose extending the current QualityOfService feature as follows. The
existing http://wiki.squid-cache.org/Features/QualityOfService page
should read:

  * Allows you to set a TOS/Diffserv value to mark local and peer hits.
  * For platforms using netfilter, allows you to set a netfilter mark
    value instead of, or in addition to, a TOS value.
  * Allows you to selectively set only sibling or parent requests
  * Allows any HTTP response towards clients to have the TOS value of
    the response coming from the remote server, or in the case of
    marking, the incoming connection's netfilter mark value. For this to
    work correctly with a TOS value, you will need to patch your linux
    kernel with the TOS preserving ZPH patch. The kernel patch can be
    downloaded from http://zph.bratcheda.org. No patch is needed for a
    netfilter mark.
  * Allows you to mask certain bits in the TOS or mark received, before
    copying the value towards clients.

> qos_flows - adding an initial flag "tos"|"mark" which determines which
> marking type is to be set. Followed by the current (or extended)
> stream=value tags. Default to "tos" if missing for backward compatibility

Agree with the above for the config file.

> So we end up with:
> qos_flows tos parent-hit=0xA sibling-hit=0xB
> qos_flows mark local-miss=0x1

I propose just the addition of the tos|mark flag and leave the remainder
of the options the same. I don't see any need to add a local-miss
option, as the user can mark packets before they hit Squid.

To keep things simple, I propose that the patch is still enabled with
--enable-zph-qos as with the current TOS patch. However, the mark patch
will need the libnetfilter_conntrack library, so should a separate
compiler flag be used instead?

Incidentally, there is a mistake in the documentation for the existing
QOS patch. At http://www.squid-cache.org/Doc/config/qos_flows/ it
states:

disable-preserve-miss
                If set, any HTTP response towards clients will
                have the TOS value of the response comming from the
                remote server masked with the value of miss-mask.

This should read:
        By default, the existing TOS value of the response coming from the
remote server will be retained and masked with miss-mark. This option
disables that feature.

Regards,

Andy
Received on Sun Jul 18 2010 - 14:12:32 MDT