[MIRROR] OpenWrt QoS implementation based one eBPF + CAKE

Felix Fietkau ca4509cf84 bpf: switch to using bpf_skb_utils.h 2 år sedan
CMakeLists.txt 1cd5e12eec loader/interface: attach bpf program directly using netlink 2 år sedan
README f13b67c9a7 dns: allow limiting dns entry matching to cname name 2 år sedan
bpf_skb_utils.h ca4509cf84 bpf: switch to using bpf_skb_utils.h 2 år sedan
dns.c 391a9fbd5a dns: fix parsing vlan encapsulated protocol 2 år sedan
interface.c ef82defaae ubus: add active devices to bridger blacklist 2 år sedan
loader.c 1cd5e12eec loader/interface: attach bpf program directly using netlink 2 år sedan
main.c 6ff06d66c3 dns: add code for snooping dns packets 2 år sedan
map.c 57c7817f91 qosify: fix dscp values of ubus-added dns host entries 2 år sedan
qosify-bpf.c ca4509cf84 bpf: switch to using bpf_skb_utils.h 2 år sedan
qosify-bpf.h bc54c97e33 map, bpf: create a separate map for configured dscp classes 3 år sedan
qosify.h ef82defaae ubus: add active devices to bridger blacklist 2 år sedan
ubus.c ef82defaae ubus: add active devices to bridger blacklist 2 år sedan

README

QoSify is simple daemon for setting up and managing CAKE along with a custom
eBPF based classifier that sets DSCP fields of packets.

It supports the following features:
- simple TCP/UDP port based mapping
- IP address based mapping
- priority boosting based on average packet size
- bulk flow detection based on number of packets per second
- dynamically add IP entries with timeout
- dns regex entries and ubus api for providing dns lookup results

It can be configured via ubus call qosify config.

This call supports the following parameters:
- "reset": BOOL
Reset the config to defaults instead of only updating supplied values

- "files": ARRAY of STRING
List of files with port/IP/host mappings

- "timeout": INT32
Default timeout for dynamically added entries

- "dscp_default_udp": STRING
Default DSCP value for UDP packets

- "dscp_default_tcp": STRING
Default DSCP value for TCP packets

- "dscp_prio": STRING
DSCP value for priority-marked packets

- "dscp_bulk": STRING
DSCP value for bulk-marked packets

- "dscp_icmp": STRING
DSCP value for ICMP packets

- "bulk_trigger_pps": INT32
Number of packets per second to trigger bulk flow detection

- "bulk_trigger_timeout": INT32
Time below bulk_trigger_pps threshold until a bulk flow mark is removed

- "prio_max_avg_pkt_len": INT32
Maximum average packet length for marking a flow as priority

- "interfaces": TABLE of TABLE
netifd interfaces to enable QoS on

- "devices": TABLE of TABLE
netdevs to enable QoS on


interface/device properties:
- "bandwidth_up": STRING
Uplink bandwidth (same format as tc)

- "bandwidth_down": STRING
Downlink bandwidth (same format as tc)

- "ingress": BOOL
Enable ingress shaping

- "egress": BOOL
Enable egress shaping

- "mode": STRING
CAKE diffserv mode

- "nat": BOOL
Enable CAKE NAT host detection via conntrack

- "host_isolate": BOOL
Enable CAKE host isolation

- "autorate_ingress": BOOL
Enable CAKE automatic rate estimation for ingress

- "ingress_options": STRING
CAKE ingress options

- "egress_options": STRING
CAKE egress options

- "options": STRING
CAKE options for ingress + egress


Mapping file syntax:

Each line has two whitespace separated fields, match and dscp
match is one of:
- tcp:[-]
TCP single port, or range from to
- udp:[-]
UDP single port, or range from to
-
IPv4 address, e.g. 1.1.1.1
-
IPv6 address, e.g. ff01::1
- dns:
fnmatch() pattern supporting * and ? as wildcard characters
- dns:/
POSIX.2 extended regular expression for matching hostnames
Only works, if dns lookups are passed to qosify via the add_dns_host ubus call.
- dns_c:...
Like dns:... but only matches cname entries

dscp can be a raw value, or a codepoint like CS0
Adding a + in front of the value tells qosify to only override the DSCP value if it is zero
DNS entries are compared in the order in which they are specified in the config, using the
first matching entry.


Planned features:
- Support for LAN host based priority