[PKT_SCHED]: Rework QoS and/or fair queueing configuration
Make "QoS and/or fair queueing" have its own menu, it's too big to be inlined into "Network options". Remove the obsolete NET_QOS option. Automatically select NET_CLS if needed. Do the same for NET_ESTIMATOR but allow it to be selected manually for statistical purposes. Add comments to separate queueing from classification. Fix dependencies and ordering of classifiers. Improve descriptions/help texts and remove outdated pieces. Signed-off-by: Thomas Graf <tgraf@suug.ch> Signed-off-by: Arnaldo Carvalho de Melo <acme@mandriva.com>
This commit is contained in:
parent
979ad66312
commit
52ab4ac258
@ -2,13 +2,15 @@
|
|||||||
# Traffic control configuration.
|
# Traffic control configuration.
|
||||||
#
|
#
|
||||||
|
|
||||||
menuconfig NET_SCHED
|
menu "QoS and/or fair queueing"
|
||||||
|
|
||||||
|
config NET_SCHED
|
||||||
bool "QoS and/or fair queueing"
|
bool "QoS and/or fair queueing"
|
||||||
---help---
|
---help---
|
||||||
When the kernel has several packets to send out over a network
|
When the kernel has several packets to send out over a network
|
||||||
device, it has to decide which ones to send first, which ones to
|
device, it has to decide which ones to send first, which ones to
|
||||||
delay, and which ones to drop. This is the job of the packet
|
delay, and which ones to drop. This is the job of the queueing
|
||||||
scheduler, and several different algorithms for how to do this
|
disciplines, several different algorithms for how to do this
|
||||||
"fairly" have been proposed.
|
"fairly" have been proposed.
|
||||||
|
|
||||||
If you say N here, you will get the standard packet scheduler, which
|
If you say N here, you will get the standard packet scheduler, which
|
||||||
@ -23,13 +25,13 @@ menuconfig NET_SCHED
|
|||||||
To administer these schedulers, you'll need the user-level utilities
|
To administer these schedulers, you'll need the user-level utilities
|
||||||
from the package iproute2+tc at <ftp://ftp.tux.org/pub/net/ip-routing/>.
|
from the package iproute2+tc at <ftp://ftp.tux.org/pub/net/ip-routing/>.
|
||||||
That package also contains some documentation; for more, check out
|
That package also contains some documentation; for more, check out
|
||||||
<http://snafu.freedom.org/linux2.2/iproute-notes.html>.
|
<http://linux-net.osdl.org/index.php/Iproute2>.
|
||||||
|
|
||||||
This Quality of Service (QoS) support will enable you to use
|
This Quality of Service (QoS) support will enable you to use
|
||||||
Differentiated Services (diffserv) and Resource Reservation Protocol
|
Differentiated Services (diffserv) and Resource Reservation Protocol
|
||||||
(RSVP) on your Linux router if you also say Y to "QoS support",
|
(RSVP) on your Linux router if you also say Y to the corresponding
|
||||||
"Packet classifier API" and to some classifiers below. Documentation
|
classifiers below. Documentation and software is at
|
||||||
and software is at <http://diffserv.sourceforge.net/>.
|
<http://diffserv.sourceforge.net/>.
|
||||||
|
|
||||||
If you say Y here and to "/proc file system" below, you will be able
|
If you say Y here and to "/proc file system" below, you will be able
|
||||||
to read status information about packet schedulers from the file
|
to read status information about packet schedulers from the file
|
||||||
@ -42,7 +44,7 @@ choice
|
|||||||
prompt "Packet scheduler clock source"
|
prompt "Packet scheduler clock source"
|
||||||
depends on NET_SCHED
|
depends on NET_SCHED
|
||||||
default NET_SCH_CLK_JIFFIES
|
default NET_SCH_CLK_JIFFIES
|
||||||
help
|
---help---
|
||||||
Packet schedulers need a monotonic clock that increments at a static
|
Packet schedulers need a monotonic clock that increments at a static
|
||||||
rate. The kernel provides several suitable interfaces, each with
|
rate. The kernel provides several suitable interfaces, each with
|
||||||
different properties:
|
different properties:
|
||||||
@ -56,7 +58,7 @@ choice
|
|||||||
|
|
||||||
config NET_SCH_CLK_JIFFIES
|
config NET_SCH_CLK_JIFFIES
|
||||||
bool "Timer interrupt"
|
bool "Timer interrupt"
|
||||||
help
|
---help---
|
||||||
Say Y here if you want to use the timer interrupt (jiffies) as clock
|
Say Y here if you want to use the timer interrupt (jiffies) as clock
|
||||||
source. This clock source is fast, synchronized on all processors and
|
source. This clock source is fast, synchronized on all processors and
|
||||||
handles cpu clock frequency changes, but its resolution is too low
|
handles cpu clock frequency changes, but its resolution is too low
|
||||||
@ -64,7 +66,7 @@ config NET_SCH_CLK_JIFFIES
|
|||||||
|
|
||||||
config NET_SCH_CLK_GETTIMEOFDAY
|
config NET_SCH_CLK_GETTIMEOFDAY
|
||||||
bool "gettimeofday"
|
bool "gettimeofday"
|
||||||
help
|
---help---
|
||||||
Say Y here if you want to use gettimeofday as clock source. This clock
|
Say Y here if you want to use gettimeofday as clock source. This clock
|
||||||
source has high resolution, is synchronized on all processors and
|
source has high resolution, is synchronized on all processors and
|
||||||
handles cpu clock frequency changes, but it is slow.
|
handles cpu clock frequency changes, but it is slow.
|
||||||
@ -77,7 +79,7 @@ config NET_SCH_CLK_GETTIMEOFDAY
|
|||||||
config NET_SCH_CLK_CPU
|
config NET_SCH_CLK_CPU
|
||||||
bool "CPU cycle counter"
|
bool "CPU cycle counter"
|
||||||
depends on ((X86_TSC || X86_64) && !SMP) || ALPHA || SPARC64 || PPC64 || IA64
|
depends on ((X86_TSC || X86_64) && !SMP) || ALPHA || SPARC64 || PPC64 || IA64
|
||||||
help
|
---help---
|
||||||
Say Y here if you want to use the CPU's cycle counter as clock source.
|
Say Y here if you want to use the CPU's cycle counter as clock source.
|
||||||
This is a cheap and high resolution clock source, but on some
|
This is a cheap and high resolution clock source, but on some
|
||||||
architectures it is not synchronized on all processors and doesn't
|
architectures it is not synchronized on all processors and doesn't
|
||||||
@ -95,134 +97,129 @@ config NET_SCH_CLK_CPU
|
|||||||
|
|
||||||
endchoice
|
endchoice
|
||||||
|
|
||||||
|
comment "Queueing/Scheduling"
|
||||||
|
depends on NET_SCHED
|
||||||
|
|
||||||
config NET_SCH_CBQ
|
config NET_SCH_CBQ
|
||||||
tristate "CBQ packet scheduler"
|
tristate "Class Based Queueing (CBQ)"
|
||||||
depends on NET_SCHED
|
depends on NET_SCHED
|
||||||
---help---
|
---help---
|
||||||
Say Y here if you want to use the Class-Based Queueing (CBQ) packet
|
Say Y here if you want to use the Class-Based Queueing (CBQ) packet
|
||||||
scheduling algorithm for some of your network devices. This
|
scheduling algorithm. This algorithm classifies the waiting packets
|
||||||
algorithm classifies the waiting packets into a tree-like hierarchy
|
into a tree-like hierarchy of classes; the leaves of this tree are
|
||||||
of classes; the leaves of this tree are in turn scheduled by
|
in turn scheduled by separate algorithms.
|
||||||
separate algorithms (called "disciplines" in this context).
|
|
||||||
|
|
||||||
See the top of <file:net/sched/sch_cbq.c> for references about the
|
See the top of <file:net/sched/sch_cbq.c> for more details.
|
||||||
CBQ algorithm.
|
|
||||||
|
|
||||||
CBQ is a commonly used scheduler, so if you're unsure, you should
|
CBQ is a commonly used scheduler, so if you're unsure, you should
|
||||||
say Y here. Then say Y to all the queueing algorithms below that you
|
say Y here. Then say Y to all the queueing algorithms below that you
|
||||||
want to use as CBQ disciplines. Then say Y to "Packet classifier
|
want to use as leaf disciplines.
|
||||||
API" and say Y to all the classifiers you want to use; a classifier
|
|
||||||
is a routine that allows you to sort your outgoing traffic into
|
|
||||||
classes based on a certain criterion.
|
|
||||||
|
|
||||||
To compile this code as a module, choose M here: the
|
To compile this code as a module, choose M here: the
|
||||||
module will be called sch_cbq.
|
module will be called sch_cbq.
|
||||||
|
|
||||||
config NET_SCH_HTB
|
config NET_SCH_HTB
|
||||||
tristate "HTB packet scheduler"
|
tristate "Hierarchical Token Bucket (HTB)"
|
||||||
depends on NET_SCHED
|
depends on NET_SCHED
|
||||||
---help---
|
---help---
|
||||||
Say Y here if you want to use the Hierarchical Token Buckets (HTB)
|
Say Y here if you want to use the Hierarchical Token Buckets (HTB)
|
||||||
packet scheduling algorithm for some of your network devices. See
|
packet scheduling algorithm. See
|
||||||
<http://luxik.cdi.cz/~devik/qos/htb/> for complete manual and
|
<http://luxik.cdi.cz/~devik/qos/htb/> for complete manual and
|
||||||
in-depth articles.
|
in-depth articles.
|
||||||
|
|
||||||
HTB is very similar to the CBQ regarding its goals however is has
|
HTB is very similar to CBQ regarding its goals however is has
|
||||||
different properties and different algorithm.
|
different properties and different algorithm.
|
||||||
|
|
||||||
To compile this code as a module, choose M here: the
|
To compile this code as a module, choose M here: the
|
||||||
module will be called sch_htb.
|
module will be called sch_htb.
|
||||||
|
|
||||||
config NET_SCH_HFSC
|
config NET_SCH_HFSC
|
||||||
tristate "HFSC packet scheduler"
|
tristate "Hierarchical Fair Service Curve (HFSC)"
|
||||||
depends on NET_SCHED
|
depends on NET_SCHED
|
||||||
---help---
|
---help---
|
||||||
Say Y here if you want to use the Hierarchical Fair Service Curve
|
Say Y here if you want to use the Hierarchical Fair Service Curve
|
||||||
(HFSC) packet scheduling algorithm for some of your network devices.
|
(HFSC) packet scheduling algorithm.
|
||||||
|
|
||||||
To compile this code as a module, choose M here: the
|
To compile this code as a module, choose M here: the
|
||||||
module will be called sch_hfsc.
|
module will be called sch_hfsc.
|
||||||
|
|
||||||
#tristate ' H-PFQ packet scheduler' CONFIG_NET_SCH_HPFQ
|
|
||||||
config NET_SCH_ATM
|
config NET_SCH_ATM
|
||||||
tristate "ATM pseudo-scheduler"
|
tristate "ATM Virtual Circuits (ATM)"
|
||||||
depends on NET_SCHED && ATM
|
depends on NET_SCHED && ATM
|
||||||
---help---
|
---help---
|
||||||
Say Y here if you want to use the ATM pseudo-scheduler. This
|
Say Y here if you want to use the ATM pseudo-scheduler. This
|
||||||
provides a framework for invoking classifiers (aka "filters"), which
|
provides a framework for invoking classifiers, which in turn
|
||||||
in turn select classes of this queuing discipline. Each class maps
|
select classes of this queuing discipline. Each class maps
|
||||||
the flow(s) it is handling to a given virtual circuit (see the top of
|
the flow(s) it is handling to a given virtual circuit.
|
||||||
<file:net/sched/sch_atm.c>).
|
|
||||||
|
See the top of <file:net/sched/sch_atm.c>) for more details.
|
||||||
|
|
||||||
To compile this code as a module, choose M here: the
|
To compile this code as a module, choose M here: the
|
||||||
module will be called sch_atm.
|
module will be called sch_atm.
|
||||||
|
|
||||||
config NET_SCH_PRIO
|
config NET_SCH_PRIO
|
||||||
tristate "The simplest PRIO pseudoscheduler"
|
tristate "Multi Band Priority Queueing (PRIO)"
|
||||||
depends on NET_SCHED
|
depends on NET_SCHED
|
||||||
help
|
---help---
|
||||||
Say Y here if you want to use an n-band priority queue packet
|
Say Y here if you want to use an n-band priority queue packet
|
||||||
"scheduler" for some of your network devices or as a leaf discipline
|
scheduler.
|
||||||
for the CBQ scheduling algorithm. If unsure, say Y.
|
|
||||||
|
|
||||||
To compile this code as a module, choose M here: the
|
To compile this code as a module, choose M here: the
|
||||||
module will be called sch_prio.
|
module will be called sch_prio.
|
||||||
|
|
||||||
config NET_SCH_RED
|
config NET_SCH_RED
|
||||||
tristate "RED queue"
|
tristate "Random Early Detection (RED)"
|
||||||
depends on NET_SCHED
|
depends on NET_SCHED
|
||||||
help
|
---help---
|
||||||
Say Y here if you want to use the Random Early Detection (RED)
|
Say Y here if you want to use the Random Early Detection (RED)
|
||||||
packet scheduling algorithm for some of your network devices (see
|
packet scheduling algorithm.
|
||||||
the top of <file:net/sched/sch_red.c> for details and references
|
|
||||||
about the algorithm).
|
See the top of <file:net/sched/sch_red.c> for more details.
|
||||||
|
|
||||||
To compile this code as a module, choose M here: the
|
To compile this code as a module, choose M here: the
|
||||||
module will be called sch_red.
|
module will be called sch_red.
|
||||||
|
|
||||||
config NET_SCH_SFQ
|
config NET_SCH_SFQ
|
||||||
tristate "SFQ queue"
|
tristate "Stochastic Fairness Queueing (SFQ)"
|
||||||
depends on NET_SCHED
|
depends on NET_SCHED
|
||||||
---help---
|
---help---
|
||||||
Say Y here if you want to use the Stochastic Fairness Queueing (SFQ)
|
Say Y here if you want to use the Stochastic Fairness Queueing (SFQ)
|
||||||
packet scheduling algorithm for some of your network devices or as a
|
packet scheduling algorithm .
|
||||||
leaf discipline for the CBQ scheduling algorithm (see the top of
|
|
||||||
<file:net/sched/sch_sfq.c> for details and references about the SFQ
|
See the top of <file:net/sched/sch_sfq.c> for more details.
|
||||||
algorithm).
|
|
||||||
|
|
||||||
To compile this code as a module, choose M here: the
|
To compile this code as a module, choose M here: the
|
||||||
module will be called sch_sfq.
|
module will be called sch_sfq.
|
||||||
|
|
||||||
config NET_SCH_TEQL
|
config NET_SCH_TEQL
|
||||||
tristate "TEQL queue"
|
tristate "True Link Equalizer (TEQL)"
|
||||||
depends on NET_SCHED
|
depends on NET_SCHED
|
||||||
---help---
|
---help---
|
||||||
Say Y here if you want to use the True Link Equalizer (TLE) packet
|
Say Y here if you want to use the True Link Equalizer (TLE) packet
|
||||||
scheduling algorithm for some of your network devices or as a leaf
|
scheduling algorithm. This queueing discipline allows the combination
|
||||||
discipline for the CBQ scheduling algorithm. This queueing
|
of several physical devices into one virtual device.
|
||||||
discipline allows the combination of several physical devices into
|
|
||||||
one virtual device. (see the top of <file:net/sched/sch_teql.c> for
|
See the top of <file:net/sched/sch_teql.c> for more details.
|
||||||
details).
|
|
||||||
|
|
||||||
To compile this code as a module, choose M here: the
|
To compile this code as a module, choose M here: the
|
||||||
module will be called sch_teql.
|
module will be called sch_teql.
|
||||||
|
|
||||||
config NET_SCH_TBF
|
config NET_SCH_TBF
|
||||||
tristate "TBF queue"
|
tristate "Token Bucket Filter (TBF)"
|
||||||
depends on NET_SCHED
|
depends on NET_SCHED
|
||||||
help
|
---help---
|
||||||
Say Y here if you want to use the Simple Token Bucket Filter (TBF)
|
Say Y here if you want to use the Token Bucket Filter (TBF) packet
|
||||||
packet scheduling algorithm for some of your network devices or as a
|
scheduling algorithm.
|
||||||
leaf discipline for the CBQ scheduling algorithm (see the top of
|
|
||||||
<file:net/sched/sch_tbf.c> for a description of the TBF algorithm).
|
See the top of <file:net/sched/sch_tbf.c> for more details.
|
||||||
|
|
||||||
To compile this code as a module, choose M here: the
|
To compile this code as a module, choose M here: the
|
||||||
module will be called sch_tbf.
|
module will be called sch_tbf.
|
||||||
|
|
||||||
config NET_SCH_GRED
|
config NET_SCH_GRED
|
||||||
tristate "GRED queue"
|
tristate "Generic Random Early Detection (GRED)"
|
||||||
depends on NET_SCHED
|
depends on NET_SCHED
|
||||||
help
|
---help---
|
||||||
Say Y here if you want to use the Generic Random Early Detection
|
Say Y here if you want to use the Generic Random Early Detection
|
||||||
(GRED) packet scheduling algorithm for some of your network devices
|
(GRED) packet scheduling algorithm for some of your network devices
|
||||||
(see the top of <file:net/sched/sch_red.c> for details and
|
(see the top of <file:net/sched/sch_red.c> for details and
|
||||||
@ -232,9 +229,9 @@ config NET_SCH_GRED
|
|||||||
module will be called sch_gred.
|
module will be called sch_gred.
|
||||||
|
|
||||||
config NET_SCH_DSMARK
|
config NET_SCH_DSMARK
|
||||||
tristate "Diffserv field marker"
|
tristate "Differentiated Services marker (DSMARK)"
|
||||||
depends on NET_SCHED
|
depends on NET_SCHED
|
||||||
help
|
---help---
|
||||||
Say Y if you want to schedule packets according to the
|
Say Y if you want to schedule packets according to the
|
||||||
Differentiated Services architecture proposed in RFC 2475.
|
Differentiated Services architecture proposed in RFC 2475.
|
||||||
Technical information on this method, with pointers to associated
|
Technical information on this method, with pointers to associated
|
||||||
@ -244,9 +241,9 @@ config NET_SCH_DSMARK
|
|||||||
module will be called sch_dsmark.
|
module will be called sch_dsmark.
|
||||||
|
|
||||||
config NET_SCH_NETEM
|
config NET_SCH_NETEM
|
||||||
tristate "Network emulator"
|
tristate "Network emulator (NETEM)"
|
||||||
depends on NET_SCHED
|
depends on NET_SCHED
|
||||||
help
|
---help---
|
||||||
Say Y if you want to emulate network delay, loss, and packet
|
Say Y if you want to emulate network delay, loss, and packet
|
||||||
re-ordering. This is often useful to simulate networks when
|
re-ordering. This is often useful to simulate networks when
|
||||||
testing applications or protocols.
|
testing applications or protocols.
|
||||||
@ -259,58 +256,23 @@ config NET_SCH_NETEM
|
|||||||
config NET_SCH_INGRESS
|
config NET_SCH_INGRESS
|
||||||
tristate "Ingress Qdisc"
|
tristate "Ingress Qdisc"
|
||||||
depends on NET_SCHED
|
depends on NET_SCHED
|
||||||
help
|
---help---
|
||||||
If you say Y here, you will be able to police incoming bandwidth
|
Say Y here if you want to use classifiers for incoming packets.
|
||||||
and drop packets when this bandwidth exceeds your desired rate.
|
|
||||||
If unsure, say Y.
|
If unsure, say Y.
|
||||||
|
|
||||||
To compile this code as a module, choose M here: the
|
To compile this code as a module, choose M here: the
|
||||||
module will be called sch_ingress.
|
module will be called sch_ingress.
|
||||||
|
|
||||||
config NET_QOS
|
comment "Classification"
|
||||||
bool "QoS support"
|
|
||||||
depends on NET_SCHED
|
depends on NET_SCHED
|
||||||
---help---
|
|
||||||
Say Y here if you want to include Quality Of Service scheduling
|
|
||||||
features, which means that you will be able to request certain
|
|
||||||
rate-of-flow limits for your network devices.
|
|
||||||
|
|
||||||
This Quality of Service (QoS) support will enable you to use
|
|
||||||
Differentiated Services (diffserv) and Resource Reservation Protocol
|
|
||||||
(RSVP) on your Linux router if you also say Y to "Packet classifier
|
|
||||||
API" and to some classifiers below. Documentation and software is at
|
|
||||||
<http://diffserv.sourceforge.net/>.
|
|
||||||
|
|
||||||
Note that the answer to this question won't directly affect the
|
|
||||||
kernel: saying N will just cause the configurator to skip all
|
|
||||||
the questions about QoS support.
|
|
||||||
|
|
||||||
config NET_ESTIMATOR
|
|
||||||
bool "Rate estimator"
|
|
||||||
depends on NET_QOS
|
|
||||||
help
|
|
||||||
In order for Quality of Service scheduling to work, the current
|
|
||||||
rate-of-flow for a network device has to be estimated; if you say Y
|
|
||||||
here, the kernel will do just that.
|
|
||||||
|
|
||||||
config NET_CLS
|
config NET_CLS
|
||||||
bool "Packet classifier API"
|
boolean
|
||||||
depends on NET_SCHED
|
|
||||||
---help---
|
|
||||||
The CBQ scheduling algorithm requires that network packets which are
|
|
||||||
scheduled to be sent out over a network device be classified
|
|
||||||
according to some criterion. If you say Y here, you will get a
|
|
||||||
choice of several different packet classifiers with the following
|
|
||||||
questions.
|
|
||||||
|
|
||||||
This will enable you to use Differentiated Services (diffserv) and
|
|
||||||
Resource Reservation Protocol (RSVP) on your Linux router.
|
|
||||||
Documentation and software is at
|
|
||||||
<http://diffserv.sourceforge.net/>.
|
|
||||||
|
|
||||||
config NET_CLS_BASIC
|
config NET_CLS_BASIC
|
||||||
tristate "Basic classifier"
|
tristate "Elementary classification (BASIC)"
|
||||||
depends on NET_CLS
|
depends NET_SCHED
|
||||||
|
select NET_CLS
|
||||||
---help---
|
---help---
|
||||||
Say Y here if you want to be able to classify packets using
|
Say Y here if you want to be able to classify packets using
|
||||||
only extended matches and actions.
|
only extended matches and actions.
|
||||||
@ -319,24 +281,25 @@ config NET_CLS_BASIC
|
|||||||
module will be called cls_basic.
|
module will be called cls_basic.
|
||||||
|
|
||||||
config NET_CLS_TCINDEX
|
config NET_CLS_TCINDEX
|
||||||
tristate "TC index classifier"
|
tristate "Traffic-Control Index (TCINDEX)"
|
||||||
depends on NET_CLS
|
depends NET_SCHED
|
||||||
help
|
select NET_CLS
|
||||||
If you say Y here, you will be able to classify outgoing packets
|
---help---
|
||||||
according to the tc_index field of the skb. You will want this
|
Say Y here if you want to be able to classify packets based on
|
||||||
feature if you want to implement Differentiated Services using
|
traffic control indices. You will want this feature if you want
|
||||||
sch_dsmark. If unsure, say Y.
|
to implement Differentiated Services together with DSMARK.
|
||||||
|
|
||||||
To compile this code as a module, choose M here: the
|
To compile this code as a module, choose M here: the
|
||||||
module will be called cls_tcindex.
|
module will be called cls_tcindex.
|
||||||
|
|
||||||
config NET_CLS_ROUTE4
|
config NET_CLS_ROUTE4
|
||||||
tristate "Routing table based classifier"
|
tristate "Routing decision (ROUTE)"
|
||||||
depends on NET_CLS
|
depends NET_SCHED
|
||||||
select NET_CLS_ROUTE
|
select NET_CLS_ROUTE
|
||||||
help
|
select NET_CLS
|
||||||
If you say Y here, you will be able to classify outgoing packets
|
---help---
|
||||||
according to the route table entry they matched. If unsure, say Y.
|
If you say Y here, you will be able to classify packets
|
||||||
|
according to the route table entry they matched.
|
||||||
|
|
||||||
To compile this code as a module, choose M here: the
|
To compile this code as a module, choose M here: the
|
||||||
module will be called cls_route.
|
module will be called cls_route.
|
||||||
@ -346,58 +309,45 @@ config NET_CLS_ROUTE
|
|||||||
default n
|
default n
|
||||||
|
|
||||||
config NET_CLS_FW
|
config NET_CLS_FW
|
||||||
tristate "Firewall based classifier"
|
tristate "Netfilter mark (FW)"
|
||||||
depends on NET_CLS
|
depends NET_SCHED
|
||||||
help
|
select NET_CLS
|
||||||
If you say Y here, you will be able to classify outgoing packets
|
---help---
|
||||||
according to firewall criteria you specified.
|
If you say Y here, you will be able to classify packets
|
||||||
|
according to netfilter/firewall marks.
|
||||||
|
|
||||||
To compile this code as a module, choose M here: the
|
To compile this code as a module, choose M here: the
|
||||||
module will be called cls_fw.
|
module will be called cls_fw.
|
||||||
|
|
||||||
config NET_CLS_U32
|
config NET_CLS_U32
|
||||||
tristate "U32 classifier"
|
tristate "Universal 32bit comparisons w/ hashing (U32)"
|
||||||
depends on NET_CLS
|
depends NET_SCHED
|
||||||
help
|
select NET_CLS
|
||||||
If you say Y here, you will be able to classify outgoing packets
|
---help---
|
||||||
according to their destination address. If unsure, say Y.
|
Say Y here to be able to classify packetes using a universal
|
||||||
|
32bit pieces based comparison scheme.
|
||||||
|
|
||||||
To compile this code as a module, choose M here: the
|
To compile this code as a module, choose M here: the
|
||||||
module will be called cls_u32.
|
module will be called cls_u32.
|
||||||
|
|
||||||
config CLS_U32_PERF
|
config CLS_U32_PERF
|
||||||
bool "U32 classifier performance counters"
|
bool "Performance counters support"
|
||||||
depends on NET_CLS_U32
|
depends on NET_CLS_U32
|
||||||
help
|
---help---
|
||||||
gathers stats that could be used to tune u32 classifier performance.
|
Say Y here to make u32 gather additional statistics useful for
|
||||||
Requires a new iproute2
|
fine tuning u32 classifiers.
|
||||||
You MUST NOT turn this on if you dont have an update iproute2.
|
|
||||||
|
|
||||||
config NET_CLS_IND
|
|
||||||
bool "classify input device (slows things u32/fw) "
|
|
||||||
depends on NET_CLS_U32 || NET_CLS_FW
|
|
||||||
help
|
|
||||||
This option will be killed eventually when a
|
|
||||||
metadata action appears because it slows things a little
|
|
||||||
Available only for u32 and fw classifiers.
|
|
||||||
Requires a new iproute2
|
|
||||||
You MUST NOT turn this on if you dont have an update iproute2.
|
|
||||||
|
|
||||||
config CLS_U32_MARK
|
config CLS_U32_MARK
|
||||||
bool "Use nfmark as a key in U32 classifier"
|
bool "Netfilter marks support"
|
||||||
depends on NET_CLS_U32 && NETFILTER
|
depends on NET_CLS_U32 && NETFILTER
|
||||||
help
|
---help---
|
||||||
This allows you to match mark in a u32 filter.
|
Say Y here to be able to use netfilter marks as u32 key.
|
||||||
Example:
|
|
||||||
tc filter add dev eth0 protocol ip parent 1:0 prio 5 u32 \
|
|
||||||
match mark 0x0090 0xffff \
|
|
||||||
match ip dst 4.4.4.4 \
|
|
||||||
flowid 1:90
|
|
||||||
You must use a new iproute2 to use this feature.
|
|
||||||
|
|
||||||
config NET_CLS_RSVP
|
config NET_CLS_RSVP
|
||||||
tristate "Special RSVP classifier"
|
tristate "IPv4 Resource Reservation Protocol (RSVP)"
|
||||||
depends on NET_CLS && NET_QOS
|
depends on NET_SCHED
|
||||||
|
select NET_CLS
|
||||||
|
select NET_ESTIMATOR
|
||||||
---help---
|
---help---
|
||||||
The Resource Reservation Protocol (RSVP) permits end systems to
|
The Resource Reservation Protocol (RSVP) permits end systems to
|
||||||
request a minimum and maximum data flow rate for a connection; this
|
request a minimum and maximum data flow rate for a connection; this
|
||||||
@ -410,31 +360,33 @@ config NET_CLS_RSVP
|
|||||||
module will be called cls_rsvp.
|
module will be called cls_rsvp.
|
||||||
|
|
||||||
config NET_CLS_RSVP6
|
config NET_CLS_RSVP6
|
||||||
tristate "Special RSVP classifier for IPv6"
|
tristate "IPv6 Resource Reservation Protocol (RSVP6)"
|
||||||
depends on NET_CLS && NET_QOS
|
depends on NET_SCHED
|
||||||
|
select NET_CLS
|
||||||
|
select NET_ESTIMATOR
|
||||||
---help---
|
---help---
|
||||||
The Resource Reservation Protocol (RSVP) permits end systems to
|
The Resource Reservation Protocol (RSVP) permits end systems to
|
||||||
request a minimum and maximum data flow rate for a connection; this
|
request a minimum and maximum data flow rate for a connection; this
|
||||||
is important for real time data such as streaming sound or video.
|
is important for real time data such as streaming sound or video.
|
||||||
|
|
||||||
Say Y here if you want to be able to classify outgoing packets based
|
Say Y here if you want to be able to classify outgoing packets based
|
||||||
on their RSVP requests and you are using the new Internet Protocol
|
on their RSVP requests and you are using the IPv6.
|
||||||
IPv6 as opposed to the older and more common IPv4.
|
|
||||||
|
|
||||||
To compile this code as a module, choose M here: the
|
To compile this code as a module, choose M here: the
|
||||||
module will be called cls_rsvp6.
|
module will be called cls_rsvp6.
|
||||||
|
|
||||||
config NET_EMATCH
|
config NET_EMATCH
|
||||||
bool "Extended Matches"
|
bool "Extended Matches"
|
||||||
depends on NET_CLS
|
depends NET_SCHED
|
||||||
|
select NET_CLS
|
||||||
---help---
|
---help---
|
||||||
Say Y here if you want to use extended matches on top of classifiers
|
Say Y here if you want to use extended matches on top of classifiers
|
||||||
and select the extended matches below.
|
and select the extended matches below.
|
||||||
|
|
||||||
Extended matches are small classification helpers not worth writing
|
Extended matches are small classification helpers not worth writing
|
||||||
a separate classifier.
|
a separate classifier for.
|
||||||
|
|
||||||
You must have a recent version of the iproute2 tools in order to use
|
A recent version of the iproute2 package is required to use
|
||||||
extended matches.
|
extended matches.
|
||||||
|
|
||||||
config NET_EMATCH_STACK
|
config NET_EMATCH_STACK
|
||||||
@ -468,7 +420,7 @@ config NET_EMATCH_NBYTE
|
|||||||
module will be called em_nbyte.
|
module will be called em_nbyte.
|
||||||
|
|
||||||
config NET_EMATCH_U32
|
config NET_EMATCH_U32
|
||||||
tristate "U32 hashing key"
|
tristate "U32 key"
|
||||||
depends on NET_EMATCH
|
depends on NET_EMATCH
|
||||||
---help---
|
---help---
|
||||||
Say Y here if you want to be able to classify packets using
|
Say Y here if you want to be able to classify packets using
|
||||||
@ -496,76 +448,120 @@ config NET_EMATCH_TEXT
|
|||||||
select TEXTSEARCH_BM
|
select TEXTSEARCH_BM
|
||||||
select TEXTSEARCH_FSM
|
select TEXTSEARCH_FSM
|
||||||
---help---
|
---help---
|
||||||
Say Y here if you want to be ablt to classify packets based on
|
Say Y here if you want to be able to classify packets based on
|
||||||
textsearch comparisons.
|
textsearch comparisons.
|
||||||
|
|
||||||
To compile this code as a module, choose M here: the
|
To compile this code as a module, choose M here: the
|
||||||
module will be called em_text.
|
module will be called em_text.
|
||||||
|
|
||||||
config NET_CLS_ACT
|
config NET_CLS_ACT
|
||||||
bool "Packet ACTION"
|
bool "Actions"
|
||||||
depends on EXPERIMENTAL && NET_CLS && NET_QOS
|
depends on EXPERIMENTAL && NET_SCHED
|
||||||
|
select NET_ESTIMATOR
|
||||||
---help---
|
---help---
|
||||||
This option requires you have a new iproute2. It enables
|
Say Y here if you want to use traffic control actions. Actions
|
||||||
tc extensions which can be used with tc classifiers.
|
get attached to classifiers and are invoked after a successful
|
||||||
You MUST NOT turn this on if you dont have an update iproute2.
|
classification. They are used to overwrite the classification
|
||||||
|
result, instantly drop or redirect packets, etc.
|
||||||
|
|
||||||
|
A recent version of the iproute2 package is required to use
|
||||||
|
extended matches.
|
||||||
|
|
||||||
config NET_ACT_POLICE
|
config NET_ACT_POLICE
|
||||||
tristate "Policing Actions"
|
tristate "Traffic Policing"
|
||||||
depends on NET_CLS_ACT
|
depends on NET_CLS_ACT
|
||||||
---help---
|
---help---
|
||||||
If you are using a newer iproute2 select this one, otherwise use one
|
Say Y here if you want to do traffic policing, i.e. strict
|
||||||
below to select a policer.
|
bandwidth limiting. This action replaces the existing policing
|
||||||
You MUST NOT turn this on if you dont have an update iproute2.
|
module.
|
||||||
|
|
||||||
|
To compile this code as a module, choose M here: the
|
||||||
|
module will be called police.
|
||||||
|
|
||||||
config NET_ACT_GACT
|
config NET_ACT_GACT
|
||||||
tristate "generic Actions"
|
tristate "Generic actions"
|
||||||
depends on NET_CLS_ACT
|
depends on NET_CLS_ACT
|
||||||
---help---
|
---help---
|
||||||
You must have new iproute2 to use this feature.
|
Say Y here to take generic actions such as dropping and
|
||||||
This adds simple filtering actions like drop, accept etc.
|
accepting packets.
|
||||||
|
|
||||||
|
To compile this code as a module, choose M here: the
|
||||||
|
module will be called gact.
|
||||||
|
|
||||||
config GACT_PROB
|
config GACT_PROB
|
||||||
bool "generic Actions probability"
|
bool "Probability support"
|
||||||
depends on NET_ACT_GACT
|
depends on NET_ACT_GACT
|
||||||
---help---
|
---help---
|
||||||
Allows generic actions to be randomly or deterministically used.
|
Say Y here to use the generic action randomly or deterministically.
|
||||||
|
|
||||||
config NET_ACT_MIRRED
|
config NET_ACT_MIRRED
|
||||||
tristate "Packet In/Egress redirecton/mirror Actions"
|
tristate "Redirecting and Mirroring"
|
||||||
depends on NET_CLS_ACT
|
depends on NET_CLS_ACT
|
||||||
---help---
|
---help---
|
||||||
requires new iproute2
|
Say Y here to allow packets to be mirrored or redirected to
|
||||||
This allows packets to be mirrored or redirected to netdevices
|
other devices.
|
||||||
|
|
||||||
|
To compile this code as a module, choose M here: the
|
||||||
|
module will be called mirred.
|
||||||
|
|
||||||
config NET_ACT_IPT
|
config NET_ACT_IPT
|
||||||
tristate "iptables Actions"
|
tristate "IPtables targets"
|
||||||
depends on NET_CLS_ACT && NETFILTER && IP_NF_IPTABLES
|
depends on NET_CLS_ACT && NETFILTER && IP_NF_IPTABLES
|
||||||
---help---
|
---help---
|
||||||
requires new iproute2
|
Say Y here to be able to invoke iptables targets after succesful
|
||||||
This allows iptables targets to be used by tc filters
|
classification.
|
||||||
|
|
||||||
|
To compile this code as a module, choose M here: the
|
||||||
|
module will be called ipt.
|
||||||
|
|
||||||
config NET_ACT_PEDIT
|
config NET_ACT_PEDIT
|
||||||
tristate "Generic Packet Editor Actions"
|
tristate "Packet Editing"
|
||||||
depends on NET_CLS_ACT
|
depends on NET_CLS_ACT
|
||||||
---help---
|
---help---
|
||||||
requires new iproute2
|
Say Y here if you want to mangle the content of packets.
|
||||||
This allows for packets to be generically edited
|
|
||||||
|
|
||||||
config NET_CLS_POLICE
|
To compile this code as a module, choose M here: the
|
||||||
bool "Traffic policing (needed for in/egress)"
|
module will be called pedit.
|
||||||
depends on NET_CLS && NET_QOS && NET_CLS_ACT!=y
|
|
||||||
help
|
|
||||||
Say Y to support traffic policing (bandwidth limits). Needed for
|
|
||||||
ingress and egress rate limiting.
|
|
||||||
|
|
||||||
config NET_ACT_SIMP
|
config NET_ACT_SIMP
|
||||||
tristate "Simple action"
|
tristate "Simple Example (Debug)"
|
||||||
depends on NET_CLS_ACT
|
depends on NET_CLS_ACT
|
||||||
---help---
|
---help---
|
||||||
You must have new iproute2 to use this feature.
|
Say Y here to add a simple action for demonstration purposes.
|
||||||
This adds a very simple action for demonstration purposes
|
It is meant as an example and for debugging purposes. It will
|
||||||
The idea is to give action authors a basic example to look at.
|
print a configured policy string followed by the packet count
|
||||||
All this action will do is print on the console the configured
|
to the console for every packet that passes by.
|
||||||
policy string followed by _ then packet count.
|
|
||||||
|
|
||||||
|
If unsure, say N.
|
||||||
|
|
||||||
|
To compile this code as a module, choose M here: the
|
||||||
|
module will be called simple.
|
||||||
|
|
||||||
|
config NET_CLS_POLICE
|
||||||
|
bool "Traffic Policing (obsolete)"
|
||||||
|
depends on NET_SCHED && NET_CLS_ACT!=y
|
||||||
|
select NET_ESTIMATOR
|
||||||
|
---help---
|
||||||
|
Say Y here if you want to do traffic policing, i.e. strict
|
||||||
|
bandwidth limiting. This option is obsoleted by the traffic
|
||||||
|
policer implemented as action, it stays here for compatibility
|
||||||
|
reasons.
|
||||||
|
|
||||||
|
config NET_CLS_IND
|
||||||
|
bool "Incoming device classification"
|
||||||
|
depends on NET_SCHED && (NET_CLS_U32 || NET_CLS_FW)
|
||||||
|
---help---
|
||||||
|
Say Y here to extend the u32 and fw classifier to support
|
||||||
|
classification based on the incoming device. This option is
|
||||||
|
likely to disappear in favour of the metadata ematch.
|
||||||
|
|
||||||
|
config NET_ESTIMATOR
|
||||||
|
bool "Rate estimator"
|
||||||
|
depends on NET_SCHED
|
||||||
|
---help---
|
||||||
|
Say Y here to allow using rate estimators to estimate the current
|
||||||
|
rate-of-flow for network devices, queues, etc. This module is
|
||||||
|
automaticaly selected if needed but can be selected manually for
|
||||||
|
statstical purposes.
|
||||||
|
|
||||||
|
endmenu
|
||||||
|
Loading…
Reference in New Issue
Block a user