gargoyle icon indicating copy to clipboard operation
gargoyle copied to clipboard
verified publisher icon ericpaulbishop

RFC: Replace IMQ with IFB for QoS/Quotas

Open lantis1008 opened this issue 3 years ago • 2 comments

Offering the opportunity to express feedback, criticisms or concerns for replacing IMQ with IFB for QoS and Quotas. Rationale: IMQ is patched into the kernel and has to be maintained. Future versions of OpenWrt are moving to nftables, and there does not currently exist and IMQ patch for nftables. We could write one, but IFB may serve the same purpose with a lot less effort.

Initial commit here: https://github.com/ericpaulbishop/gargoyle/commit/6198601c8b1c2842d5254f46144d961d3511bad8

@pbix @ericpaulbishop @obsy tagged as most relevant. Particularly pbix has a lot of history with QoS and Qosmon.

The idea is that we attach the IFB (ifb0) to the ingress of the WAN interface, and then attach qdiscs to the egress of ifb0. To achieve pre/post NAT visibility, we still tag everything in mangle as we did before, and all of the chain jumps still occur in INPUT+FORWARD and OUTPUT+POSTROUTING for ingress and egress respectively. As before, marks are assigned and saved to the connection tracking mark (connmark). We employ the act_connmark action which will restore the connmarks to the fwmark on each packet, and we use this along with IFBs redirect action to push the tagged packets through ifb0, where they will be filtered through qdiscs as before.

Two things that need to be done to keep everything humming nicely:

  • Always use 0x7F and 0x007F masks when looking at the marks as the packets now have the full conntrack mark on them (both directions)
  • In PREROUTING and POSTROUTING we need to clear the fwmark (set it to zero) as it would have already been restored to the packet by act_connmark. If we don't do this, the logic for detecting whether quotas already assigned a qos mark is tricky

lantis1008 avatar May 12 '22 13:05 lantis1008

Hi Guys,
I am still around but not able to dedicate time to this project anymore. I do not have much I can add to this conversation.

I made some comments about my concerns here https://forum.archive.openwrt.org/viewtopic.php?id=28947 but that was years ago and things change.

If you think you have found a way to surmount those concerns then that is great as I am sure that its a royal pain to maintain support of IMQ.

My hat is off to anyone who would be willing to take up the challenge of replacing IMQ with IFB.

pbix avatar May 13 '22 01:05 pbix

Appreciate that, and I think I have cracked the lack of NAT visibility (or at least I hope I have).

Thanks for taking the time to leave your thoughts, all the best.

lantis1008 avatar May 13 '22 01:05 lantis1008