QoS class with multiple matches generates one filter rule but expects several rules
Closed, ResolvedPublicBUG
Actions

Assigned To

Authored By

	Viacheslav
	Jun 18 2023, 10:19 AM

Description

QoS class with multiple matches generates one filter rule but expects several rules.
To reproduce, use several matches per class:

set qos interface eth0 egress 'test'
set qos policy shaper test bandwidth '300mbit'
set qos policy shaper test class 23 bandwidth '150mbit'
set qos policy shaper test class 23 match 10 ip protocol 'tcp'
set qos policy shaper test class 23 match 20 ip protocol 'udp'
set qos policy shaper test default bandwidth '20mbit'
set qos policy shaper test default queue-type 'fair-queue'

Debug:

{'bandwidth': '300mbit',
 'class': {'23': {'bandwidth': '150mbit',
                  'burst': '15k',
                  'codel_quantum': '1514',
                  'flows': '1024',
                  'interval': '100',
                  'match': {'10': {'ip': {'protocol': 'tcp'}},
                            '20': {'ip': {'protocol': 'udp'}}},
                  'queue_type': 'fq-codel',
                  'target': '5'}},
 'default': {'bandwidth': '20mbit',
             'burst': '15k',
             'codel_quantum': '1514',
             'flows': '1024',
             'interval': '100',
             'priority': '20',
             'queue_type': 'fair-queue',
             'target': '5'}}
DEBUG/QoS: tc qdisc replace dev eth0 root handle 1: htb r2q 187 default 18
DEBUG/QoS: tc class replace dev eth0 parent 1: classid 1:1 htb rate 300000000
DEBUG/QoS: tc class replace dev eth0 parent 1:1 classid 1:17 htb rate 150000000 burst 15k quantum 1514
DEBUG/QoS: tc qdisc replace dev eth0 parent 1:17 sfq
DEBUG/QoS: tc class replace dev eth0 parent 1:1 classid 1:18 htb rate 20000000 burst 15k quantum 1514 prio 20
DEBUG/QoS: tc qdisc replace dev eth0 parent 1:18 sfq
DEBUG/QoS: tc qdisc replace dev eth0 parent 1:17 fq_codel quantum 1514 flows 1024 interval 100 interval 100 target 5 noecn
DEBUG/QoS: tc filter replace dev eth0 parent 1: protocol all u32 match ip protocol 6 0xff u32 match ip protocol 17 0xff flowid 1:17

Obviously, the latest rule is wrong.

  File "/usr/lib/python3/dist-packages/vyos/util.py", line 161, in cmd
    raise OSError(code, feedback)
PermissionError: [Errno 1] failed to run command: tc filter replace dev eth0 parent 1: protocol all u32 match ip protocol 6 0xff u32 match ip protocol 17 0xff flowid 1:17
returned: 
exit code: 1

It probably should be split into two rules. At least that's how it works in 1.3.

sudo filter add dev eth0 parent 1: prio 1 protocol all u32 match ip protocol 6 0xff flowid 1:17
sudo filter add dev eth0 parent 1: prio 2 protocol all u32 match ip protocol 17 0xff flowid 1:17

Details

Difficulty level: Unknown (require assessment)
Version: VyOS 1.4-rolling-202306180317
Why the issue appeared?: Will be filled on close
Is it a breaking change?: Unspecified (possibly destroys the router)
Issue type: Bug (incorrect behavior)

Related Objects
Search...

		Status	Subtype	Assigned	Task
		Resolved	BUG	c-po	T5048 QoS doesn't work correctly root task
		Resolved	BUG	Viacheslav	T5302 QoS class with multiple matches generates one filter rule but expects several rules

Event Timeline

Viacheslav created this task.Jun 18 2023, 10:19 AM

pasik added a subscriber: pasik.Jun 18 2023, 5:20 PM

Viacheslav mentioned this in T5071: QOS-Rewrite: DSCP match missing.Jun 22 2023, 1:36 PM

fernando added a subscriber: fernando.Jun 22 2023, 2:35 PM

PR https://github.com/vyos/vyos-1x/pull/2065

set qos interface eth0 egress 'test'
set qos policy shaper test bandwidth '300mbit'
set qos policy shaper test class 23 bandwidth '150mbit'
set qos policy shaper test class 23 match one ip protocol 'tcp'
set qos policy shaper test class 23 match two ip protocol 'udp'
set qos policy shaper test default bandwidth '20mbit'
set qos policy shaper test default queue-type 'fair-queue'
commit

commit

vyos@r14# commit
[ qos ]
DEBUG/QoS: tc qdisc replace dev eth0 root handle 1: htb r2q 187 default 18
DEBUG/QoS: tc class replace dev eth0 parent 1: classid 1:1 htb rate 300000000
DEBUG/QoS: tc class replace dev eth0 parent 1:1 classid 1:17 htb rate 150000000 burst 15k quantum 1514
DEBUG/QoS: tc qdisc replace dev eth0 parent 1:17 sfq
DEBUG/QoS: tc class replace dev eth0 parent 1:1 classid 1:18 htb rate 20000000 burst 15k quantum 1514 prio 20
DEBUG/QoS: tc qdisc replace dev eth0 parent 1:18 sfq
DEBUG/QoS: tc qdisc replace dev eth0 parent 1:17 fq_codel quantum 1514 flows 1024 interval 100 interval 100 target 5 noecn
DEBUG/QoS: tc filter add dev eth0 parent 1: protocol all prio 1 u32 match ip protocol 6 0xff flowid 1:17
DEBUG/QoS: tc filter add dev eth0 parent 1: protocol all prio 2 u32 match ip protocol 17 0xff flowid 1:17

Viacheslav changed the task status from Open to In progress.Jul 1 2023, 5:39 PM

Viacheslav changed the task status from In progress to Needs testing.Jul 1 2023, 8:18 PM

Viacheslav closed this task as Resolved.Aug 7 2023, 11:23 AM

Viacheslav claimed this task.

Viacheslav moved this task from Need Triage to Finished on the VyOS 1.4 Sagitta board.

QoS class with multiple matches generates one filter rule but expects several rulesClosed, ResolvedPublicBUGActions

Description

Details

Related ObjectsSearch...

Event Timeline

QoS class with multiple matches generates one filter rule but expects several rules
Closed, ResolvedPublicBUG
Actions

Related Objects
Search...