Re: [PATCH net-next 1/2] net/sched: sch_ingress: Support clsact egress mini-Qdisc option

[Daniel Borkmann]

On 8/2/21 10:49 PM, Peilin Ye wrote:
> From: Peilin Ye <peilin.ye@xxxxxxxxxxxxx>
>
> If the ingress Qdisc is in use, currently it is not possible to add
> another clsact egress mini-Qdisc to the same device without taking down
> the ingress Qdisc, since both sch_ingress and sch_clsact use the same
> handle (0xFFFF0000).
>
> Add a "change" option for sch_ingress, so that users can enable or disable
> a clsact egress mini-Qdisc, without suffering from downtime:
>
>      $ tc qdisc add dev eth0 ingress
>      $ tc qdisc change dev eth0 ingress clsact-on
>
> Then users can add filters to the egress mini-Qdisc as usual:
>
>      $ tc filter add dev eth0 egress protocol ip prio 10 \
> 	    matchall action skbmod swap mac
>
> Deleting the ingress Qdisc removes the egress mini-Qdisc as well.  To
> remove egress mini-Qdisc only, use:
>
>      $ tc qdisc change dev eth0 ingress clsact-off
>
> Finally, if the egress mini-Qdisc is enabled, the "show" command will
> print out a "clsact" flag to indicate it:
>
>      $ tc qdisc show ingress
>      qdisc ingress ffff: dev eth0 parent ffff:fff1 ----------------
>      $ tc qdisc change dev eth0 ingress clsact-on
>      $ tc qdisc show ingress
>      qdisc ingress ffff: dev eth0 parent ffff:fff1 ---------------- clsact
>
> Reviewed-by: Cong Wang <cong.wang@xxxxxxxxxxxxx>
> Signed-off-by: Peilin Ye <peilin.ye@xxxxxxxxxxxxx>

NAK, just use clsact qdisc in the first place which has both ingress and egress
support instead of adding such hack. You already need to change your scripts for
clsact-on, so just swap 'tc qdisc add dev eth0 ingress' to 'tc qdisc add dev eth0
clsact' w/o needing to change kernel.

Thanks,
Daniel