Reputation: 81
Ingress/egress confusion in tc
Can someone explain me please, because I don't understand the following concept. In tc you can add a dummy qdisc which can process a fraction of traffic by some specific rules.
For exapmle, here you create an explicit ingress qdisc for eth0. No idea by the way what is the point of this, like ingress qdisc isn't included by default.
$TC qdisc add dev eth0 ingress handle ffff:0
Then you apply a filter which calls an action to redirect incoming traffic with some rule (0 0) to a dummy device (ifb0). But the filtered traffic is marked as "egress"! Why is that so? SHouldn't this traffic also appear as ingress in ifb0?
$TC filter add dev eth0 parent ffff: protocol ip prio 10 u32 \
match u32 0 0 flowid 1:1 \
action mirred egress redirect dev ifb0
Or does ingress mean any traffic queued inside qdisk (both incoming and outgoing traffic). So let's say the network card received some data and before starting working with it, the kernel queued it in some qdisc. That data is ingress. The moment this data is dequeued for processing by the system, it became egress? And the vice versa, the application sends some data to some ip address, so before giving this data to network card, the kernel puts this data into appropriate qdisc. So when it happens this data becomes ingress. Then after the data was processed by an appropriate class and was dequeued to be passed to network card, this data became egress?
Or maybe it's ingress is all traffic coming from the network card to the kernel? In this case why there is egress in
action mirred egress redirect dev ifb0
Is it because the traffic is taken from the "ingress" part of the root qdisc owned by the network card, so when the "taking for redirection" takes place this data becomes "egress"? Why "egress"? I don't understand(
Upvotes: 1
Views: 5264
Answers (1)
Reputation: 11
Indeed, but consider this:
The TC qdisc direction pertains to the actual direction of traffic. Ingress means network port->interface as according to this reference: https://tldp.org/HOWTO/Adv-Routing-HOWTO/lartc.adv-qdisc.ingress.html
The TC filter action mirror/redirect direction is relative to the interface. Ingress means mirror/redirect the packet as it comes into the filter. Egress means mirror/redirect the packet as it goes out of the filter. The difference is that other actions can potentially transform the packet on a match. So what goes into the filter might be different from what goes out of the filter. The command basically allows the user to decide if the original packet or the modified packet is to be mirrored/redirected. Check this out: https://man7.org/linux/man-pages/man8/tc-mirred.8.html
Upvotes: 1
Related Questions
- Traffic mirroring with tc over GRE Tunnel only gets ingress Traffic
- How to read TCP packets on a tun/tap interface?
- TC (traffic control) in Linux
- tc class ceil inheritance
- How to priotize packets using tc and cgroups
- Understanding TCP/Ip layering through internet flow?
- Traffic shaping with tc is inaccurate with high bandwidth and delay
- tc: attaching many netems to an interface
- Why tc cannot do ingress shaping? Does ingress shaping make sense?
- tun/tap interface understanding