From fe456f47bdf21f520d3a5ddd797c5cab334c3719 Mon Sep 17 00:00:00 2001 From: Neil McKee Date: Thu, 18 Mar 2021 12:19:53 -0700 Subject: [PATCH] tc config - make sure sampling happens before ACLs are applied --- src/Linux/mod_dent.c | 7 ++++++- 1 file changed, 6 insertions(+), 1 deletion(-) diff --git a/src/Linux/mod_dent.c b/src/Linux/mod_dent.c index 161a51e..a3109a9 100644 --- a/src/Linux/mod_dent.c +++ b/src/Linux/mod_dent.c @@ -162,7 +162,7 @@ extern "C" { static bool setRate(EVMod *mod, SFLAdaptor *adaptor, uint32_t logGroup, uint32_t sampling_n, bool egress) { // examples: // tc qdisc add dev eth0 clsact - // tc filter add dev eth0 ingress matchall skip_sw action sample rate 1000 group 1 + // tc filter add dev eth0 ingress pref 1 matchall skip_sw action sample rate 1000 group 1 trunc 128 HSP *sp = (HSP *)EVROOTDATA(mod); bool sampling_ok = NO; UTStringArray *cmdline = strArrayNew(); @@ -172,6 +172,11 @@ extern "C" { strArrayAdd(cmdline, "dev"); strArrayAdd(cmdline, adaptor->deviceName); strArrayAdd(cmdline, egress ? "egress" : "ingress"); + // Sampling should happen before ingress ACLs, so ask for preference/priority 1. + // For egress the ACLs have already been applied, but it still seems more stable + // and consistent to request pref 1. + strArrayAdd(cmdline, "pref"); + strArrayAdd(cmdline, "1"); strArrayAdd(cmdline, "matchall"); if(sp->dent.sw == NO) strArrayAdd(cmdline, "skip_sw");