1# 2# Traffic control configuration. 3# 4 5menuconfig NET_SCHED 6 bool "QoS and/or fair queueing" 7 select NET_SCH_FIFO 8 ---help--- 9 When the kernel has several packets to send out over a network 10 device, it has to decide which ones to send first, which ones to 11 delay, and which ones to drop. This is the job of the queueing 12 disciplines, several different algorithms for how to do this 13 "fairly" have been proposed. 14 15 If you say N here, you will get the standard packet scheduler, which 16 is a FIFO (first come, first served). If you say Y here, you will be 17 able to choose from among several alternative algorithms which can 18 then be attached to different network devices. This is useful for 19 example if some of your network devices are real time devices that 20 need a certain minimum data flow rate, or if you need to limit the 21 maximum data flow rate for traffic which matches specified criteria. 22 This code is considered to be experimental. 23 24 To administer these schedulers, you'll need the user-level utilities 25 from the package iproute2+tc at 26 <https://www.kernel.org/pub/linux/utils/net/iproute2/>. That package 27 also contains some documentation; for more, check out 28 <http://www.linuxfoundation.org/collaborate/workgroups/networking/iproute2>. 29 30 This Quality of Service (QoS) support will enable you to use 31 Differentiated Services (diffserv) and Resource Reservation Protocol 32 (RSVP) on your Linux router if you also say Y to the corresponding 33 classifiers below. Documentation and software is at 34 <http://diffserv.sourceforge.net/>. 35 36 If you say Y here and to "/proc file system" below, you will be able 37 to read status information about packet schedulers from the file 38 /proc/net/psched. 39 40 The available schedulers are listed in the following questions; you 41 can say Y to as many as you like. If unsure, say N now. 42 43if NET_SCHED 44 45comment "Queueing/Scheduling" 46 47config NET_SCH_CBQ 48 tristate "Class Based Queueing (CBQ)" 49 ---help--- 50 Say Y here if you want to use the Class-Based Queueing (CBQ) packet 51 scheduling algorithm. This algorithm classifies the waiting packets 52 into a tree-like hierarchy of classes; the leaves of this tree are 53 in turn scheduled by separate algorithms. 54 55 See the top of <file:net/sched/sch_cbq.c> for more details. 56 57 CBQ is a commonly used scheduler, so if you're unsure, you should 58 say Y here. Then say Y to all the queueing algorithms below that you 59 want to use as leaf disciplines. 60 61 To compile this code as a module, choose M here: the 62 module will be called sch_cbq. 63 64config NET_SCH_HTB 65 tristate "Hierarchical Token Bucket (HTB)" 66 ---help--- 67 Say Y here if you want to use the Hierarchical Token Buckets (HTB) 68 packet scheduling algorithm. See 69 <http://luxik.cdi.cz/~devik/qos/htb/> for complete manual and 70 in-depth articles. 71 72 HTB is very similar to CBQ regarding its goals however is has 73 different properties and different algorithm. 74 75 To compile this code as a module, choose M here: the 76 module will be called sch_htb. 77 78config NET_SCH_HFSC 79 tristate "Hierarchical Fair Service Curve (HFSC)" 80 ---help--- 81 Say Y here if you want to use the Hierarchical Fair Service Curve 82 (HFSC) packet scheduling algorithm. 83 84 To compile this code as a module, choose M here: the 85 module will be called sch_hfsc. 86 87config NET_SCH_ATM 88 tristate "ATM Virtual Circuits (ATM)" 89 depends on ATM 90 ---help--- 91 Say Y here if you want to use the ATM pseudo-scheduler. This 92 provides a framework for invoking classifiers, which in turn 93 select classes of this queuing discipline. Each class maps 94 the flow(s) it is handling to a given virtual circuit. 95 96 See the top of <file:net/sched/sch_atm.c> for more details. 97 98 To compile this code as a module, choose M here: the 99 module will be called sch_atm. 100 101config NET_SCH_PRIO 102 tristate "Multi Band Priority Queueing (PRIO)" 103 ---help--- 104 Say Y here if you want to use an n-band priority queue packet 105 scheduler. 106 107 To compile this code as a module, choose M here: the 108 module will be called sch_prio. 109 110config NET_SCH_MULTIQ 111 tristate "Hardware Multiqueue-aware Multi Band Queuing (MULTIQ)" 112 ---help--- 113 Say Y here if you want to use an n-band queue packet scheduler 114 to support devices that have multiple hardware transmit queues. 115 116 To compile this code as a module, choose M here: the 117 module will be called sch_multiq. 118 119config NET_SCH_RED 120 tristate "Random Early Detection (RED)" 121 ---help--- 122 Say Y here if you want to use the Random Early Detection (RED) 123 packet scheduling algorithm. 124 125 See the top of <file:net/sched/sch_red.c> for more details. 126 127 To compile this code as a module, choose M here: the 128 module will be called sch_red. 129 130config NET_SCH_SFB 131 tristate "Stochastic Fair Blue (SFB)" 132 ---help--- 133 Say Y here if you want to use the Stochastic Fair Blue (SFB) 134 packet scheduling algorithm. 135 136 See the top of <file:net/sched/sch_sfb.c> for more details. 137 138 To compile this code as a module, choose M here: the 139 module will be called sch_sfb. 140 141config NET_SCH_SFQ 142 tristate "Stochastic Fairness Queueing (SFQ)" 143 ---help--- 144 Say Y here if you want to use the Stochastic Fairness Queueing (SFQ) 145 packet scheduling algorithm. 146 147 See the top of <file:net/sched/sch_sfq.c> for more details. 148 149 To compile this code as a module, choose M here: the 150 module will be called sch_sfq. 151 152config NET_SCH_TEQL 153 tristate "True Link Equalizer (TEQL)" 154 ---help--- 155 Say Y here if you want to use the True Link Equalizer (TLE) packet 156 scheduling algorithm. This queueing discipline allows the combination 157 of several physical devices into one virtual device. 158 159 See the top of <file:net/sched/sch_teql.c> for more details. 160 161 To compile this code as a module, choose M here: the 162 module will be called sch_teql. 163 164config NET_SCH_TBF 165 tristate "Token Bucket Filter (TBF)" 166 ---help--- 167 Say Y here if you want to use the Token Bucket Filter (TBF) packet 168 scheduling algorithm. 169 170 See the top of <file:net/sched/sch_tbf.c> for more details. 171 172 To compile this code as a module, choose M here: the 173 module will be called sch_tbf. 174 175config NET_SCH_GRED 176 tristate "Generic Random Early Detection (GRED)" 177 ---help--- 178 Say Y here if you want to use the Generic Random Early Detection 179 (GRED) packet scheduling algorithm for some of your network devices 180 (see the top of <file:net/sched/sch_red.c> for details and 181 references about the algorithm). 182 183 To compile this code as a module, choose M here: the 184 module will be called sch_gred. 185 186config NET_SCH_DSMARK 187 tristate "Differentiated Services marker (DSMARK)" 188 ---help--- 189 Say Y if you want to schedule packets according to the 190 Differentiated Services architecture proposed in RFC 2475. 191 Technical information on this method, with pointers to associated 192 RFCs, is available at <http://www.gta.ufrj.br/diffserv/>. 193 194 To compile this code as a module, choose M here: the 195 module will be called sch_dsmark. 196 197config NET_SCH_NETEM 198 tristate "Network emulator (NETEM)" 199 ---help--- 200 Say Y if you want to emulate network delay, loss, and packet 201 re-ordering. This is often useful to simulate networks when 202 testing applications or protocols. 203 204 To compile this driver as a module, choose M here: the module 205 will be called sch_netem. 206 207 If unsure, say N. 208 209config NET_SCH_DRR 210 tristate "Deficit Round Robin scheduler (DRR)" 211 help 212 Say Y here if you want to use the Deficit Round Robin (DRR) packet 213 scheduling algorithm. 214 215 To compile this driver as a module, choose M here: the module 216 will be called sch_drr. 217 218 If unsure, say N. 219 220config NET_SCH_MQPRIO 221 tristate "Multi-queue priority scheduler (MQPRIO)" 222 help 223 Say Y here if you want to use the Multi-queue Priority scheduler. 224 This scheduler allows QOS to be offloaded on NICs that have support 225 for offloading QOS schedulers. 226 227 To compile this driver as a module, choose M here: the module will 228 be called sch_mqprio. 229 230 If unsure, say N. 231 232config NET_SCH_CHOKE 233 tristate "CHOose and Keep responsive flow scheduler (CHOKE)" 234 help 235 Say Y here if you want to use the CHOKe packet scheduler (CHOose 236 and Keep for responsive flows, CHOose and Kill for unresponsive 237 flows). This is a variation of RED which trys to penalize flows 238 that monopolize the queue. 239 240 To compile this code as a module, choose M here: the 241 module will be called sch_choke. 242 243config NET_SCH_QFQ 244 tristate "Quick Fair Queueing scheduler (QFQ)" 245 help 246 Say Y here if you want to use the Quick Fair Queueing Scheduler (QFQ) 247 packet scheduling algorithm. 248 249 To compile this driver as a module, choose M here: the module 250 will be called sch_qfq. 251 252 If unsure, say N. 253 254config NET_SCH_CODEL 255 tristate "Controlled Delay AQM (CODEL)" 256 help 257 Say Y here if you want to use the Controlled Delay (CODEL) 258 packet scheduling algorithm. 259 260 To compile this driver as a module, choose M here: the module 261 will be called sch_codel. 262 263 If unsure, say N. 264 265config NET_SCH_FQ_CODEL 266 tristate "Fair Queue Controlled Delay AQM (FQ_CODEL)" 267 help 268 Say Y here if you want to use the FQ Controlled Delay (FQ_CODEL) 269 packet scheduling algorithm. 270 271 To compile this driver as a module, choose M here: the module 272 will be called sch_fq_codel. 273 274 If unsure, say N. 275 276config NET_SCH_FQ 277 tristate "Fair Queue" 278 help 279 Say Y here if you want to use the FQ packet scheduling algorithm. 280 281 FQ does flow separation, and is able to respect pacing requirements 282 set by TCP stack into sk->sk_pacing_rate (for localy generated 283 traffic) 284 285 To compile this driver as a module, choose M here: the module 286 will be called sch_fq. 287 288 If unsure, say N. 289 290config NET_SCH_HHF 291 tristate "Heavy-Hitter Filter (HHF)" 292 help 293 Say Y here if you want to use the Heavy-Hitter Filter (HHF) 294 packet scheduling algorithm. 295 296 To compile this driver as a module, choose M here: the module 297 will be called sch_hhf. 298 299config NET_SCH_PIE 300 tristate "Proportional Integral controller Enhanced (PIE) scheduler" 301 help 302 Say Y here if you want to use the Proportional Integral controller 303 Enhanced scheduler packet scheduling algorithm. 304 For more information, please see 305 http://tools.ietf.org/html/draft-pan-tsvwg-pie-00 306 307 To compile this driver as a module, choose M here: the module 308 will be called sch_pie. 309 310 If unsure, say N. 311 312config NET_SCH_INGRESS 313 tristate "Ingress/classifier-action Qdisc" 314 depends on NET_CLS_ACT 315 select NET_INGRESS 316 select NET_EGRESS 317 ---help--- 318 Say Y here if you want to use classifiers for incoming and/or outgoing 319 packets. This qdisc doesn't do anything else besides running classifiers, 320 which can also have actions attached to them. In case of outgoing packets, 321 classifiers that this qdisc holds are executed in the transmit path 322 before real enqueuing to an egress qdisc happens. 323 324 If unsure, say Y. 325 326 To compile this code as a module, choose M here: the module will be 327 called sch_ingress with alias of sch_clsact. 328 329config NET_SCH_PLUG 330 tristate "Plug network traffic until release (PLUG)" 331 ---help--- 332 333 This queuing discipline allows userspace to plug/unplug a network 334 output queue, using the netlink interface. When it receives an 335 enqueue command it inserts a plug into the outbound queue that 336 causes following packets to enqueue until a dequeue command arrives 337 over netlink, causing the plug to be removed and resuming the normal 338 packet flow. 339 340 This module also provides a generic "network output buffering" 341 functionality (aka output commit), wherein upon arrival of a dequeue 342 command, only packets up to the first plug are released for delivery. 343 The Remus HA project uses this module to enable speculative execution 344 of virtual machines by allowing the generated network output to be rolled 345 back if needed. 346 347 For more information, please refer to <http://wiki.xenproject.org/wiki/Remus> 348 349 Say Y here if you are using this kernel for Xen dom0 and 350 want to protect Xen guests with Remus. 351 352 To compile this code as a module, choose M here: the 353 module will be called sch_plug. 354 355comment "Classification" 356 357config NET_CLS 358 bool 359 360config NET_CLS_BASIC 361 tristate "Elementary classification (BASIC)" 362 select NET_CLS 363 ---help--- 364 Say Y here if you want to be able to classify packets using 365 only extended matches and actions. 366 367 To compile this code as a module, choose M here: the 368 module will be called cls_basic. 369 370config NET_CLS_TCINDEX 371 tristate "Traffic-Control Index (TCINDEX)" 372 select NET_CLS 373 ---help--- 374 Say Y here if you want to be able to classify packets based on 375 traffic control indices. You will want this feature if you want 376 to implement Differentiated Services together with DSMARK. 377 378 To compile this code as a module, choose M here: the 379 module will be called cls_tcindex. 380 381config NET_CLS_ROUTE4 382 tristate "Routing decision (ROUTE)" 383 depends on INET 384 select IP_ROUTE_CLASSID 385 select NET_CLS 386 ---help--- 387 If you say Y here, you will be able to classify packets 388 according to the route table entry they matched. 389 390 To compile this code as a module, choose M here: the 391 module will be called cls_route. 392 393config NET_CLS_FW 394 tristate "Netfilter mark (FW)" 395 select NET_CLS 396 ---help--- 397 If you say Y here, you will be able to classify packets 398 according to netfilter/firewall marks. 399 400 To compile this code as a module, choose M here: the 401 module will be called cls_fw. 402 403config NET_CLS_U32 404 tristate "Universal 32bit comparisons w/ hashing (U32)" 405 select NET_CLS 406 ---help--- 407 Say Y here to be able to classify packets using a universal 408 32bit pieces based comparison scheme. 409 410 To compile this code as a module, choose M here: the 411 module will be called cls_u32. 412 413config CLS_U32_PERF 414 bool "Performance counters support" 415 depends on NET_CLS_U32 416 ---help--- 417 Say Y here to make u32 gather additional statistics useful for 418 fine tuning u32 classifiers. 419 420config CLS_U32_MARK 421 bool "Netfilter marks support" 422 depends on NET_CLS_U32 423 ---help--- 424 Say Y here to be able to use netfilter marks as u32 key. 425 426config NET_CLS_RSVP 427 tristate "IPv4 Resource Reservation Protocol (RSVP)" 428 select NET_CLS 429 ---help--- 430 The Resource Reservation Protocol (RSVP) permits end systems to 431 request a minimum and maximum data flow rate for a connection; this 432 is important for real time data such as streaming sound or video. 433 434 Say Y here if you want to be able to classify outgoing packets based 435 on their RSVP requests. 436 437 To compile this code as a module, choose M here: the 438 module will be called cls_rsvp. 439 440config NET_CLS_RSVP6 441 tristate "IPv6 Resource Reservation Protocol (RSVP6)" 442 select NET_CLS 443 ---help--- 444 The Resource Reservation Protocol (RSVP) permits end systems to 445 request a minimum and maximum data flow rate for a connection; this 446 is important for real time data such as streaming sound or video. 447 448 Say Y here if you want to be able to classify outgoing packets based 449 on their RSVP requests and you are using the IPv6 protocol. 450 451 To compile this code as a module, choose M here: the 452 module will be called cls_rsvp6. 453 454config NET_CLS_FLOW 455 tristate "Flow classifier" 456 select NET_CLS 457 ---help--- 458 If you say Y here, you will be able to classify packets based on 459 a configurable combination of packet keys. This is mostly useful 460 in combination with SFQ. 461 462 To compile this code as a module, choose M here: the 463 module will be called cls_flow. 464 465config NET_CLS_CGROUP 466 tristate "Control Group Classifier" 467 select NET_CLS 468 select CGROUP_NET_CLASSID 469 depends on CGROUPS 470 ---help--- 471 Say Y here if you want to classify packets based on the control 472 cgroup of their process. 473 474 To compile this code as a module, choose M here: the 475 module will be called cls_cgroup. 476 477config NET_CLS_BPF 478 tristate "BPF-based classifier" 479 select NET_CLS 480 ---help--- 481 If you say Y here, you will be able to classify packets based on 482 programmable BPF (JIT'ed) filters as an alternative to ematches. 483 484 To compile this code as a module, choose M here: the module will 485 be called cls_bpf. 486 487config NET_CLS_FLOWER 488 tristate "Flower classifier" 489 select NET_CLS 490 ---help--- 491 If you say Y here, you will be able to classify packets based on 492 a configurable combination of packet keys and masks. 493 494 To compile this code as a module, choose M here: the module will 495 be called cls_flower. 496 497config NET_EMATCH 498 bool "Extended Matches" 499 select NET_CLS 500 ---help--- 501 Say Y here if you want to use extended matches on top of classifiers 502 and select the extended matches below. 503 504 Extended matches are small classification helpers not worth writing 505 a separate classifier for. 506 507 A recent version of the iproute2 package is required to use 508 extended matches. 509 510config NET_EMATCH_STACK 511 int "Stack size" 512 depends on NET_EMATCH 513 default "32" 514 ---help--- 515 Size of the local stack variable used while evaluating the tree of 516 ematches. Limits the depth of the tree, i.e. the number of 517 encapsulated precedences. Every level requires 4 bytes of additional 518 stack space. 519 520config NET_EMATCH_CMP 521 tristate "Simple packet data comparison" 522 depends on NET_EMATCH 523 ---help--- 524 Say Y here if you want to be able to classify packets based on 525 simple packet data comparisons for 8, 16, and 32bit values. 526 527 To compile this code as a module, choose M here: the 528 module will be called em_cmp. 529 530config NET_EMATCH_NBYTE 531 tristate "Multi byte comparison" 532 depends on NET_EMATCH 533 ---help--- 534 Say Y here if you want to be able to classify packets based on 535 multiple byte comparisons mainly useful for IPv6 address comparisons. 536 537 To compile this code as a module, choose M here: the 538 module will be called em_nbyte. 539 540config NET_EMATCH_U32 541 tristate "U32 key" 542 depends on NET_EMATCH 543 ---help--- 544 Say Y here if you want to be able to classify packets using 545 the famous u32 key in combination with logic relations. 546 547 To compile this code as a module, choose M here: the 548 module will be called em_u32. 549 550config NET_EMATCH_META 551 tristate "Metadata" 552 depends on NET_EMATCH 553 ---help--- 554 Say Y here if you want to be able to classify packets based on 555 metadata such as load average, netfilter attributes, socket 556 attributes and routing decisions. 557 558 To compile this code as a module, choose M here: the 559 module will be called em_meta. 560 561config NET_EMATCH_TEXT 562 tristate "Textsearch" 563 depends on NET_EMATCH 564 select TEXTSEARCH 565 select TEXTSEARCH_KMP 566 select TEXTSEARCH_BM 567 select TEXTSEARCH_FSM 568 ---help--- 569 Say Y here if you want to be able to classify packets based on 570 textsearch comparisons. 571 572 To compile this code as a module, choose M here: the 573 module will be called em_text. 574 575config NET_EMATCH_CANID 576 tristate "CAN Identifier" 577 depends on NET_EMATCH && (CAN=y || CAN=m) 578 ---help--- 579 Say Y here if you want to be able to classify CAN frames based 580 on CAN Identifier. 581 582 To compile this code as a module, choose M here: the 583 module will be called em_canid. 584 585config NET_EMATCH_IPSET 586 tristate "IPset" 587 depends on NET_EMATCH && IP_SET 588 ---help--- 589 Say Y here if you want to be able to classify packets based on 590 ipset membership. 591 592 To compile this code as a module, choose M here: the 593 module will be called em_ipset. 594 595config NET_CLS_ACT 596 bool "Actions" 597 ---help--- 598 Say Y here if you want to use traffic control actions. Actions 599 get attached to classifiers and are invoked after a successful 600 classification. They are used to overwrite the classification 601 result, instantly drop or redirect packets, etc. 602 603 A recent version of the iproute2 package is required to use 604 extended matches. 605 606config NET_ACT_POLICE 607 tristate "Traffic Policing" 608 depends on NET_CLS_ACT 609 ---help--- 610 Say Y here if you want to do traffic policing, i.e. strict 611 bandwidth limiting. This action replaces the existing policing 612 module. 613 614 To compile this code as a module, choose M here: the 615 module will be called act_police. 616 617config NET_ACT_GACT 618 tristate "Generic actions" 619 depends on NET_CLS_ACT 620 ---help--- 621 Say Y here to take generic actions such as dropping and 622 accepting packets. 623 624 To compile this code as a module, choose M here: the 625 module will be called act_gact. 626 627config GACT_PROB 628 bool "Probability support" 629 depends on NET_ACT_GACT 630 ---help--- 631 Say Y here to use the generic action randomly or deterministically. 632 633config NET_ACT_MIRRED 634 tristate "Redirecting and Mirroring" 635 depends on NET_CLS_ACT 636 ---help--- 637 Say Y here to allow packets to be mirrored or redirected to 638 other devices. 639 640 To compile this code as a module, choose M here: the 641 module will be called act_mirred. 642 643config NET_ACT_IPT 644 tristate "IPtables targets" 645 depends on NET_CLS_ACT && NETFILTER && IP_NF_IPTABLES 646 ---help--- 647 Say Y here to be able to invoke iptables targets after successful 648 classification. 649 650 To compile this code as a module, choose M here: the 651 module will be called act_ipt. 652 653config NET_ACT_NAT 654 tristate "Stateless NAT" 655 depends on NET_CLS_ACT 656 ---help--- 657 Say Y here to do stateless NAT on IPv4 packets. You should use 658 netfilter for NAT unless you know what you are doing. 659 660 To compile this code as a module, choose M here: the 661 module will be called act_nat. 662 663config NET_ACT_PEDIT 664 tristate "Packet Editing" 665 depends on NET_CLS_ACT 666 ---help--- 667 Say Y here if you want to mangle the content of packets. 668 669 To compile this code as a module, choose M here: the 670 module will be called act_pedit. 671 672config NET_ACT_SIMP 673 tristate "Simple Example (Debug)" 674 depends on NET_CLS_ACT 675 ---help--- 676 Say Y here to add a simple action for demonstration purposes. 677 It is meant as an example and for debugging purposes. It will 678 print a configured policy string followed by the packet count 679 to the console for every packet that passes by. 680 681 If unsure, say N. 682 683 To compile this code as a module, choose M here: the 684 module will be called act_simple. 685 686config NET_ACT_SKBEDIT 687 tristate "SKB Editing" 688 depends on NET_CLS_ACT 689 ---help--- 690 Say Y here to change skb priority or queue_mapping settings. 691 692 If unsure, say N. 693 694 To compile this code as a module, choose M here: the 695 module will be called act_skbedit. 696 697config NET_ACT_CSUM 698 tristate "Checksum Updating" 699 depends on NET_CLS_ACT && INET 700 ---help--- 701 Say Y here to update some common checksum after some direct 702 packet alterations. 703 704 To compile this code as a module, choose M here: the 705 module will be called act_csum. 706 707config NET_ACT_VLAN 708 tristate "Vlan manipulation" 709 depends on NET_CLS_ACT 710 ---help--- 711 Say Y here to push or pop vlan headers. 712 713 If unsure, say N. 714 715 To compile this code as a module, choose M here: the 716 module will be called act_vlan. 717 718config NET_ACT_BPF 719 tristate "BPF based action" 720 depends on NET_CLS_ACT 721 ---help--- 722 Say Y here to execute BPF code on packets. The BPF code will decide 723 if the packet should be dropped or not. 724 725 If unsure, say N. 726 727 To compile this code as a module, choose M here: the 728 module will be called act_bpf. 729 730config NET_ACT_CONNMARK 731 tristate "Netfilter Connection Mark Retriever" 732 depends on NET_CLS_ACT && NETFILTER && IP_NF_IPTABLES 733 depends on NF_CONNTRACK && NF_CONNTRACK_MARK 734 ---help--- 735 Say Y here to allow retrieving of conn mark 736 737 If unsure, say N. 738 739 To compile this code as a module, choose M here: the 740 module will be called act_connmark. 741 742config NET_CLS_IND 743 bool "Incoming device classification" 744 depends on NET_CLS_U32 || NET_CLS_FW 745 ---help--- 746 Say Y here to extend the u32 and fw classifier to support 747 classification based on the incoming device. This option is 748 likely to disappear in favour of the metadata ematch. 749 750endif # NET_SCHED 751 752config NET_SCH_FIFO 753 bool 754