Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

FS#3200 - Software flowoffload doesn't work with marked packets #8028

Open
openwrt-bot opened this issue Jun 23, 2020 · 0 comments
Open

FS#3200 - Software flowoffload doesn't work with marked packets #8028

openwrt-bot opened this issue Jun 23, 2020 · 0 comments
Labels
flyspray kernel pull request/issue with Linux kernel related changes release/19.07 pull request/issue targeted (also) for OpenWrt 19.07 release

Comments

@openwrt-bot
Copy link

sgolod:

Software offload doesn't work when custom routing table used:
How to examine:

create ipset

ipset create IPNET hash:net
ipset add IPNET 139.59.209.225/32

check ipset

ipset list IPNET
...
Number of entries: 1
Members:
139.59.209.225

mark packets with dst to IPNET

iptables -t mangle -A PREROUTING -i br-lan -m set --match-set IPNET dst -j MARK --set-mark 0x1111
iptables -t mangle -A OUTPUT -m set --match-set IPNET dst -j MARK --set-mark 0x1111

add custom routing table for marked packets

ip ru add fwmark 0x1111 lookup 8888 prio 10000

add route for custom table 8888

ip route add default via 192.168.30.1 table 8888

enable flow offload in /etc/config/firewall

config defaults
....
option flow_offloading '1'

/etc/init.d/firewall reload

check iptables:
Chain FORWARD (policy DROP 0 packets, 0 bytes)
pkts bytes target prot opt in out source destination
24 1947 forwarding_rule all -- any any anywhere anywhere /* !fw3: Custom forwarding rule chain /
22 1819 FLOWOFFLOAD all -- any any anywhere anywhere /
!fw3: Traffic offloading / ctstate RELATED,ESTABLISHED FLOWOFFLOAD
22 1819 ACCEPT all -- any any anywhere anywhere ctstate RELATED,ESTABLISHED /
!fw3 /
2 128 zone_lan_forward all -- br-lan any anywhere anywhere /
!fw3 /
0 0 zone_wan_forward all -- pppoe-wan any anywhere anywhere /
!fw3 /
0 0 zone_wan_forward all -- l2tpv3-hetzner any anywhere anywhere /
!fw3 /
0 0 zone_wan_forward all -- wg0 any anywhere anywhere /
!fw3 /
0 0 reject all -- any any anywhere anywhere /
!fw3 */

But packets with RELATED,ESTABLISHED don't use custom routing (it seems what flowoffload don't remember custom routing and try to send packets on table main). When I add manually custom route to main table - flow offload work again

@aparcar aparcar added release/19.07 pull request/issue targeted (also) for OpenWrt 19.07 release kernel pull request/issue with Linux kernel related changes labels Feb 22, 2022
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
flyspray kernel pull request/issue with Linux kernel related changes release/19.07 pull request/issue targeted (also) for OpenWrt 19.07 release
Projects
None yet
Development

No branches or pull requests

2 participants