hello, to close, it's working perfectly well in ipv4 and then when i correctly configure my kernel, perfectly well for ipv6. Regards, Nicolas 2017-03-08 12:26 GMT+01:00 Nicolas Prochazka : > Hello again, > So i verify my configuration, > - on a virtual tap , traffic shaping is ok with same configuration > - on physical card, traffic shaping is ok > - on wg0 , all traffic are going to default queue,filter seems to be not > applied , tcpdump on wg0 is ok with my queue definition, only difference > is wg0 is configured as ipv6 tunnel. > > > Regards, > NIcolas > > > > 2017-03-06 18:40 GMT+01:00 Nicolas Prochazka > : > >> Hello, >> is there an incompatibilty between wireguard and traffic shaping or i >> misconfig something ? >> >> After configuring Qos , I need to add filter to flow >> >> If i'm trying with simple tc command : >> tc filter add dev wg0 protocol ip parent 1: prio 10 u32 match ip dport 80 >> 0xffff flowid 1:10 >> >> or If i'm trying with tc + iptables, >> >> tc filter add dev wg0 protocol ip parent 1: prio 1 handle 6 fw flowid 1:10 >> and iptables mark rules, >> >> traffic seems to be not "apply" to queue . >> >> Regards, >> Nicolas Prochazka. >> >> ----- >> Example : after this configuration, traffic on wg0 on port 80,443,8080 >> are going to 1:30 ,not to 1:10 >> _trafficShappingMaxRate=15 >> >> tc qdisc del dev wg0 root >> >> tc qdisc add dev wg0 root handle 1: htb default 30 >> >> # Base >> tc class add dev wg0 parent 1: classid 1:1 htb rate >> ${_trafficShappingMaxRate}mbit burst 15k >> >> # http/https >> >> # Class 1:10, >> tc class add dev wg0 parent 1:1 classid 1:10 htb rate >> ${_trafficShappingMaxRate}mbit ceil ${_trafficShappingMaxRate} burst 15k >> >> # Class 1:20, >> tc class add dev wg0 parent 1:1 classid 1:20 htb rate >> ${_trafficShappingMaxRate}mbit ceil ${_trafficShappingMaxRate}mbit burst 15k >> >> # Class 1:30, which has a rate of 1kbit. This one is the default class. >> tc class add dev wg0 parent 1:1 classid 1:30 htb rate 10kbit ceil 1mbit >> burst 15k >> >> tc qdisc add dev wg0 parent 1:10 handle 10: fq_codel quantum 300 noecn >> tc qdisc add dev wg0 parent 1:20 handle 20: fq_codel quantum 300 noecn >> tc qdisc add dev wg0 parent 1:30 handle 30: fq_codel quantum 300 noecn >> >> # --- associate queue with traffic >> >> #tc filter add dev wg0 protocol ipv6 parent 1: prio 1 handle 6 fw flowid >> 1:10 >> # http/https >> tc filter add dev wg0 protocol ipv6 parent 1: prio 10 u32 match ip dport >> 80 0xffff flowid 1:10 >> tc filter add dev wg0 protocol ipv6 parent 1: prio 10 u32 match ip dport >> 443 0xffff flowid 1:10 >> tc filter add dev wg0 protocol ipv6 parent 1: prio 10 u32 match ip dport >> 8080 0xffff flowid 1:10 >> # ncfs >> tc filter add dev wg0 parent 1: protocol ipv6 prio 5 u32 match ip dport >> 16379 0xffff flowid 1:20 >> # icmp >> tc filter add dev wg0 parent 1: protocol ip prio 1 u32 match ip protocol >> 1 0xff flowid 1:30 >> >> tc -s qdisc ls dev wg0 >> >> >