Boston Linux & UNIX was originally founded in 1994 as part of The Boston Computer Society. We meet on the third Wednesday of each month at the Massachusetts Institute of Technology, in Building E51.

BLU Discuss list archive


[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

setting DiffServ in network packets under Linux???



On Tue, Jan 12, 2010 at 2:58 PM, Kevin D. Clark
<kevin_d_clark-Wuw85uim5zDR7s880joybQ at public.gmane.org> wrote:
>
> Bill Bogstad writes:
>
>> On Wed, Jan 6, 2010 at 4:36 PM, Bill Bogstad ?wrote:
>> > Does anybody have any idea if there is a programmatic way to set the
>> > DiffServ (Differentiated Services Code Point (DSCP)) field on IP
>> > packets generated by programs running under Linux?
>>
>> Never mind. ? It appears that you can use setsockopt() with IPPROTO_IP
>> and IP_TOS options to do this.
>> At least that's what the documentation seems to say.
>
> At a previous company, I experimented around with doing this via
> setsockopt(...IP_TOS...) and via iptables. ?Either way works.
>
> Eventually, I determined (for myself) that doing this via iptables was
> better (for my situation) because setsockopt(...IP_TOS...) requires
> root privileges, and I wanted to minimize the number of places in
> which my server had to run as root.
>
> (in fact, soon after the time that I added this iptables stuff to our
> product I also I added code to my server that disallowed it from
> being run as root, unless the
> "--i-want-to-run-this-server-incorrectly-as-root" flag was set...I
> recommend this pattern...)

I just wanted to let everyone know that things have changed as far as
IP_TOS and Linux are concerned.  As of Feb. 2008,
root is no longer required.  David Miller decided that other Unix
systems don't have any privilege check so he removed it for Linux as
well.  The commit message is here:

http://kerneltrap.org/mailarchive/git-commits-head/2008/2/15/870764

It was backported to the 2.6.24.4 stable release as well:   See
http://lwn.net/Articles/274741/

Just some additional info, in case someone runs across this thread
while trying to understand IP_TOS and DiffServ with Linux.

Bill Bogstad







BLU is a member of BostonUserGroups
BLU is a member of BostonUserGroups
We also thank MIT for the use of their facilities.

Valid HTML 4.01! Valid CSS!



Boston Linux & Unix / webmaster@blu.org