How to Use the Linux Traffic Control

louy2 2019-03-21

展开全文

Linux Traffic Control

Traffic control (tc) is a very useful Linux utility that gives you the ability to configure the kernel packet scheduler. If you are looking for reasons to mess with the kernel scheduler, here are a few: Firstly, it’s fun to play with the different options and become familiar of all of Linux’s features. In addition, you can utilize Linux’s helpful tools to simulate packet delay and loss for UDP or TCP applications, or limit the bandwidth usage of a particular service to simulate Internet connections (DSL, Cable, T1, etc).

On Debian Linux, tc comes bundled with iproute, so in order to install it you have to run:

NetBeez Technology & Benefits Overview

Read the Overview

1	apt-get install iproute

Network Delay

The first example is how to add constant delay to an interface. The syntax is as follows (run this as root):

1	tc qdisc add dev eth0 root netem delay 200ms

Here is what each option means:

qdisc: modify the scheduler (aka queuing discipline)
add: add a new rule
dev eth0: rules will be applied on device eth0
root: modify the outbound traffic scheduler (aka known as the egress qdisc)
netem: use the network emulator to emulate a WAN property
delay: the network property that is modified
200ms: introduce delay of 200 ms

Note: this adds a delay of 200 ms to the egress scheduler, exclusively. If it were to add the delay to both the ingress and egress schedulers, the total delay would have totaled 400 ms. In general, all of these traffic control rules are applied to the egress scheduler only.

Here is how ping looks like before:

$ ping google.com

PING google.com (172.217.6.78) 56(84) bytes of data.

64 bytes from sfo07s17-in-f78.1e100.net (172.217.6.78):

icmp_seq=1 ttl=53 time=11.9 ms

64 bytes from sfo07s17-in-f78.1e100.net (172.217.6.78):

icmp_seq=2 ttl=53 time=12.0 ms

Here is what ping looks like after applying this rule:

$ ping google.com

PING google.com (172.217.5.110) 56(84) bytes of data.

64 bytes from sfo03s07-in-f14.1e100.net (172.217.5.110):

icmp_seq=1 ttl=53 time=213 ms

64 bytes from sfo03s07-in-f14.1e100.net (172.217.5.110):

icmp_seq=2 ttl=53 time=210 ms

In order to display the active rules use:

1 2	$ tc qdisc show dev eth0 qdisc netem 8003: root refcnt 2 limit 1000 delay 200.0ms

You can see that details of the existing rules that adds 200.0 ms of latency.

To delete all rules use the following command:

1	$ tc qdisc del dev eth0 root

And now we can see what are the default rules of the linux scheduler:

1 2	$ tc qdisc show dev eth0 qdisc pfifo_fast 0: root refcnt 2 bands 3 priomap 1 2 2 2 1 2 0 0 1 1 1 1 1 1 1 1

Without going into too much detail, we see that the scheduler works under First In First Out (FIFO) rules which is the most basic and fair rule if you don’t want to set any priorities on specific packets. You can think about it like the line at the bank: customers are being taken care off in the order they arrive.

Note that if you have an existing rule you can change it by using “ tc qdisc change…” and if you don’t have any rules you add rules with “ tc qdisc add...”

Here are some other examples:

-Delay of 100ms and random +-10ms uniform distribution:
tc qdisc change dev eth0 root netem delay 100ms 10ms
-Delay of 100ms and random 10ms uniform variation with correlation value 25% (since network delays are not completely random):
tc qdisc change dev eth0 root netem delay 100ms 10ms 25%
-Delay of 100ms and random +-10ms normal distribution (other distribution options are pareto, and paretonormal):
add dev eth0 root netem delay 100ms 20ms distribution normal