10

I have a linux box (Centos 5.5) on which I want to limit the network traffic. I have an application that we distribute to clients and I want to test it on the minimum recommended bandwidth of 256Mbit/sec. So far the tc tutorials I have seen seem to allow you to limit bandwidth according to certain criteria, but I want to limit the bandwidth in all situations (to/from all IP address, no matter what the IP header looks like, etc).

One tutorial suggested I use:

tc filter add dev eth0 protocol ip parent 10: prio 2 flowid 10:2

but I get the following error:

Unknown filter "flowid", hence option 10:2 is unparsable

Any ideas on how to limit bandwidth coming into/out of eth0 in all circumstances?

rancidfishbreath
  • 311
  • 1
  • 7
  • 15

3 Answers3

12

If you want to apply limitation to all outbound traffic, you don't need filters at all. Just add your qdisc to the interface root handle like so:

tc qdisc add dev eth0 root handle 1: tbf rate 256mbit latency 1ms burst 1540

If you want to shape/police inbound traffic, it's a little more complicated. You'll need to use e.g. an IFB interface:

modprobe ifb
ip link set dev ifb0 up
tc qdisc add dev eth0 ingress
tc filter add dev eth0 parent ffff: protocol ip u32 match u32 0 0 action mirred egress redirect dev ifb0
#  ^- this is a dummy filter, match u32 0 0 matches all traffic
tc qdisc add dev ifb0 root handle 1: tbf rate 256mbit latency 1ms burst 1540

Here's a different approach, using two simple filters:

tc qdisc add dev eth0 ingress
tc filter add dev eth0 root         protocol ip u32 match u32 0 0 police rate 256mbit burst 10k drop flowid :1
tc filter add dev eth0 parent ffff: protocol ip u32 match u32 0 0 police rate 256mbit burst 10k drop flowid :1
al.
  • 915
  • 6
  • 17
  • I have been hacking at your solution but I can't get it to work. I am running your commands, opening Firefox, starting a download and downloading way too fast. When I do an ifconfig am I supposed to see some RX and TX packets under ifb0 (because I don't)? Thanks. – rancidfishbreath Nov 30 '10 at 18:17
  • I added a different approach that works without an ifb interface. – al. Nov 30 '10 at 23:42
  • The second approach using the two simple filters is working great! Thanks so much. I really like this solution because it is simple and easy to understand. – rancidfishbreath Dec 01 '10 at 17:11
  • Awesome thank you, newb question, how can I remove the limit after running: `tc qdisc add dev eth0 root handle 1: tbf rate 256mbit latency 1ms burst 1540`? Thanks! – SSH This Aug 12 '13 at 20:48
  • How to turn off the throttling and revert it back the way it was? Pls respond to the "different approach using two simple filters" version if you would be so kind. The "man tc" is... overwhelming as usual. – Geoffrey Anderson Nov 02 '18 at 17:56
  • @SSHThis to disable it, you need to run `tc qdisc del dev eth0 root` – Tristan Perry Feb 22 '19 at 10:04
1

This might be a bit out of your scope, but WAN-emu has been very good at emulating environments with strange requirements for throughput and latency[1]

[1]: http://speed.cis.nctu.edu.tw/wanemu/ WAN-emu

Marcin
  • 2,281
  • 1
  • 16
  • 14
  • High latency or lossy links can be simulated quite comfortably using the netem tc module, too: http://www.linuxfoundation.org/collaborate/workgroups/networking/netem – al. Dec 01 '10 at 20:41
0

You have add 1 ruler like this tc qdisc add dev eth0 root handle 10: htb default 20

affter that like your

tc filter add dev eth0 protocol ip parent 10: prio 2 flowid 10:2

ntrance
  • 392
  • 2
  • 2