Bridge traffic limiting

Discussion in 'Linux Networking' started by Andy Ruddock, Sep 5, 2007.

  1. Andy Ruddock

    Andy Ruddock Guest

    I've setup a Debian box with three network cards which I intend to use
    as a transparent bridge in order to limit traffic on a network
    connection.
    eth0 & eth1 are setup as a bridge br0 to which no IP is allocated.
    eth2 is used to ssh into the box.

    The bridge works. But I can't get traffic limiting to work.

    Using the shapecfg package from debian, I have the files /etc/shaper/
    cbq-10.shaper and /etc/cbq-11.shaper which are

    DEVICE=eth0,100Mbit,1Mbit
    RATE=1Mbit
    WEIGHT=100Kbit

    (cbq-11.shaper differs only in having eth1 instead of eth0)

    This has no effect on the traffic through the bridge, using iptraf I
    get 2700 kbits/sec on a connection to a remote system.
     
    Andy Ruddock, Sep 5, 2007
    #1
    1. Advertisements

  2. Use a simple token bucket filter, e.g.

    tc qdisc add dev eth0 root handle 1:1 tbf rate 512kbit buffer 3000 limit
    6000
     
    Markus Rehbach, Sep 5, 2007
    #2
    1. Advertisements

  3. Andy Ruddock

    Andy Ruddock Guest

    The script generates the following, the token bucket filter appears to
    be setup :

    /sbin/tc qdisc del dev eth0 root
    /sbin/tc qdisc add dev eth0 root handle 1 cbq bandwidth 100Mbit avpkt
    1000 cell 8
    /sbin/tc class change dev eth0 root cbq weight 1Mbit allot 1514
    /sbin/tc qdisc del dev eth1 root
    /sbin/tc qdisc add dev eth1 root handle 1 cbq bandwidth 100Mbit avpkt
    1000 cell 8
    /sbin/tc class change dev eth1 root cbq weight 1Mbit allot 1514
    /sbin/tc class add dev eth0 parent 1: classid 1:10 cbq bandwidth
    100Mbit rate 1Mbit weight 100Kbit prio 5 allot 1514 cell 8 maxburst
    20 avpkt 1000 bounded
    /sbin/tc qdisc add dev eth0 parent 1:10 handle 10 tbf rate 1Mbit
    buffer 10Kb/8 limit 15Kb mtu 1500
    /sbin/tc class add dev eth1 parent 1: classid 1:11 cbq bandwidth
    100Mbit rate 1Mbit weight 100Kbit prio 5 allot 1514 cell 8 maxburst
    20 avpkt 1000 bounded
    /sbin/tc qdisc add dev eth1 parent 1:11 handle 11 tbf rate 1Mbit
    buffer 10Kb/8 limit 15Kb mtu 1500

    But tc -s qdisc shows :

    qdisc pfifo_fast 0: dev eth2 bands 3 priomap 1 2 2 2 1 2 0 0 1 1 1 1
    1 1 1 1
    Sent 45105321 bytes 182161 pkt (dropped 0, overlimits 0 requeues 0)
    rate 0bit 0pps backlog 0b 0p requeues 0
    qdisc cbq 1: dev eth0 rate 100000Kbit (bounded,isolated) prio no-
    transmit
    Sent 1086478 bytes 20075 pkt (dropped 0, overlimits 0 requeues 0)
    rate 0bit 0pps backlog 0b 0p requeues 0
    borrowed 0 overactions 0 avgidle 81 undertime 0
    qdisc tbf 10: dev eth0 parent 1:10 rate 1000Kbit burst 10Kb lat 40.0ms
    Sent 0 bytes 0 pkt (dropped 0, overlimits 0 requeues 0)
    rate 0bit 0pps backlog 0b 0p requeues 0
    qdisc cbq 1: dev eth1 rate 100000Kbit (bounded,isolated) prio no-
    transmit
    Sent 59529854 bytes 39970 pkt (dropped 0, overlimits 0 requeues 0)
    rate 0bit 0pps backlog 0b 0p requeues 0
    borrowed 0 overactions 0 avgidle 79 undertime 0
    qdisc tbf 11: dev eth1 parent 1:11 rate 1000Kbit burst 10Kb lat 40.0ms
    Sent 0 bytes 0 pkt (dropped 0, overlimits 0 requeues 0)
    rate 0bit 0pps backlog 0b 0p requeues 0

    There are two qdiscs on each interface, the cbq running at full
    interface speed and the tbf which shows the rate at 1Mbit but with
    nothing sent through it?
     
    Andy Ruddock, Sep 10, 2007
    #3
  4. Andy Ruddock wrote:

    ...... (snipped a lot complicated cbq stuff) ......
    Think there is no need to use cbq, please try these tc commands only
    and check the results, please:

    /sbin/tc qdisc add dev eth0 root handle 1 tbf rate 1Mbit buffer 10Kb/8 limit
    15Kb mtu 1500
    /sbin/tc qdisc add dev eth1 root handle 1 tbf rate 1Mbit buffer 10Kb/8 limit
    15Kb mtu 1500
     
    Markus Rehbach, Sep 10, 2007
    #4
  5. Andy Ruddock

    Andy Ruddock Guest

    Magic, thank you VERY much. I rebooted for a clean start and tried
    just the above, worked first time.
    "tc qdisc del dev eth0 root" wasn't removing the cbq qdisc which I'd
    been trying.
    Once again, thank you.
     
    Andy Ruddock, Sep 11, 2007
    #5
  6. For more complicated traffic prioritisation requirements you could try

    http://htb-tools.arny.ro
    http://www.mastershaper.org

    or fiddle with the pure `tc qdisc` commands only.

    Good luck.
     
    Markus Rehbach, Sep 11, 2007
    #6
    1. Advertisements

Ask a Question

Want to reply to this thread or ask your own question?

You'll need to choose a username for the site, which only take a couple of moments (here). After that, you can post your question and our members will help you out.