Teach everyone to know the TC server flow control function

TC is mainly used for enterprises, of course, their own home is also available, but I feel that it is not necessary, the enterprise network usually exceeds the traffic, or the traffic is not controlled, so it can Use TC to control the server traffic. Here's how to do it.

TC Introduction

In linux, TC has two control methods CBQ and HTB.HTB are designed to replace CBQ. It is a hierarchical filtering framework.

The TC consists of three basic building blocks: Queue specifying qdisc (queueing discipline), class (class) and classifiers (Classifiers)

queue (queueing discipline): used to implement the control network Transceiver speed. Through the queue, linux can cache the network data packets, and then smooth the network traffic according to the user's settings, while not interrupting the connection (such as TCP). It should be noted that linux does not control the receive queue well enough, so we generally only use the send queue, that is, "control and control does not control". It encapsulates two other major TC components (classes and classifiers). If the kernel needs to send a packet through a network interface, it needs to queue the packet according to the qdisc (queuing rule) configured for this interface. The kernel then takes as many data packets as possible from qdisc and hands them over to the network adapter driver module.

The simplest QDisc is pfifo. It does not do any processing on incoming packets. The packets are queued in a first-in, first-out manner. However, it saves packets that the network interface cannot handle at the moment.

Queue rules include FIFO (first in, first out), RED (random early detection), SFQ (random fair queue) and token bucket (Token Bucket), class-based queue (CBQ), CBQ is a super Queue, ie it can contain other queues (even other CBQs).

class is used to represent the control strategy. Obviously, in many cases, we are likely to implement different traffic control strategies for different IPs. At this time, we have to use different classes to represent different control strategies.

filter is used to classify users into specific control strategies (ie different classes). For example, now we want to implement different control strategies (A, B) for the two IPs xxa and xxb. At this time, we can use cfg to assign xxa to control strategy A, and xxb to control strategy B, filter division. The flag can be implemented using the u32 marking function or the IP-tables set-mark (mostly using iptables for marking).

Currently, the filters that TC can use are: fwmark classifier, u32 classifier, route-based classifier and RSVP classifier (for IPV6, IPV4, etc.); among them, fwmark classifier allows us The Linux netfilter code is used to select traffic, and the u32 classifier allows us to choose traffic based on the ANY header. Note that the filters are inside QDisc and they cannot be the subject.

Packets->iptables (in iptables, iptables sets different marks according to different ips)->TC(class)->TC(queue)

Assume that the eth0 bit is the external network interface of the server.

1) in the first of eth0 qdiscA, qdiscA by the machine to control the speed of the external network, so the server is used to control the outflow speed

#tc qdisc add dev eth1 root handle 1: Htb default 1

Add the top-level handle of the set interface (for marking) The default class using 1 class

is explained as follows: whether it is a queue, or class and filter have IDs and the like Characters, generally have parent (parent, upper layer), note that ID has interface locality, different network interfaces can have the same ID. For this reason because qdisc is at the top, so parent is not, use ‘root’ ID with 1: to mark

‘default 91′ means that when an ip stream does not satisfy any of the set filter rules, it will automatically be classified into class 1. Please refer to the manual for a more detailed description of the instruction rules.

2) then established at two class qdisc, eth0 specified by the machine to control the speed of the external network

#tc class add dev eth0 parent 1: 0 classid1: 30 htb rate 2mbit ceil 4mbit prio 2

Note: The above is the speed of our control output server, 2M, up to 4M

rate: is the guaranteed bandwidth value of a class. If there is more than one class, make sure that the sum of all subclasses is less than or equal to the parent class.

prio: Used to indicate the competitiveness when borrowing bandwidth. The smaller the prio, the higher the priority and the stronger the competitiveness.