Welcome to Halil Demirezen's Tips and Tutorials Page

Celsus Library (TR)


LinuxNetworkComputer VisionDatabasesProgamming

TC: Creating HTB based packet filter on Linux 2019-09-21 18:27:24

If you are planning to create outgoing packet bandwidth limiting rules for specific ip match, you can use HTB type packet queueing discipline.

First we create the queueing discipline for interface eth0. We say that the default
class number for eth0 is 10

tc qdisc add dev eth0 root handle 1: htb default 10

Secondly, we create a number of classes with different bandwidth and burst values

tc class add dev eth0 parent 1: classid 1:10 htb rate 10Gbit
tc class add dev eth0 parent 1: classid 1:11 htb rate 4Gbit
tc class add dev eth0 parent 1: classid 1:12 htb rate 4Gbit burst 4Mb
tc class add dev eth0 parent 1: classid 1:13 htb rate 4Gbit burst 5Mb cburst 5Mb

Lastly, for a specific destination IP address, we redirect the traffic to a specific class.

tc filter add dev eth0 parent 1:0 protocol ip prio 1 u32 match ip dst flowid 1:13

The configuration above says that the outgoing traffic to IP address on interface eth0 will be forced to use 4Gbit max bandwidth with 5 Mbyte burst value as you can see in the class definition of 1:13

The relation between burst value and bandwidth is that bandwidth = burst_value * ticks * 8. Meaning that the burst buffer
of 5 Mbyte equals to 40 Mbit by multiplying it with 8. The ticks value is the default value of timer ticks, which is 100 in current Linux. Thus, multiplying 40 Mbit with 100 equals to 4 GBit bandwidth.