Re: [LARTC] Where is the documentation for IFB ?

From: Andy Furniss <andy.furniss@dsl.pipex.com>
To: lartc@vger.kernel.org
Subject: Re: [LARTC] Where is the documentation for IFB ?
Date: Mon, 10 Apr 2006 20:33:58 +0000	[thread overview]
Message-ID: <443AC136.5000706@dsl.pipex.com> (raw)
In-Reply-To: <443A6E92.1050409@obs.bg>

openswan wrote:
> Hi all,
> 
> Can you tell me where is the documentation for the new IFB (implemented
> in kernels > 2.6.16).
> Thanks in advance!

Below is a copy of Jamal's example posted on netdev.

You can use it on ingress and egress, on egress you need a classful 
qdisc on the interface(s) - prio should do if you are not shaping on the 
nic(s) you steal from.

Andy.

What this script will demonstrate is the following sequence:
1) any packet coming going out on eth0 10.0.0.229 is classified as
class 1:10 and redirected to ifb0.
2) a) on reaching ifb0 the packet is classified as class 1:2
    b) subjected to a token buffer shaping of rate 20kbit/s
    c) sent back to eth0
3) on coming back to eth0, the classificaction 1:10 is still valid
and this packet is put through an HTB classifier which limits the rate
to 256Kbps

export TC="/root/tc"

$TC qdisc del dev ifb0 root handle 1: prio
$TC qdisc add dev ifb0 root handle 1: prio
$TC qdisc add dev ifb0 parent 1:1 handle 10: sfq
$TC qdisc add dev ifb0 parent 1:2 handle 20: tbf \
rate 20kbit buffer 1600 limit 3000
$TC qdisc add dev ifb0 parent 1:3 handle 30: sfq 

$TC filter add dev ifb0 parent 1: protocol ip prio 1 u32 \
match ip dst 11.0.0.0/24 flowid 1:1
$TC filter add dev ifb0 parent 1: protocol ip prio 2 u32 \
match ip dst 10.0.0.0/24 flowid 1:2

ifconfig ifb0 up

$TC qdisc del dev eth0 root handle 1: htb default 2
$TC qdisc add dev eth0 root handle 1: htb default 2
$TC class add dev eth0 parent 1: classid 1:1 htb rate 800Kbit
$TC class add dev eth0 parent 1: classid 1:2 htb rate 800Kbit
$TC class add dev eth0 parent 1:1 classid 1:10 htb rate 256kbit ceil 384kbit
$TC class add dev eth0 parent 1:1 classid 1:20 htb rate 512kbit ceil 648kbit
$TC filter add dev eth0 parent 1: protocol ip prio 1 u32 \
match ip dst 10.0.0.229/32 flowid 1:10 \
action mirred egress redirect dev ifb0

A Little test (be careful if you are sshed in and are classifying on
that IP, counters may be not easy to follow)
-----

A ping ...

mambo:~# ping -c2 10.0.0.229

// first at ifb0

// observe that second filter twice being successful

mambo:~# $TC -s filter show dev ifb0 parent 1:
filter protocol ip pref 1 u32
filter protocol ip pref 1 u32 fh 800: ht divisor 1
filter protocol ip pref 1 u32 fh 800::800 order 2048 key ht 800 bkt 0 
flowid 1:1  (rule hit 2 success 0)
   match 0b000000/ffffff00 at 16 (success 0 )
filter protocol ip pref 2 u32
filter protocol ip pref 2 u32 fh 801: ht divisor 1
filter protocol ip pref 2 u32 fh 801::800 order 2048 key ht 801 bkt 0 
flowid 1:2  (rule hit 2 success 2)
   match 0a000000/ffffff00 at 16 (success 2 )

//next the qdisc numbers ..
//Observe that 1:2 has 2 packets

mambo:~# $TC -s qdisc show dev ifb0
qdisc prio 1: bands 3 priomap  1 2 2 2 1 2 0 0 1 1 1 1 1 1 1 1
  Sent 196 bytes 2 pkt (dropped 0, overlimits 0 requeues 0)
  rate 0bit 0pps backlog 0b 0p requeues 0
qdisc sfq 10: parent 1:1 limit 128p quantum 1514b
  Sent 0 bytes 0 pkt (dropped 0, overlimits 0 requeues 0)
  rate 0bit 0pps backlog 0b 0p requeues 0
qdisc tbf 20: parent 1:2 rate 20000bit burst 1599b lat 546.9ms
  Sent 196 bytes 2 pkt (dropped 0, overlimits 0 requeues 0)
  rate 0bit 0pps backlog 0b 0p requeues 0
qdisc sfq 30: parent 1:3 limit 128p quantum 1514b
  Sent 0 bytes 0 pkt (dropped 0, overlimits 0 requeues 0)
  rate 0bit 0pps backlog 0b 0p requeues 0

// Next look at eth0
// observe class 1:10 which is where the pings went through after
// they came back from the ifb0 device.

mambo:~# $TC -s class show dev eth0
class htb 1:1 root rate 800000bit ceil 800000bit burst 1699b cburst 1699b
  Sent 196 bytes 2 pkt (dropped 0, overlimits 0 requeues 0)
  rate 0bit 0pps backlog 0b 0p requeues 0
  lended: 0 borrowed: 0 giants: 0
  tokens: 16425 ctokens: 16425

class htb 1:10 parent 1:1 prio 0 rate 256000bit ceil 384000bit burst 
1631b cburst 1647b
  Sent 196 bytes 2 pkt (dropped 0, overlimits 0 requeues 0)
  rate 0bit 0pps backlog 0b 0p requeues 0
  lended: 2 borrowed: 0 giants: 0
  tokens: 49152 ctokens: 33110

class htb 1:2 root prio 0 rate 800000bit ceil 800000bit burst 1699b 
cburst 1699b
  Sent 47714 bytes 321 pkt (dropped 0, overlimits 0 requeues 0)
  rate 3920bit 3pps backlog 0b 0p requeues 0
  lended: 321 borrowed: 0 giants: 0
  tokens: 16262 ctokens: 16262

class htb 1:20 parent 1:1 prio 0 rate 512000bit ceil 648000bit burst 
1663b cburst 1680b
  Sent 0 bytes 0 pkt (dropped 0, overlimits 0 requeues 0)
  rate 0bit 0pps backlog 0b 0p requeues 0
  lended: 0 borrowed: 0 giants: 0
  tokens: 26624 ctokens: 21251

-----
mambo:~# $TC -s filter show dev eth0 parent 1:
filter protocol ip pref 1 u32
filter protocol ip pref 1 u32 fh 800: ht divisor 1
filter protocol ip pref 1 u32 fh 800::800 order 2048 key ht 800 bkt 0 
flowid 1:10  (rule hit 235 success 4)
   match 0a0000e5/ffffffff at 16 (success 4 )
         action order 1: mirred (Egress Redirect to device ifb0) stolen
         index 2 ref 1 bind 1 installed 114 sec used 100 sec
         Action statistics:
         Sent 196 bytes 2 pkt (dropped 0, overlimits 0 requeues 0)
         rate 0bit 0pps backlog 0b 0p requeues 0

_______________________________________________
LARTC mailing list
LARTC@mailman.ds9a.nl
http://mailman.ds9a.nl/cgi-bin/mailman/listinfo/lartc