Traffic Control (tc) in Linux
In this page, basic usage of the Linux networking tool tc is explored. The
primary reason for this article is to create a network configuration that will
re-order packets.
This configuration is fine but perhaps overcomplicated, to perform similar operations but all on the same machine one may be more interested in looking into using an Intermediate Functional Block (ifb). More detail can be found here.
Physical Network Configuration
This setup requires three devices:
- Device from/to which to control traffic
- Device to control the traffic (with at least two network interfaces)
- Device that will communicate with the first device via the control device
Client Router
+---------------+ +---------------+
| 192.168.1.169 | | 192.168.1.226 | Server
| eth0 +------+ eth0 | +---------------+
| | | | | 192.168.1.72 |
+---------------+ | eth1 +------+ eth0 |
| 192.168.1.80 | | |
+---------------+ +---------------+
Operating System
It is recommended that you make use of a simple Linux distribution, at least for the Router as in modern Linux desktop distributions there are many complicating factors, for example NetworkManager, SELinux, systemd, firewalld to name a few. These daemons will interfere with the network configuration and so confusing things may happen if they are running.
I recommend using Alpine Linux (Extended).
Install required tools:
apk add iproute2 iptables tcpdump
Routing Configuration
The network layout above is troublesome since if the netmask were /24 all
hosts would be directly accessible. In routing however the match that is the
closest will be taken, a routing table containing these entries:
1 192.168.1.0/24 dev eth0
2 192.168.1.72/32 dev eth1
3 192.168.1.128/25 via 192.168.1.251
4 default via 192.168.1.1
A packet destined for 192.168.1.72 will match after being anded with the mask
for route 1 (192.168.1.72 & 255.255.255.0 == 192.168.1.0) but will be a
better match for route 2 (192.168.1.72 & 255.255.255.255 == 192.168.1.72),
the best match will be chosen and the packet will be sent on eth1.
Traffic Control Configuration
tc qdisc show dev eth0
# 16 1s :-) (this is the 4 bit ToS field in the IPv4 packet)
tc qdisc add dev eth0 root handle 1: prio priomap 1 1 1 1 1 1 1 1 1 1 1 1 1 1 1 1
tc qdisc add dev eth0 root handle 1: prio priomap 1 2 1 1 2 2 2 2 0 0 0 0 1 1 1 1
# now delay all TRANSMITTED packets by 100ms
tc qdisc add dev eth0 parent 1:2 handle 20: netem delay 100ms
# 0 -> to 1:1
# 1 -> to 1:2
# 2 -> to 1:3
# for the others 50ms and 10ms
tc qdisc add dev eth0 parent 1:1 handle 10: netem delay 50ms
tc qdisc add dev eth0 parent 1:3 handle 30: netem delay 10ms
TODO: more detail in this section
Bridge Mode
tc will also work when interfaces are part of a bridge... can you believe?
TODO: Write about bridge mode.
References
Network Configuration using a Single Host
TODO