Traffic Control (tc) on a single machine
The tc command configures the Linux packet filter to match packets and
optionally delay, lose, prioritise or reorder them. This is great but tc
only works on egress traffic (not quite true but we will pretend that it is
for now). To simulate network conditions on a single machine that machine must
transmit the packets that traffic control is to manipulate. This can be
achieved through the use of an Intermediate Function Block (ifb).
Create the Interfaces
ip link add ifb0 type ifb
ip link set ifb0 up
Redirect All eth0 Traffic to ifb0
tc qdisc add dev eth0 handle ffff: ingress
tc filter add dev eth0 parent ffff: protocol ip matchall action mirred egress redirect dev ifb0
At this point the traffic from eth0 is being redirected to ifb0 and
connectivity is lost...
References
- tc-bpf interesting man page on the packet filter.
- tc ingress port filtering local copy
- SO: tc ingress policing and ifb mirroring