Traffic Ccontrol (flow control)

Linux has a mature bandwidth supply system called traffic Control (flow controller). The system supports various ways of classifying, sorting, sharing, and restricting access to traffic.

First, the basic knowledge

Let the IP show our link

IP Link List

[Email protected]:/# IP Link List
1:lo: <LOOPBACK,UP,LOWER_UP> MTU 65536 qdisc noqueue State UNKNOWN mode default group default
Link/loopback 00:00:00:00:00:00 BRD 00:00:00:00:00:00
2:eth0: <BROADCAST,MULTICAST,UP,LOWER_UP> MTU qdisc Fq_codel Master br-net State up mode default group default Qlen 1000
Link/ether 78:c2:c0:e3:00:4d BRD FF:FF:FF:FF:FF:FF
3:eth1: <BROADCAST,MULTICAST> MTU qdisc noop State down mode default group default Qlen 1000
Link/ether 78:c2:c0:e3:00:4e BRD FF:FF:FF:FF:FF:FF
5:br-net: <BROADCAST,MULTICAST,UP,LOWER_UP> MTU qdisc noqueue State up mode default group default
Link/ether 78:c2:c0:e3:00:4d BRD FF:FF:FF:FF:FF:FF
7:wlan0: <BROADCAST,MULTICAST,UP,LOWER_UP> MTU Qdisc MQ Master br-net State up mode default group default Qlen 1000
Link/ether 78:c2:c0:e3:00:4d BRD FF:FF:FF:FF:FF:FF

Iproute cut off the direct link between the two concepts of "link" and "IP address."

Use IP to display our IP address

IP address Show

[Email protected]:/# IP address Show
1:lo: <LOOPBACK,UP,LOWER_UP> MTU 65536 qdisc noqueue State UNKNOWN Group Default
Link/loopback 00:00:00:00:00:00 BRD 00:00:00:00:00:00
inet 127.0.0.1/8 Scope host Lo/8 means that the IP address represents the number of bits of the network address, because it is a total of 32 bits, so our network has 24bit of host space.
Valid_lft Forever Preferred_lft Forever
2:eth0: <BROADCAST,MULTICAST,UP,LOWER_UP> MTU qdisc Fq_codel Master br-net State up group default Qlen 1000
Link/ether 78:c2:c0:e3:00:4d BRD FF:FF:FF:FF:FF:FF
3:eth1: <BROADCAST,MULTICAST> MTU Qdisc noop State down group default Qlen 1000
Link/ether 78:c2:c0:e3:00:4e BRD FF:FF:FF:FF:FF:FF
5:br-net: <BROADCAST,MULTICAST,UP,LOWER_UP> MTU Qdisc noqueue State up Group default
Link/ether 78:c2:c0:e3:00:4d BRD FF:FF:FF:FF:FF:FF
inet 192.168.2.125/24 BRD 192.168.2.255 Scope Global Br-net
Valid_lft Forever Preferred_lft Forever
inet 192.168.1.16/24 BRD 192.168.1.255 Scope Global br-net:0
Valid_lft Forever Preferred_lft Forever
7:wlan0: <BROADCAST,MULTICAST,UP,LOWER_UP> MTU Qdisc MQ Master br-net State up group default Qlen 1000
Link/ether 78:c2:c0:e3:00:4d BRD FF:FF:FF:FF:FF:FF

Let IP show routing

IP Route Show

[Email protected]:/# IP Route Show
192.168.1.0/24 Dev br-net proto kernel scope link src 192.168.1.16
192.168.2.0/24 Dev br-net proto kernel scope link src 192.168.2.125

Let IP display arp table

IP neigh Show

[Email protected]:/# IP neigh Show
192.168.2.234 Dev br-net lladdr 54:ee:75:4a:37:b5 REACHABLE

Second, the Routing policy database

The routing policy is supported when the kernel has both "ip:advanced router" and "Ip:policy routing".

Default rule:

IP Rule List

[Email protected]:/# IP Rule list
0:from All lookup Local
32766:from All lookup Main
32767:from All Lookup Default

Iii. GRE and other tunnels

There are three types of tunnels in Linux, which are IP-IN-IP tunnels, GRE tunnels, and non-core tunnels (such as PPTP).

Iv. queue rules for bandwidth management

Using the queue, we determine how the data is sent.

The most widely used provision is the pfifo_fast queue rule, because it is the default configuration.

Pfifi_fast: FIFO, which means no packets are treated in a special way. This queue has 3 so-called "channels". FIFO is applied to every channel. Also, if there are packets waiting to be sent on Channel 0, the 1 channel packet will not be processed, and the relationship between Channel 1 and Channel 2 will be the same.

The kernel follows the TOS tag of the packet and puts the packet with the "minimum delay" tag into channel 0. Using the TC command to add additional queue rules to it is not supported.

Token bucket filter (TBF): Only packets that arrive at a predetermined rate are allowed to pass, but may allow transient bursts to exceed the set value.

The implementation of TBF is a buffer (bucket), the constant chant of some of the virtual data called "tokens" is filled at a specific rate. The most important parameter of a bucket is its size, and in time it can store the number of tokens.

Each incoming token collects a packet from the data queue and is then removed from the bucket. This algorithm is related to two streams-the token stream and the data stream.

If there is a token in the bucket and no token is allowed, it is equivalent to an unrestricted rate (default).

Random Fair Queue (SFQ)

SFQ: is a simple implementation of the Fair queue algorithm family. The key word for SFQ is "session" (or "stream"), primarily for a TCP session or UDP stream. Traffic is divided into a number of FIFO queues, each of which corresponds to a single session. The data is installed in a simple round-robin manner, and each session is given a sequential opportunity to be sent.

Classification of queue rules CBQ (class base queueing)

If there are multiple streams of data that need to be treated differently, the classification of queue rules is very useful.

Each NIC has an egress "root queue rule", which by default is the Pfifo_fast queue rule mentioned earlier. In addition to the egress queue rules, there is an entry on each NIC to policies incoming traffic.

Most of the text is from the Linux advanced Routing and Traffic control howto

Traffic Ccontrol (flow control)