Tc (Linux)

From Wikipedia, the free encyclopedia
Jump to: navigation, search

tc (traffic control) is a Linux command (part of the iproute2 package[1]) to configure and control the Linux kernel's Network scheduler to show and manipulate Network traffic control settings.[2]

Traffic shaping/scheduling serves several primary use cases:

  • General ongoing network contention between various hosts (e.g clients uploading/downloading from a server or a router directing traffic on the network).
  • The server's workload would be better served by changing how packets are enqueued and dequeued
  • Protecting high priority traffic from usage spikes in lower priority traffic (e.g. protecting production web server network performance from a full website publish being pushed to the server)

Historically, the command required possession of the CAP_NET_ADMIN capability (usually root has this) however as part of the move towards better support for Operating System Level Virtualization this was migrated over to NS_CAPABLE.[3] This allows users who only administer particular namespaces to be able to set queuing disciplines within their namespace.

Queuing Discipline[edit]

Analogous to I/O scheduling which shapes traffic sent to and from mass storage devices, queuing disciplines shape traffic going in (ingress) or going out (egress) a network interface.

Available queuing disciplines:

  • Classful
    • HTB Hierarchical Token Bucket
    • HFSC Hierarchical Fair Service Curve
    • PRIO Priority Scheduler
    • CBQ Class Based Queuing
    • pfifo_fast Packet-wise First-in-First-Out. Consists of a three band (aka "class") queue which honors Type of Service flags, as well as the priority that may be assigned to a packet (as set by [Differentiated_services|DSCP]]). Unlike other queuing disciplines pfifo_fast does not allow you to change queuing discipline used by its classes.
  • Classless
    • SFQ Stochastic Fair Queuing. Separates streams into classes based on a hashing algorithm that may result in two streams being assigned the hash ID. These hashes are periodically recalculated ("perturbed") so that any unintentional coupling is undone before it becomes apparent on the long term. For this reason it is called "stochastic" (meaning here essentially "random"). Nondeterministic hashing was chosen so that fewer queues would be needed and to speed computation time associated with queuing. [4]
    • TBF Token bucket filter. Implements a Token bucket queueing discipline. This queuing discipline does not schedule network traffic (i.e reorder the network packets) it only shapes bandwidth.
    • pfifo and bfifo Packet FIFO and Byte FIFO respectively. More or less identical, the only functional difference is whether the specific value for "limit" is measured in packets or in bytes
    • noqueue Sends the packet immediately, or drops it if it can't be sent. It can not be set by the administrator and will only be used as the default queuing discipline for virtual devices (like loopback or virtual bridges). Not relevant for physical devices.
    • CoDel and Fair Queueing CoDel
    • mq Multiqueue
    • netem Network Emulator. Simulates various aspects of a faulty network such as duplicating/dropping packets or delivering them out of order. Only useful for troubleshooting and performance measurements.

References[edit]

  1. ^ "list of the Debian package iproute2". Debian. 
  2. ^ tc(8) – Linux Administration and Privileged Commands Manual
  3. ^ "[PATCH] net: Allow tc changes in user namespaces". 
  4. ^ Shreedhar, M. (June 1996). IEEE/ACM Transactions on Networking (TON) (IEEE) 4 (3): 375–385. 

See Also[edit]