linux tc + vlan接口
linux tc + vlan接口
提问于 2023-04-02 18:57:12
这是我的tc简单脚本。它根据源ip地址限制带宽,并使用基于/24子网的散列滤波器。此示例筛选器可以工作,但仅当此示例子网10.118.0.0/24添加到物理接口eth1时才有效。当我将这个子网切换到vlan接口时,例如eth1.100,流量限制停止正常工作。
因此,这个场景起作用了:
(PC 10.118.0.35 eth0) - (SW) - (eth1 ip 10.118.0.1 - NAT - eth0) -因特网
但这并不是:
(PC 10.118.0.35 eth0) -互联网
#!/bin/bash
#UPLOAD
tc qdisc del root dev ifb1
tc qdisc add dev eth1 handle ffff: ingress
tc filter add dev eth1 parent ffff: u32 match u32 0 0 action mirred egress redirect dev ifb1
tc qdisc add dev ifb1 root handle 1: prio bands 2 priomap 1 1 1 1 1 1 1 1 1 1 1 1 1 1 1 1
tc qdisc add dev ifb1 parent 1:1 handle 10: sfq
tc filter add dev ifb1 parent 1:0 protocol ip prio 1 u32 match ip dst 10.90.0.0/16 flowid 1:1
tc qdisc add dev ifb1 parent 1:2 handle 20:0 htb
tc class add dev ifb1 parent 20:0 classid 20:1 htb rate 1024000kbit ceil 1024000kbit
tc class add dev ifb1 parent 20:1 classid 20:100 htb rate 51200kbit ceil 204800kbit
tc qdisc add dev ifb1 parent 20:100 sfq
tc class add dev ifb1 parent 20:1 classid 20:110 htb rate 972800kbit ceil 1013760kbit
tc filter add dev ifb1 parent 20:0 prio 1 handle 11: protocol ip u32 divisor 256
tc filter add dev ifb1 protocol ip parent 20:0 prio 5 u32 ht 800:: match ip src 10.118.0.0/24 hashkey mask 0x000000ff at 12 link 11:
tc class add dev ifb1 parent 20:110 classid 20:03E8 htb rate 1024kbit ceil 1024kbit
tc qdisc add dev ifb1 parent 20:03E8 handle 03E8 cake diffserv4
tc filter add dev ifb1 protocol ip parent 20:0 prio 200 u32 ht 11:23: match ip src 10.118.0.35 flowid 20:03E8
#DOWNLOAD
tc qdisc del root dev eth1
tc qdisc add dev eth1 root handle 1: prio bands 2 priomap 1 1 1 1 1 1 1 1 1 1 1 1 1 1 1 1
tc qdisc add dev eth1 parent 1:1 handle 10: sfq
tc filter add dev eth1 parent 1:0 protocol ip prio 1 u32 match ip src 10.90.0.0/16 flowid 1:1
#qdisc add dev eth1 parent 1:2 handle 20:0 hfsc default 100
tc qdisc add dev eth1 parent 1:2 handle 20:0 htb
tc class add dev eth1 parent 20:0 classid 20:1 htb rate 1024000kbit ceil 1024000kbit
tc class add dev eth1 parent 20:1 classid 20:100 htb rate 51200kbit ceil 204800kbit
tc qdisc add dev eth1 parent 20:100 sfq
tc class add dev eth1 parent 20:1 classid 20:110 htb rate 972800kbit ceil 1013760kbit
tc filter add dev eth1 parent 20:0 prio 1 handle 11: protocol ip u32 divisor 256
tc filter add dev eth1 protocol ip parent 20:0 prio 5 u32 ht 800:: match ip dst 10.118.0.0/24 hashkey mask 0x000000ff at 16 link 11:
tc class add dev eth1 parent 20:110 classid 20:03E8 htb rate 1024kbit ceil 1024kbit
tc qdisc add dev eth1 parent 20:03E8 handle 03E8 cake diffserv4
tc filter add dev eth1 protocol ip parent 20:0 prio 200 u32 ht 11:23: match ip dst 10.118.0.35 flowid 20:03E8有人知道这应该如何寻找vlan接口,还是可以在vlan上运行tc?在我搜索tc + vlan期间,我只能找到基于vlan号的tc过滤器,但在这种情况下,情况并非如此。
回答 1
Server Fault用户
发布于 2023-05-09 06:21:14
如果其他人需要,这就是解决方案:
#!/bin/bash
tc qdisc del root dev eth1.118
tc qdisc add dev eth1.118 root handle 1: prio bands 2 priomap 1 1 1 1 1 1 1 1 1 1 1 1 1 1 1 1
tc qdisc add dev eth1.118 parent 1:1 handle 10: cake diffserv4 #esfq hash src perturb 10
tc filter add dev eth1.118 parent 1:0 protocol ip prio 1 u32 match ip dst 10.90.0.0/16 flowid 1:1
tc qdisc add dev eth1.118 parent 1:2 handle 20:0 hfsc default 100
tc class add dev eth1.118 parent 20:0 classid 20:1 hfsc ls m2 1024000kbit ul m2 1024000kbit
tc class add dev eth1.118 parent 20:1 classid 20:100 hfsc ls m2 51200kbit ul m2 204800kbit
tc qdisc add dev eth1.118 parent 20:100 cake diffserv4 #esfq hash src perturb 5
tc class add dev eth1.118 parent 20:1 classid 20:110 hfsc ls m2 972800kbit ul m2 1013760kbit
tc filter add dev eth1.118 parent 20:0 prio 1 handle 11: protocol ip u32 divisor 256
tc filter add dev eth1.118 protocol ip parent 20:0 prio 5 u32 ht 800:: match ip dst 10.118.0.0/24 hashkey mask 0x000000ff at 16 link 11:
# ip=10.118.0.35 qdiscNo=1000 createQdisc=1 multiESFQ=0
tc class add dev eth1.118 parent 20:110 classid 20:03E8 hfsc ls m1 1024kbit d 2000ms m2 512kbit ul m1 2048kbit d 2000ms m2 1024kbit
tc qdisc add dev eth1.118 parent 20:03E8 handle 03E8 cake diffserv4 #sfq perturb 15
tc filter add dev eth1.118 protocol ip parent 20:0 prio 200 u32 ht 11:23: match ip dst 10.118.0.35 flowid 20:03E8
tc qdisc del dev eth1.118 handle ffff: ingress
tc qdisc del root dev ifb0
tc qdisc add dev eth1.118 handle ffff: ingress
tc filter add dev eth1.118 parent ffff: protocol ip u32 match u32 0 0 action mirred egress redirect dev ifb0
tc qdisc add dev ifb0 root handle 1: prio bands 2 priomap 1 1 1 1 1 1 1 1 1 1 1 1 1 1 1 1
tc qdisc add dev ifb0 parent 1:1 handle 10: cake diffserv4 #esfq hash src perturb 10
tc filter add dev ifb0 parent 1:0 protocol ip prio 1 u32 match ip dst 10.90.0.0/16 flowid 1:1
tc qdisc add dev ifb0 parent 1:2 handle 20:0 hfsc default 100
tc class add dev ifb0 parent 20:0 classid 20:1 hfsc ls m2 1024000kbit ul m2 1024000kbit
tc class add dev ifb0 parent 20:1 classid 20:100 hfsc ls m2 51200kbit ul m2 204800kbit
tc qdisc add dev ifb0 parent 20:100 cake diffserv4 #esfq hash src perturb 5
tc class add dev ifb0 parent 20:1 classid 20:110 hfsc ls m2 972800kbit ul m2 1013760kbit
tc filter add dev ifb0 parent 20:0 prio 1 handle 11: protocol ip u32 divisor 256
tc filter add dev ifb0 protocol ip parent 20:0 prio 5 u32 ht 800:: match ip src 10.118.0.0/24 hashkey mask 0x000000ff at 12 link 11:
# ip=10.118.0.35 qdiscNo=1000 createQdisc=1 multiESFQ=0
tc class add dev ifb0 parent 20:110 classid 20:03E8 hfsc ls m1 1024kbit d 2000ms m2 512kbit ul m1 2048kbit d 2000ms m2 1024kbit
tc qdisc add dev ifb0 parent 20:03E8 handle 03E8 cake diffserv4 #sfq perturb 15
tc filter add dev ifb0 protocol ip parent 20:0 prio 200 u32 ht 11:23: match ip src 10.118.0.35 flowid 20:03E8在一个接口中,关键是"hashkey掩码0x000000ff 16“,在第二个接口上是"hashkey掩码0x000000ff 12”。我不知道这是为什么,但它起作用了。有人能解释一下为什么这个选项必须设为12和16吗?
页面原文内容由Server Fault提供。腾讯云小微IT领域专用引擎提供翻译支持
原文链接:
https://serverfault.com/questions/1127725
复制相关文章
相似问题
腾讯云开发者
Copyright © 2013 - 2026 Tencent Cloud. All Rights Reserved. 腾讯云 版权所有
深圳市腾讯计算机系统有限公司 ICP备案/许可证号:粤B2-20090059 
粤公网安备44030502008569号
腾讯云计算(北京)有限责任公司 京ICP证150476号 | 京ICP备11018762号