Recently I got interested in traffic shaping to simulate various bandwidth capacities. It was a headache to find a working software in that field until I realized that 1) it was easy 2) it was straighforward on Linux kernel since version (2.2.x?).
First of all, you need to modrobe a few kew kernel modules: cls_u32, sch_cbq, ip_tables
Then all you have to do is to use the “tc” utility which is part of the iproute package.
For instance, let’s assume that you want to limit incoming and outgoing traffic to 256kbits/s on your local host, and assuming that you have a 100Mbps capable network interface on eth0, what you have to do is:
# tc qdisc add dev eth0 root handle 1: cbq avpkt 1000 bandwidth 100mbit
# tc class add dev eth0 parent 1: classid 1:1 cbq rate 256kbit allot 1500 prio 5 bounded isolated
# tc filter add dev eth0 parent 1: protocol ip prio 16 u32 match ip dst 0/0 flowid 1:1
Then if you want to change the limit, use “replace” instead of “add” in the second command. For instance:
# tc class replace dev eth0 parent 1: classid 1:1 cbq rate 64kbit allot 1500 prio 5 bounded isolated
You will notice easily that it’s doing the job very well.
Anyway, I went into some troubles when I started to monitor the traffic: the bandwidth that I set with tc doesn’t fit at all with the actual limitation. For instance, when setting 50kbit in tc, I get a real limitation of around 24 *kBytes* per second, which is about 200kbps. At first, I thought it was a problem with “knetdockapp” that I’m using to monitor the traffic. So I used Bandwidthd which shew similar results, and finally, I transferred a big file during 60 seconds and calculated the real rate from the number of bytes that were received. The results were still the same.
So I’m still wondering why there is such a difference between the figure provided to tc and the real shaped bandwidth.