sub setup_tc_rate_limit {
my ($iface, $rate, $burst, $debug) = @_;
- system("/sbin/tc qdisc del dev $iface ingres >/dev/null 2>&1");
+ system("/sbin/tc class del dev $iface parent 1: classid 1:1 >/dev/null 2>&1");
+ system("/sbin/tc filter del dev $iface parent ffff: protocol ip prio 50 estimator 1sec 8sec >/dev/null 2>&1");
+ system("/sbin/tc qdisc del dev $iface ingress >/dev/null 2>&1");
system("/sbin/tc qdisc del dev $iface root >/dev/null 2>&1");
+ return if (!$rate || ($rate && $rate == 0));
+
run_command("/sbin/tc qdisc add dev $iface handle ffff: ingress");
- # virtio uses large packets 64K, so we need to set mtu to that
- # value - else filter drops those packets and rate limit does not work.
+ # this does not work wit virtio - don't know why (setting "mtu 64kb" does not help)
+ #run_command("/sbin/tc filter add dev $iface parent ffff: protocol ip prio 50 u32 match ip src 0.0.0.0/0 police rate ${rate}bps burst ${burst}b drop flowid :1");
+ # so we use avrate instead
run_command("/sbin/tc filter add dev $iface parent ffff: " .
- "protocol ip prio 50 u32 match ip src 0.0.0.0/0 " .
- "police rate ${rate}bps burst ${burst}b " .
- "mtu 64kb drop flowid :1");
+ "protocol ip prio 50 estimator 1sec 8sec " .
+ "u32 match ip src 0.0.0.0/0 police avrate ${rate}bps drop flowid :1");
# tbf does not work for unknown reason
#$TC qdisc add dev $DEV root tbf rate $RATE latency 100ms burst $BURST
}
}
+sub tap_rate_limit {
+ my ($iface, $rate) = @_;
+
+ my $debug = 0;
+ $rate = int($rate*1024*1024);
+ my $burst = 1024*1024;
+
+ setup_tc_rate_limit($iface, $rate, $burst, $debug);
+}
sub copy_bridge_config {
my ($br0, $br1) = @_;
die "got strange vlan tag '$tag_param'\n" if $tag < 1 || $tag > 4094;
my $bridgevlan = "${bridge}v$tag";
- my $iface = $bridge;
+
+ my $dir = "/sys/class/net/$bridge/brif";
+
+ #check if we have an only one ethX or bondX interface in the bridge
+
+ my $iface;
+ PVE::Tools::dir_glob_foreach($dir, '((eth|bond)\d+)', sub {
+ my ($slave) = @_;
+
+ die "more then one physical interfaces on bridge '$bridge'\n" if $iface;
+ $iface = $slave;
+
+ });
+
+ die "no physical interface on bridge '$bridge'\n" if !$iface;
+
my $ifacevlan = "${iface}.$tag";
- my $vlanflags = "reorder_hdr on gvrp on";
# create vlan on $iface is not already exist
if (! -d "/sys/class/net/$ifacevlan") {
- system("/sbin/ip link add link $iface name $ifacevlan type vlan id $tag $vlanflags") == 0 ||
- die "can't add vlan tag $tag to interface $iface\n";
+ system("/sbin/vconfig add $iface $tag") == 0 ||
+ die "can't add vlan tag $tag to interface $iface\n";
}
# be sure to have the $ifacevlan up