X-Git-Url: https://git.proxmox.com/?p=pve-common.git;a=blobdiff_plain;f=data%2FPVE%2FNetwork.pm;h=a7e55d71d123ce4af44b164dda008cec6512f9a1;hp=a3551deea49b24d6737947d62f7c7cc7ccaa87c8;hb=f0c190eebe95a72e2ff5ed875060e43e03f68ee4;hpb=fb572a93953215a4db15513353f1af517a17eb50

diff --git a/data/PVE/Network.pm b/data/PVE/Network.pm
index a3551de..a7e55d7 100644
--- a/data/PVE/Network.pm
+++ b/data/PVE/Network.pm
@@ -11,17 +11,21 @@ use File::Basename;
 sub setup_tc_rate_limit {
     my ($iface, $rate, $burst, $debug) = @_;
 
-    system("/sbin/tc qdisc del dev $iface ingres >/dev/null 2>&1");
+    system("/sbin/tc class del dev $iface parent 1: classid 1:1 >/dev/null 2>&1");
+    system("/sbin/tc filter del dev $iface parent ffff: protocol ip prio 50 estimator 1sec 8sec >/dev/null 2>&1");
+    system("/sbin/tc qdisc del dev $iface ingress >/dev/null 2>&1");
     system("/sbin/tc qdisc del dev $iface root >/dev/null 2>&1");
 
+    return if (!$rate || ($rate && $rate == 0));
+
     run_command("/sbin/tc qdisc add dev $iface handle ffff: ingress");
 
-    # virtio uses large packets 64K, so we need to set mtu to that
-    # value - else filter drops those packets and rate limit does not work.
-    run_command("/sbin/tc filter add dev $iface parent ffff: "
-		"protocol ip prio 50 u32 match ip src 0.0.0.0/0 "
-		"police rate ${rate}bps burst ${burst}b "
-		"mtu 64kb drop flowid :1");
+    # this does not work wit virtio - don't know why (setting "mtu 64kb" does not help)
+    #run_command("/sbin/tc filter add dev $iface parent ffff: protocol ip prio 50 u32 match ip src 0.0.0.0/0 police rate ${rate}bps burst ${burst}b drop flowid :1");
+    # so we use avrate instead
+    run_command("/sbin/tc filter add dev $iface parent ffff: " .
+		"protocol ip prio 50 estimator 1sec 8sec " .
+		"u32 match ip src 0.0.0.0/0 police avrate ${rate}bps drop flowid :1");
 
     # tbf does not work for unknown reason
     #$TC qdisc add dev $DEV root tbf rate $RATE latency 100ms burst $BURST
@@ -38,6 +42,37 @@ sub setup_tc_rate_limit {
     }
 }
 
+sub tap_rate_limit {
+    my ($iface, $rate) = @_;
+
+    my $debug = 0;
+    $rate = int($rate*1024*1024);
+    my $burst = 1024*1024;
+
+    setup_tc_rate_limit($iface, $rate, $burst, $debug);
+}
+
+sub tap_create {
+    my ($iface, $bridge) = @_;
+
+    die "unable to get bridge setting\n" if !$bridge;
+
+    my $bridgemtu = PVE::Tools::file_read_firstline("/sys/class/net/$bridge/mtu");
+	die "bridge '$bridge' does not exist\n" if !$bridgemtu;
+
+    eval{ PVE::Tools::run_command("/sbin/ifconfig $iface 0.0.0.0 promisc up mtu $bridgemtu");};
+	die "interface activation failed\n" if $@;
+}
+
+sub tap_plug {
+    my ($iface, $bridge, $tag) = @_;
+
+    my $newbridge = activate_bridge_vlan($bridge, $tag);
+    copy_bridge_config($bridge, $newbridge) if $bridge ne $newbridge;
+
+    system ("/usr/sbin/brctl addif $newbridge $iface") == 0 ||
+	die "can't add interface to bridge\n";
+}
 
 sub copy_bridge_config {
     my ($br0, $br1) = @_;