I am new to using tc and netem. I want to delay packets being sent to a specific IP address. However, the commands below cause all packets on the system to be delayed, instead of just to the IP address 1.2.3.4:
tc qdisc del dev eth0 root
tc qdisc add dev eth0 root handle 1: prio
tc qdisc add dev eth0 parent 1:1 handle 2: netem delay 500ms
tc filter add dev eth0 parent 1:0 protocol ip pref 55 handle ::55 u32 match ip dst 1.2.3.4 flowid 2:1
My guess is that I need some kind of catch-all filter at the end to specify that all remaining traffic should not go through netem. But I can't get anything to work. How would I get this to work?
The chosen answer is incorrect/incomplete. I faced a similar issue, the chosen answer gave some help, but not enough.
First, the following command is not really needed.
It will 'delete' the root qdisc, but inmediately gets substituted by a pfifo_fast one (so you don't lose connectivity).
The second command:
Will substitute the pfifo_fast qdisc with the prio one. By default, the prio queue has 3 bands (0, 1, 2) each managed by one class (1:1, 1:2 and 1:3).
The packets will be sent to one of those bands using the TOS field of the IP package. This configuration is shown when you execute:
looking at the 'priomap' values.
Then, you add a netem qdisc:
With this command you delay all traffic going to the 1:1 band (until the filter is in place).
But there are two caveats:
The following solved my issue to not be affected by the netem while the filter is not applied. Instead of the above steps, I did:
This will send all traffic by default to the band 1:3.
Then, I added the rule to delay traffic:
This creates the qdisc in the band 0, but since all traffic goes to band 3, it didn't affect me.
Afterwards, I added the filter:
Now with the filter, only the chosen IP/port will be affected, since we redirect the chosen traffic to the band 0.
All the other traffic continues unaffected since it continues to flow to band 3.
Ok, I solved my own problem. It turns out that if you execute the first 3 lines above (the "tc qdisc" ones), it will delay all packets because there are no filters yet. The 4th line changes it to only delay packets from that single IP address. Additional filter lines can be added to add additional IP addresses to the "delayed" list. So: don't create a "netem delay" line without a filter pointing to it.
Simple example from https://wiki.linuxfoundation.org/networking/netem that lets you delay packets to a given IP without affecting any other traffic, even during configuration:
I haven't manage to delay traffic to one IP while keeping traffic normal to others IP normal with the method described in this thread.
However, I manage to do it using the following commands.
To delay
15001mstraffic to IP1.2.3.4from the host where the command is executed. The commandhostname -Iis used to get the main IP of the host but the value can be replaced directly inside the command.I had to add another filter with
0msdelay to match the traffic coming from the host. For sure it is not elegant but I haven't managed to have something nicer working.The last command can be replaced to match a single port.
To delay traffic to port
18583instead of IP1.2.3.4.I have also found a second method on this answer to delay traffic to
1.2.3.4:18583without impact on other traffic.