• Home
Name Date Size #Lines LOC

..--

CMakeLists.txtD03-May-2024299 54

README.txtD03-May-20242.6 KiB5846

simulation.pyD03-May-20244.4 KiB11295

tc_neighbor_sharing.cD03-May-20241.6 KiB6649

tc_neighbor_sharing.pyD03-May-20242.9 KiB8059

README.txt

1This example shows how a combination of BPF programs can be used to perform
2per-IP classification and rate limiting. The simulation in this example
3shows an example where N+M devices are combined and use 1 WAN. Traffic sent
4from/to the "neighbor" devices have their combined bandwidth capped at
5128kbit, and the rest of the traffic can use an additional 1Mbit.
6
7This works by sharing a map between various tc ingress filters, each with
8a related set of bpf functions attached. The map stores a list of dynamically
9learned ip addresses that were seen on the neighbor devices and should be
10throttled.
11
12                         /------------\                        |
13neigh1 --|->->->->->->->-|            |                        |
14neigh2 --|->->->->->->->-|    <-128kb-|        /------\        |
15neigh3 --|->->->->->->->-|            |  wan0  | wan  |        |
16         | ^             |   br100    |-<-<-<--| sim  |        |
17         | clsfy_neigh() |            |   ^    \------/        |
18lan1 ----|->->->->->->->-|    <--1Mb--|   |                    |
19lan2 ----|->->->->->->->-|            |   classify_wan()       |
20           ^             \------------/                        |
21           pass()                                              |
22
23To run the example:
24
25$ sudo /path/to/neighbor_sharing/neighbor_sharing.py
26Starting netserver with host 'IN(6)ADDR_ANY' port '12865' and family AF_UNSPEC
27Starting netserver with host 'IN(6)ADDR_ANY' port '12865' and family AF_UNSPEC
28Starting netserver with host 'IN(6)ADDR_ANY' port '12865' and family AF_UNSPEC
29Starting netserver with host 'IN(6)ADDR_ANY' port '12865' and family AF_UNSPEC
30Starting netserver with host 'IN(6)ADDR_ANY' port '12865' and family AF_UNSPEC
31Network ready. Create a shell in the wan0 namespace and test with netperf
32   (Neighbors are 172.16.1.100-102, and LAN clients are 172.16.1.150-151)
33 e.g.: ip netns exec wan0 netperf -H 172.16.1.100 -l 2
34Press enter when finished:
35
36
37In another shell:
38$ sudo ip netns exec wan0 netperf -H 172.16.1.100 -l 2
39MIGRATED TCP STREAM TEST from 0.0.0.0 (0.0.0.0) port 0 AF_INET to 172.16.1.100 () port 0 AF_INET : demo
40Recv   Send    Send
41Socket Socket  Message  Elapsed
42Size   Size    Size     Time     Throughput
43bytes  bytes   bytes    secs.    10^6bits/sec
44
45 87380  16384  16384    4.30        0.18
46
47$ sudo ip netns exec wan0 netperf -H 172.16.1.150 -l 2
48MIGRATED TCP STREAM TEST from 0.0.0.0 (0.0.0.0) port 0 AF_INET to 172.16.1.150 () port 0 AF_INET : demo
49Recv   Send    Send
50Socket Socket  Message  Elapsed
51Size   Size    Size     Time     Throughput
52bytes  bytes   bytes    secs.    10^6bits/sec
53
54 87380  16384  16384    4.10        1.01
55
56
57The bandwidth is throttled according to the IP.
58