rpms / iproute

Clone
Source Code
GIT

Blame SOURCES/0133-man-Add-a-man-page-for-the-police-action.patch

c4 c5 c5-plus c6 c6-plus c7 c7-alt c7-beta c8 c8-beta c8s c9 c9-beta c9s-sig-hyperscale
  1.   049c9647b0c08f2036a213e6e72c12cb4f30217f
  2.   SOURCES
  3.   0133-man-Add-a-man-page-for-the-police-action.patch
Blob History Raw
049c96 
From dbe2324f84ce589c8fbef01af614cfd80c650483 Mon Sep 17 00:00:00 2001
049c96 
From: Phil Sutter <psutter@redhat.com>
049c96 
Date: Wed, 30 Mar 2016 16:43:19 +0200
049c96 
Subject: [PATCH] man: Add a man page for the police action
049c96
049c96 
Bugzilla: https://bugzilla.redhat.com/show_bug.cgi?id=1275426
049c96 
Upstream Status: iproute2.git commit d477eea5a6dcb
049c96
049c96 
commit d477eea5a6dcb1fe42f8106f2172eaced379eabc
049c96 
Author: Phil Sutter <phil@nwl.cc>
049c96 
Date:   Fri Mar 4 13:11:41 2016 +0100
049c96
049c96 
    man: Add a man page for the police action
049c96
049c96 
    Cc: Alexey Kuznetsov <kuznet@ms2.inr.ac.ru>
049c96 
    Signed-off-by: Phil Sutter <phil@nwl.cc>
049c96 
---
049c96 
 man/man8/tc-police.8 | 127 +++++++++++++++++++++++++++++++++++++++++++++++++++
049c96 
 1 file changed, 127 insertions(+)
049c96 
 create mode 100644 man/man8/tc-police.8
049c96
049c96 
diff --git a/man/man8/tc-police.8 b/man/man8/tc-police.8
049c96 
new file mode 100644
049c96 
index 0000000..2b1537e
049c96 
--- /dev/null
049c96 
+++ b/man/man8/tc-police.8
049c96 
@@ -0,0 +1,127 @@
049c96 
+.TH "Policing action in tc" 8 "20 Jan 2015" "iproute2" "Linux"
049c96 
+
049c96 
+.SH NAME
049c96 
+police - policing action
049c96 
+.SH SYNOPSIS
049c96 
+.in +8
049c96 
+.ti -8
049c96 
+.BR tc " ... " "action police"
049c96 
+.BI rate " RATE " burst
049c96 
+.IR BYTES [\fB/ BYTES "] ["
049c96 
+.B mtu
049c96 
+.IR BYTES [\fB/ BYTES "] ] ["
049c96 
+.BI peakrate " RATE"
049c96 
+] [
049c96 
+.BI avrate " RATE"
049c96 
+] [
049c96 
+.BI overhead " BYTES"
049c96 
+] [
049c96 
+.BI linklayer " TYPE"
049c96 
+] [
049c96 
+.BI conform-exceed " EXCEEDACT\fR[\fB/\fIEXCEEDACT\fR]"
049c96 
+
049c96 
+.ti -8
049c96 
+.IR EXCEEDACT " := { "
049c96 
+.BR pipe " | " ok " | " reclassify " | " drop " | " continue " }"
049c96 
+.SH DESCRIPTION
049c96 
+The
049c96 
+.B police
049c96 
+action allows to limit bandwidth of traffic matched by the filter it is
049c96 
+attached to.
049c96 
+.SH OPTIONS
049c96 
+.TP
049c96 
+.BI rate " RATE"
049c96 
+The maximum traffic rate of packets passing this action. Those exceeding it will
049c96 
+be treated as defined by the
049c96 
+.B conform-exceed
049c96 
+option.
049c96 
+.TP
049c96 
+.BI burst " BYTES\fR[\fB/\fIBYTES\fR]"
049c96 
+Set the maximum allowed burst in bytes, optionally followed by a slash ('/')
049c96 
+sign and cell size which must be a power of 2.
049c96 
+.TP
049c96 
+.BI mtu " BYTES\fR[\fB/\fIBYTES\fR]"
049c96 
+This is the maximum packet size handled by the policer (larger ones will be
049c96 
+handled like they exceeded the configured rate). Setting this value correctly
049c96 
+will improve the scheduler's precision.
049c96 
+Value formatting is identical to
049c96 
+.B burst
049c96 
+above. Defaults to unlimited.
049c96 
+.TP
049c96 
+.BI peakrate " RATE"
049c96 
+Set the maximum bucket depletion rate, exceeding
049c96 
+.BR rate .
049c96 
+.TP
049c96 
+.BI avrate " RATE"
049c96 
+Make use of an in-kernel bandwidth rate estimator and match the given
049c96 
+.I RATE
049c96 
+against it.
049c96 
+.TP
049c96 
+.BI overhead " BYTES"
049c96 
+Account for protocol overhead of encapsulating output devices when computing
049c96 
+.BR rate " and " peakrate .
049c96 
+.TP
049c96 
+.BI linklayer " TYPE"
049c96 
+Specify the link layer type.
049c96 
+.I TYPE
049c96 
+may be one of
049c96 
+.B ethernet
049c96 
+(the default),
049c96 
+.BR atm " or " adsl
049c96 
+(which are synonyms). It is used to align the precomputed rate tables to ATM
049c96 
+cell sizes, for
049c96 
+.B ethernet
049c96 
+no action is taken.
049c96 
+.TP
049c96 
+.BI conform-exceed " EXCEEDACT\fR[\fB/\fIEXCEEDACT\fR]"
049c96 
+Define how to handle packets which exceed (and, if the second
049c96 
+.I EXCEEDACT
049c96 
+is given, also those who don't), the configured bandwidth limit. Possible values
049c96 
+are:
049c96 
+.RS
049c96 
+.IP continue
049c96 
+Don't do anything, just continue with the next action in line.
049c96 
+.IP drop
049c96 
+Drop the packet immediately.
049c96 
+.IP shot
049c96 
+This is a synonym to
049c96 
+.BR drop .
049c96 
+.IP ok
049c96 
+Accept the packet. This is the default for conforming packets.
049c96 
+.IP pass
049c96 
+This is a synonym to
049c96 
+.BR ok .
049c96 
+.IP reclassify
049c96 
+Treat the packet as non-matching to the filter this action is attached to and
049c96 
+continue with the next filter in line (if any). This is the default for
049c96 
+exceeding packets.
049c96 
+.IP pipe
049c96 
+Pass the packet to the next action in line.
049c96 
+.SH EXAMPLES
049c96 
+A typical application of the police action is to enforce ingress traffic rate
049c96 
+by dropping exceeding packets. Although better done on the sender's side,
049c96 
+especially in scenarios with lack of peer control (e.g. with dial-up providers)
049c96 
+this is often the best one can do in order to keep latencies low under high
049c96 
+load. The following establishes input bandwidth policing to 1mbit/s using the
049c96 
+.B ingress
049c96 
+qdisc and
049c96 
+.B u32
049c96 
+filter:
049c96 
+
049c96 
+.RS
049c96 
+.EX
049c96 
+# tc qdisc add dev eth0 handle ffff: ingress
049c96 
+# tc filter add dev eth0 parent ffff: u32 \\
049c96 
+	match u32 0 0 \\
049c96 
+	police rate 1mbit burst 100k
049c96 
+.EE
049c96 
+.RE
049c96 
+
049c96 
+As an action can not live on it's own, there always has to be a filter involved as link between qdisc and action. The example above uses
049c96 
+.B u32
049c96 
+for that, which is configured to effectively match any packet (passing it to the
049c96 
+.B police
049c96 
+action thereby).
049c96 
+
049c96 
+.SH SEE ALSO
049c96 
+.BR tc (8)
049c96 
--
049c96 
1.8.3.1
049c96

Powered by Pagure 5.14.1

SSH Hostkey/Fingerprint | Documentation