Linux Advanced Routing & Traffic Control HOWTO

Bert Hubert

Netherlabs BV

Gregory Maxwell

Remco van Mook

Martijn van Oosterhout

Paul B Schroeder

Jasper Spaans

Revision History

Revision 1.1 20020722

DocBook Edition

A very handson approach to iproute2, traffic shaping and a bit of netfilter.

mailto:bert.hubert@netherlabs.nlmailto:greg@linuxpower.cxmailto:remco@virtu.nlmailto:kleptog@cupid.suninternet.commailto:paulsch@us.ibm.commailto:jasper@spaans.ds9a.nl

Table of ContentsChapter 1. Dedication.........................................................................................................................................1

Chapter 2. Introduction......................................................................................................................................22.1. Disclaimer & License.......................................................................................................................22.2. Prior knowledge................................................................................................................................22.3. What Linux can do for you...............................................................................................................32.4. Housekeeping notes..........................................................................................................................32.5. Access, CVS & submitting updates..................................................................................................32.6. Mailing list........................................................................................................................................42.7. Layout of this document...................................................................................................................4

Chapter 3. Introduction to iproute2..................................................................................................................53.1. Why iproute2?...................................................................................................................................53.2. iproute2 tour......................................................................................................................................53.3. Prerequisites......................................................................................................................................53.4. Exploring your current configuration...............................................................................................6

3.4.1. ip shows us our links...............................................................................................................63.4.2. ip shows us our IP addresses...................................................................................................63.4.3. ip shows us our routes.............................................................................................................7

3.5. ARP...................................................................................................................................................8

Chapter 4. Rules routing policy database....................................................................................................104.1. Simple source policy routing..........................................................................................................104.2. Routing for multiple uplinks/providers...........................................................................................11

4.2.1. Split access............................................................................................................................124.2.2. Load balancing......................................................................................................................13

Chapter 5. GRE and other tunnels..................................................................................................................145.1. A few general remarks about tunnels:............................................................................................145.2. IP in IP tunneling............................................................................................................................145.3. GRE tunneling................................................................................................................................15

5.3.1. IPv4 Tunneling......................................................................................................................155.3.2. IPv6 Tunneling......................................................................................................................16

5.4. Userland tunnels..............................................................................................................................17

Chapter 6. IPv6 tunneling with Cisco and/or 6bone......................................................................................186.1. IPv6 Tunneling...............................................................................................................................18

Chapter 7. IPsec: secure IP over the Internet................................................................................................21

Chapter 8. Multicast routing...........................................................................................................................22

Chapter 9. Queueing Disciplines for Bandwidth Management....................................................................249.1. Queues and Queueing Disciplines explained..................................................................................249.2. Simple, classless Queueing Disciplines..........................................................................................25

9.2.1. pfifo_fast...............................................................................................................................259.2.2. Token Bucket Filter...............................................................................................................279.2.3. Stochastic Fairness Queueing................................................................................................29

Linux Advanced Routing & Traffic Control HOWTO

i

Table of ContentsChapter 9. Queueing Disciplines for Bandwidth Management

9.3. Advice for when to use which queue..............................................................................................309.4. Terminology....................................................................................................................................309.5. Classful Queueing Disciplines........................................................................................................32

9.5.1. Flow within classful qdiscs & classes...................................................................................329.5.2. The qdisc family: roots, handles, siblings and parents..........................................................339.5.3. The PRIO qdisc.....................................................................................................................349.5.4. The famous CBQ qdisc.........................................................................................................369.5.5. Hierarchical Token Bucket....................................................................................................41

9.6. Classifying packets with filters.......................................................................................................429.6.1. Some simple filtering examples............................................................................................439.6.2. All the filtering commands you will normally need..............................................................44

9.7. The Intermediate queueing device (IMQ).......................................................................................449.7.1. Sample configuration............................................................................................................45

Chapter 10. Load sharing over multiple interfaces.......................................................................................4710.1. Caveats..........................................................................................................................................4810.2. Other possibilities.........................................................................................................................48

Chapter 11. Netfilter & iproute marking packets......................................................................................49

Chapter 12. Advanced filters for (re)classifying packets............................................................................5012.1. Theu32 classifier..........................................................................................................................50

12.1.1. U32 selector.........................................................................................................................5112.1.2. General selectors.................................................................................................................5212.1.3. Specific selectors.................................................................................................................53

12.2. Theroute classifier........................................................................................................................5312.3. Policing filters...............................................................................................................................54

12.3