Traffic-Control-HOWTO
Traffic-Control-HOWTO
°øºÎ»ï¾Æ ¹ø¿ªÁßÀÔ´Ï´Ù. -- reom 2010-04-29 14:49:59
1. ¸®´ª½º Æ®·¡ÇÈ ÄÁÆ®·Ñ ¼Ò°³ ¶¸®´ª½º´Â ÆÐŶ Àü¼ÛÀ» °ü¸®ÇÏ°í Á¶ÀÛÇÏ´Â ¸Å¿ì ´Ù¾çÇÑ µµ±¸µéÀ» Á¦°øÇÕ´Ï´Ù. ¸¹Àº ¸®´ª½º Ä¿¹Â´ÏƼ¿¡¼ ¸®´ª½º »ó¿¡¼ ÆÐŶÀ» mangling ÇÏ°í ¹æȺ®(netfilter, ¿¹Àü¿¡´Â ipchain) À» ¸¸µé¾îÁÖ´Â ÅøµéÀº ¿î¿µÃ¼Á¦¿¡¼ µ¹¾Æ°¡´Â ¼ö¹é°³ÀÇ ³×Æ®¿öÅ© ¼ºñ½ºµé ¸¸ÅÀ̳ª Àͼ÷ÇÕ´Ï´Ù.
ÇÏÁö¸¸ Ä¿¹Â´ÏƼ¾È¿¡¼´Â Á¶±Ý, ¸®´ª½º Ä¿¹Â´ÏƼ ¹Û¿¡¼´Â ´õ Á¶±Ý¸¸ÀÌ Ä¿³Î 2.2¿Í 2.4¿¡¼ ½ÃÀÛÇÏ°í ¹ßÀüµÈ Æ®·¡ÇÈ ÄÁÆ®·Ñ ÇÏÀ§ ½Ã½ºÅÛÀÇ ¸·°ÇÑ ÆÄ¿ö¸¦ ¾Ë°í ÀÖ½À´Ï´Ù.
ÀÌ ÇÏ¿ìÅõ ¹®¼¸¦ ÅëÇØ Æ®·¡ÇÈ °ü¸®ÀÇ °³³ä°ú ÀϹÝÀûÀÌ°í ÀüÅëÀûÀÎ ¿ä¼Òµé, ¸®´ª½º¿¡¼ÀÇ Æ®·¡ÇÈ ÄÜÆ®·Ñ ±¸ÇöÀ» ¼Ò°³ÇÏ°í ¸î°¡Áö °¡À̵å¶óÀÎÀ» Á¦½ÃÇÏ°íÀÚ ÇÕ´Ï´Ù. ÀÌ ÇÏ¿ìÅõ ¹®¼´Â LARTC HOWTOÀÇ °³º° ÇÁ·ÎÁ§Æ®¿¡¼ ½ÃÀÛµÈ ¹®¼µé°ú ¿À·§µ¿¾È LARTCÀÇ ¸ÞÀϸµ ¸®½ºÆ®¸¦ ÅëÇØ ÁÖ°í¹çÀº Åä·ÐµéÀ» ¸ðÀ¸°í ÅëÇÕÇÏ¿© °áÇÕÇÑ ¹®¼ÀÔ´Ï´Ù.
¹Ù·Î ´çÀå ½ÇÇèÇغ¸°í ½Í¾îÇÏ´Â ÂüÀ»¼º ¾ø´Â ¿µÈ¥µéÀº HTB HOWTO³ª LARTC HOWTO¸¦ Âü°íÇÏ´Â °ÍÀ» ÃßõÇÕ´Ï´Ù.
1.1. ÀÌ ¹®¼¸¦ Àд ´ë»ó ±×¸®°í µ¶ÀÚ¿¡ ´ëÇÑ °¡Á¤ ¶ÀÌ ÇÏ¿ìÅõ´Â Æ®·¡ÇÈ ÄÁÆ®·ÑÀ̶ó´Â ºÐ¾ß¿¡ ´ëÇÑ ¼Ò°³³ª ¸®´ª½º »ó¿¡¼ Æ®·¡ÇÈ ÄÁÆ®·ÑÀ» ±¸ÇöÇÏ´Â Åø¿¡ ´ëÇÑ °³¿ä¸¦ ¾Ë°í ½Í¾îÇÏ´Â ³×Æ®¿÷ °ü¸®ÀÚ³ª ¾î´À Á¤µµÀÇ Áö½ÄÀ» °¡Áö°í ÀÖ´Â ÀÏ¹Ý »ç¿ëÀÚ¸¦ ´ë»óÀ¸·Î ÀÛ¼ºµÇ¾ú½À´Ï´Ù.
ÀÌ ¹®¼¸¦ Àд µ¶ÀÚµéÀÌ UNIX °³³äÀ̳ª ¸í·É¾î¿¡ Ä£¼÷ÇÏ°í IP ³×Æ®¿öÅ·¿¡ ´ëÇØ ±âº»ÀûÀÎ Áö½ÄÀÌ ÀÖ´Â °ÍÀ¸·Î °£ÁÖÇÏ°í ¹®¼¸¦ ÀÛ¼ºÇÏ¿´½À´Ï´Ù.
Users who wish to implement traffic control may require the ability to patch, compile and install a kernel or software package 1. For users with newer kernels (2.4.20+, see also Section 5.1), however, the ability to install and use software may be all that is required.
Broadly speaking, this HOWTO was written with a sophisticated user in mind, perhaps one who has already had experience with traffic control under Linux. I assume that the reader may have no prior traffic control experience.
1.3. Recommended approach ¶I strongly recommend to the eager reader making a first foray into the discipline of traffic control, to become only casually familiar with the tc command line utility, before concentrating on tcng. The tcng software package defines an entire language for describing traffic control structures. At first, this language may seem daunting, but mastery of these basics will quickly provide the user with a much wider ability to employ (and deploy) traffic control configurations than the direct use of tc would afford.
Where possible, I'll try to prefer describing the behaviour of the Linux traffic control system in an abstract manner, although in many cases I'll need to supply the syntax of one or the other common systems for defining these structures. I may not supply examples in both the tcng language and the tc command line, so the wise user will have some familiarity with both.
1.4. Missing content, corrections and feedback ¶There is content yet missing from this HOWTO. In particular, the following items will be added at some point to this documentation.
A description and diagram of GRED, WRR, PRIO and CBQ.
A section of examples.
A section detailing the classifiers.
A section discussing the techniques for measuring traffic.
A section covering meters.
More details on tcng.
I welcome suggestions, corrections and feedback at <martin@linux-ip.net>. All errors and omissions are strictly my fault. Although I have made every effort to verify the factual correctness of the content presented herein, I cannot accept any responsibility for actions taken under the influence of this documentation.
2. °³¿ä ¶This section will introduce traffic control and examine reasons for it, identify a few advantages and disadvantages and introduce key concepts used in traffic control.
ÀÌ Àå¿¡¼´Â Æ®·¡ÇÈ ÄÁÆ®·ÑÀ» °³³ä°ú Æ®·¡ÇÈ ÄÁÆ®·ÑÀ» »ç¿ëÇÏ´Â ÀÌÀ¯, Àå´ÜÁ¡, Æ®·¡ÇÈ ÄÁÆ®·ÑÀÇ ¸î°¡Áö Áß¿äÇÑ °³³äµé¿¡ ´ëÇؼ ¼Ò°³ÇÏ°Ú½À´Ï´Ù.
2.1. Æ®·¡ÇÈ ÄÁÆ®·ÑÀ̶õ? ¶Æ®·¡ÇÈ ÄÁÆ®·ÑÀº ¶ó¿ìÅÍ¿¡¼ ¼ö½ÅÇϰųª ¼Û½ÅÇÑ ÆÐŶµéÀ» Å¥À×ÇÏ´Â ½Ã½ºÅÛÀ̳ª ¸ÞÄ¿´ÏÁò ÁýÇÕ¿¡ ºÙ¿©Áø À̸§ÀÔ´Ï´Ù. ÀÌ°ÍÀº ¼ö½Å ÀÎÅÍÆäÀ̽º¿¡¼ ¾î¶² ÆÐŶÀ» ¾î¶² ¼Óµµ·Î ¹Þ¾ÆµéÀÏÁö¿Í ¼Û½Å ÀÎÅÍÆäÀ̽º¿¡¼ ¾î¶² ÆÐŶÀ» ¾î¶² ¼ø¼¿Í ¾î¶² ¼Óµµ·Î Àü¼ÛÇÒÁö °áÁ¤ÇÏ´Â °ÍÀ» Æ÷ÇÔÇÏ°í ÀÖ½À´Ï´Ù.
¸®´ª½ºÀÇ µðÆúÆ® qdisc´Â FIFOº¸´Ù ¾à°£ º¹ÀâÇÑ pfifo-fast ÀÔ´Ï´Ù.
¸ðµç Á¾·ùÀÇ ¼ÒÇÁÆ®¿þ¾î¿¡ Å¥¸¦ »ç¿ëÇÏ°í ÀÖ½À´Ï´Ù. Å¥´Â ´ë±âÁßÀÎ ÀÛ¾÷À̳ª µ¥ÀÌÅ͸¦ °ü¸®ÇÏ´Â ¹æ¹ýÀÔ´Ï´Ù. (Section 2.5 Âü°í) ³×Æ®¿÷ ¸µÅ©´Â ÀϹÝÀûÀ¸·Î µ¥ÀÌÅ͸¦ Á÷·Ä·Î Â÷·ÊÂ÷·Ê(serialized fashon) Àü´ÞÇϱ⠶§¹®¿¡ ó¸® ÇѰ踦 ³Ñ¾î¼´Â µ¥ÀÌÅÍ ÆÐŶÀ» ó¸®Çϱâ À§Çؼ Å¥°¡ ÇÊ¿äÇÕ´Ï´Ù.
µ¥½ºÅ©Å¾ Àåºñ¿Í À¥¼¹ö°¡ ÀÎÅͳÝÀ¸·Î °°Àº ¾÷¸µÅ©¸¦ °øÀ¯Çؼ »ç¿ëÇÏ´Â °æ¿ì »ç¿ë ´ë¿ª¿¡ ´ëÇÑ °æÀïÀÌ ¹ß»ýÇÏ°Ô µË´Ï´Ù.
À¥¼¹ö°¡ ¸µÅ©¸¦ ÅëÇØ µ¥ÀÌÅÍ°¡ Àü´ÞµÇ´Â °Íº¸´Ù ºü¸£°Ô ¶ó¿ìÅÍÀÇ ¼Û½Å Å¥¸¦ ü¿ï ¼ö µµ ÀÖ½À´Ï´Ù. ÀÌ·± °æ¿ì ¾î¶² ½ÃÁ¡ ºÎÅÍ ¶ó¿ìÅÍ´Â ÆÐŶÀ» ¹ö¸®°Ô µË´Ï´Ù. (Å¥°¡ °¡µæ áÀ½)
ÀÌÁ¦ µ¥½ºÅ©Å¾ Àåºñ´Â (±×¸®°í ÀÛ¾÷ÁßÀÌ´ø »ç¿ëÀÚ´Â) ÆÐŶ ¼Õ½Ç°ú Àü¼Û Áö¿¬(high latency)À» °Þ°Ô µË´Ï´Ù. ´À·ÁÅÍÁø ¼Óµµ´Â »ç¿ëÀÚ¸¦ ¼Ò¸®Áö¸£°Ô ¸¸µì´Ï´Ù!! ÀÌ·± µÎ°¡Áö ´Ù¸¥ Á¾·ùÀÇ ¾îÇø®ÄÉÀ̼ÇÀ» À§ÇØ °¢°¢ÀÇ ¾îÇø®ÄÉÀ̼ÇÀÌ ³×Æ®¿÷ ÀÚ¿øÀ» ´õ Àß °øÀ¯ Çϵµ·Ï ³»ºÎÀÇ Å¥¸¦ »ç¿ëÇÒ ¼ö ÀÖ½À´Ï´Ù.
Traffic control is the set of tools which allows the user to have granular control over these queues and the queuing mechanisms of a networked device. The power to rearrange traffic flows and packets with these tools is tremendous and can be complicated, but is no substitute for adequate bandwidth.
The term Quality of Service (QoS) is often used as a synonym for traffic control.
2.2. ¿Ö ¾²³ª? ¶Packet-switched networks differ from circuit based networks in one very important regard. A packet-switched network itself is stateless. A circuit-based network (such as a telephone network) must hold state within the network. IP networks are stateless and packet-switched networks by design; in fact, this statelessness is one of the fundamental strengths of IP.
The weakness of this statelessness is the lack of differentiation between types of flows. In simplest terms, traffic control allows an administrator to queue packets differently based on attributes of the packet. It can even be used to simulate the behaviour of a circuit-based network. This introduces statefulness into the stateless network.
There are many practical reasons to consider traffic control, and many scenarios in which using traffic control makes sense. Below are some examples of common problems which can be solved or at least ameliorated with these tools.
The list below is not an exhaustive list of the sorts of solutions available to users of traffic control, but introduces the types of problems that can be solved by using traffic control to maximize the usability of a network connection.
ÀϹÝÀûÀÎ Æ®·¡ÇÈ ÄÁÆ®·Ñ ¹æ¹ýµé
Àüü ´ë¿ªÆøÀ» ¾Ë·ÁÁø ¼Óµµ·Î Á¦ÇÑ : TBF, HTB ±×¿Ü ÇÏÀ§ Ŭ·¡½ºµé
ƯÁ¤ »ç¿ëÀÚ³ª ¼¹Ù½º, ȤÀº Ŭ¶óÀ̾ðÆ®¿¡ ´ë¿ªÆøÀ» Á¦ÇÑ : HTB Ŭ·¡½º, classifying with a filter. traffic.
ºñ´ëĪ ¸µÅ©¿¡¼ TCP Àü¼Û ¼Óµµ¸¦ ÃÖ´ëÈ : prioritize transmission of ACK packets, wondershaper.
Reserve bandwidth for a particular application or user; HTB with children classes and classifying.
Prefer latency sensitive traffic; PRIO inside an HTB class.
Managed oversubscribed bandwidth; HTB with borrowing.
Allow equitable distribution of unreserved bandwidth; HTB with borrowing.
Ensure that a particular type of traffic is dropped; policer attached to a filter with a drop action.
Remember, too that sometimes, it is simply better to purchase more bandwidth. Traffic control does not solve all problems!
2.3. ÀåÁ¡ ¶When properly employed, traffic control should lead to more predictable usage of network resources and less volatile contention for these resources. The network then meets the goals of the traffic control configuration. Bulk download traffic can be allocated a reasonable amount of bandwidth even as higher priority interactive traffic is simultaneously serviced. Even low priority data transfer such as mail can be allocated bandwidth without tremendously affecting the other classes of traffic.
In a larger picture, if the traffic control configuration represents policy which has been communicated to the users, then users (and, by extension, applications) know what to expect from the network.
2.4. ´ÜÁ¡ ¶º¹À⼺ÀÌ Æ®·¡ÇÈ ÄÁÆ®·ÑÀ» »ç¿ëÇÏ´Â °æ¿ì¿¡ °¡Àå Å« ´ÜÁ¡ÀÌÀÌ´Ù.
Complexity is easily one of the most significant disadvantages of using traffic control. There are ways to become familiar with traffic control tools which ease the learning curve about traffic control and its mechanisms, but identifying a traffic control misconfiguration can be quite a challenge.
Traffic control when used appropriately can lead to more equitable distribution of network resources. It can just as easily be installed in an inappropriate manner leading to further and more divisive contention for resources.
The computing resources required on a router to support a traffic control scenario need to be capable of handling the increased cost of maintaining the traffic control structures. Fortunately, this is a small incremental cost, but can become more significant as the configuration grows in size and complexity.
For personal use, there's no training cost associated with the use of traffic control, but a company may find that purchasing more bandwidth is a simpler solution than employing traffic control. Training employees and ensuring depth of knowledge may be more costly than investing in more bandwidth.
Although traffic control on packet-switched networks covers a larger conceptual area, you can think of traffic control as a way to provide some of the statefulness of a circuit-based network to a packet-switched network.
2.5. Å¥ ¶Å¥´Â ¸ðµç Æ®·¡ÇÈ ÄÁÆ®·ÑÀÇ ¹ÙÅÁÀÌÀÚ ½ºÄÉÁ층 ¹Ø¿¡ ÀÖ´Â ÇʼöÀûÀÎ °³³ä ÀÔ´Ï´Ù. Å¥´Â ¾×¼ÇÀ̳ª ¼ºñ½º¸¦ ±â´Ù¸®°í ÀÖ´Â ÇÑÁ¤µÈ ¼öÀÇ ¾ÆÀÌÅÛÀ» ´ã°í ÀÖ´Â Àå¼Ò(ȤÀº ¹öÆÛ)ÀÔ´Ï´Ù. ³×Æ®¿öÅ·¿¡¼ Å¥´Â ÆÐŶµéÀÌ Çϵå¿þ¾î¿¡ ÀÇÇØ Àü¼ÛµÉ¶§±îÁö ´ë±âÇÏ´Â Àå¼ÒÀÔ´Ï´Ù.
°¡Àå °£´ÜÇÑ ¸ðµ¨Àº ¸ÕÀú µé¾î¿Â ÆÐŶÀÌ ¸ÕÀú Àü¼ÛµÇ´Â °ÍÀÔ´Ï´Ù. ÄÄÇ»ÅÍ ³×Æ®¿öÅ· ü°è¿¡¼(³Ð°Ô´Â ÄÄÇ»ÅÍ °úÇп¡¼) ÀÌ·¯ÇÑ Å¥´Â FIFO¶ó°í ¾Ë·ÁÁ®ÀÖ½À´Ï´Ù.
¾î¶² ´Ù¸¥ ¸ÞÄ¿´ÏÁòÀÌ ¾ø´Ù¸é Å¥´Â Æ®·¡ÇÈ ÄÁÆ®·Ñ¿¡ °üÇÑ ¾î¶°ÇÑ º¸Àåµµ ÇÏÁö ¾Ê½À´Ï´Ù. Å¥´Â ¿ÀÁ÷ µÎ°³ÀÇ Çൿ¿¡¸¸ °ü½ÉÀÌ ÀÖ½À´Ï´Ù. Å¥¿¡ µé¾î¿Â °ÍÀ» ´ã´Â °Í°ú ³ª°£°ÍÀº »èÁ¦ÇÏ´Â °Í ÀÔ´Ï´Ù.
¿©·¯°³ÀÇ Å¥¸¦ ÀÌ¿ëÇؼ ÆÐŶÀ» Áö¿¬½ÃÅ°°í, ´Ù½Ã ¹è¿ÇÏ°í, ¹ö¸®°í, ¿ì¼±¼øÀ§¸¦ ÁÖ´Â ¸ÞÄ¿´ÏÁòÀ» Å¥¿¡ °áÇÕ ÇÒ ¼ö ÀÖ½À´Ï´Ù. ÀÌ·¸°Ô Å¥¸¦ ´Ù¸¥ ¸ÞÄ¿´ÏÁò°ú °áÇÕ½ÃÅ´À¸·Î½á Å¥´Â ´õ Èï¹Ì·Î¿ö Áú ¼ö ÀÖ½À´Ï´Ù.
»óÀ§ ·¹ÀÌ¾î ¼ÒÇÁÆ®¿þ¾îÀÇ °üÁ¡¿¡¼ ÆÐŶÀº ´Ü¼øÈ÷ ¼Û½ÅÀ» À§ÇØ Å¥¿¡ ³Ö¾îÁý´Ï´Ù. ±×¸®°í Å¥¿¡ ³Ö¾îÁ®ÀÖ´Â ÆÐŶÀÌ ¾î¶² ¼ø¼³ª ±ÔÄ¢¿¡ µû¶ó Àü¼ÛÀÌ µÇ´ÂÁö´Â »óÀ§ ·¹À̾°Ô´Â Áß¿äÇÏÁö ¾Ê½À´Ï´Ù. ±×·¯¹Ç·Î »óÀ§ ·¹À̾°Ô Àüü Æ®·¡ÇÈ ÄÁÆ®·Ñ ½Ã½ºÅÛÀº ±×Àú ÇÑ°³ÀÇ Å¥·Î º¸ÀÌ°Ô µË´Ï´Ù. Æ®·¡ÇÈ ÄÁÆ®·Ñ ±¸Á¶°¡ °ø°³µÇ°í º¸¿©Áö´Â °ÍÀº ÇöÀç ·¹À̾îÀÇ ³»ºÎ¸¦ µé¿©´Ùº¼ ¶§ »ÓÀÔ´Ï´Ù.
2.6. È帧 (flows) ¶È帧Àº µÎ°³ÀÇ È£½ºÆ® »çÀÌÀÇ ÇϳªÀÇ ±¸ºÐµÇ´Â ¿¬°áÀ̳ª °ü¸®¸¦ ¸»ÇÕ´Ï´Ù. µÎ È£½ºÆ®°£ÀÇ ¾î¶°ÇÑ Æ¯Á¤ÇÑ ÆÐŶ ¹À½À» È帧À̶ó°í ÇÒ ¼ö ÀÖ½À´Ï´Ù. TCP ¿¬°áÀÇ °æ¿ì¶ó¸é Ãâ¹ßÁö IP¿Í port, ¸ñÀûÁö IP¿Í port¸¦ °¡Áø ¿¬°áÀÌ È帧À» ³ªÅ¸³»°Ô µË´Ï´Ù. UDP ¿¬°áµÇ ºñ½ÁÇÏ°Ô Á¤ÀÇµÉ ¼ö ÀÖ½À´Ï´Ù.
ÀÚÁÖ »ç¿ëµÇ´Â Æ®·¡ÇÈ ÄÁÆ®·Ñ ¹æ¹ýÀº Æ®·¡ÇÈÀ» ÇϳªÀÇ ¹À½À¸·Î ÇÕÃļ Àü¼Û ÇÒ ¼ö ÀÖ´Â ¿©·¯°³ÀÇ È帧 Ŭ·¡½º·Î ±¸ºÐÇÏ´Â °ÍÀÌ´Ù. ¶Ç ÇϳªÀÇ ¹æ¹ýÀº °¢°¢ÀÇ °³º°ÀûÀÎ È帧ÀÌ ´ë¿ªÆøÀ» °øÆòÇÏ°Ô ³ª´©¾î »ç¿ëÇϵµ·Ï ÇÏ´Â °ÍÀÌ´Ù.
¿©·¯°³ÀÇ °æÀïÀûÀÎ È帧µé ¼Ó¿¡¼ ´ë¿ªÆøÀ» °øÆòÇÏ°Ô ³ª´©·Á°í ÇÒ¶§ È帧Àº Áß¿äÇØÁø´Ù. ƯÈ÷ ¾î¶² ¾îÇø®ÄÉÀ̼ÇÀÌ ¸¹Àº ¼ýÀÚÀÇ È帧À» °íÀÇ·Î ¸¸µé¾î³¾¶§ ´õ ±×·¸´Ù.
2.7. ÅäÅ«°ú ¾çµ¿ÀÌ ¶shaping ¸ÅÄ¿´ÏÁòÀÇ µÎ°¡Áö ÇÙ½É ÀûÀÎ ³»¿ëÀº ÅäÅ«°ú ¾çµ¿ÀÌÀÇ °³³ä°ú ¹ÐÁ¢ÇÏ°Ô ¿¬°üÀÌ ÀÖ´Ù.
µðÅ¥À× ¼Óµµ¸¦ Á¶ÀýÇϱâ À§Çؼ ±¸ÇöºÎ´Â ¸Å¹ø µ¥ÀÌÅÍ°¡ Å¥¿¡¼ ³ª°¥¶§ ³ª°¡´Â ÆÐŶÀÇ °¹¼ö ȤÀº ¹ÙÀÌÆ®¸¦ ¼¿ ¼ö ÀÖ¾î¾ßÇÑ´Ù. ºñ·Ï ÀÌ°ÍÀÌ ÃÖ´ëÇÑ Á¤È®ÇÑ Å¸ÀÌ¸Ó¿Í ÃøÁ¤ ÀåÄ¡ÀÇ º¹ÀâÇÑ »ç¿ëÀ» ÇÊ¿ä·Î ÇÏ´õ¶óµµ. Æ®·¡ÇÈ ÄÁÆ®·Ñ¿¡¼ ¸¹ÀÌ »ç¿ëÇÏ´Â ÇÑ°¡Áö ¹æ¹ýÀº ÇöÀçÀÇ »ç¿ë·®°ú ½Ã°£À» °è»êÇÏ´Â ´ë½Å¿¡ ÅäÅ«À» »ç¿ëÇÏ´Â °ÍÀÌ´Ù. ÅäÅ«À» ¿øÇÏ´Â ¼Óµµ·Î ¸¸µé¾î³»°í ÅäÅ«ÀÌ »ç¿ë°¡´ÉÇÑ ½ÃÁ¡¿¡¸¸ ÆÐŶÀ̳ª ¹ÙÀÌÆ®¸¦ µðÅ¥À× ÇÑ´Ù.
³îÀÌ °ø¿ø¿¡¼ ³îÀ̱ⱸ¸¦ Ÿ·Á°í ±â´Ù¸®´Â »ç¶÷µé°ú Å¥À×ÀÇ À¯»çÁ¡À» »ý°¢Çغ¸ÀÚ. °íÁ¤µÈ Æ®·¢À» ¿òÁ÷ÀÌ´Â Ä«Æ®¸¦ »ó»óÇغ¸ÀÚ. Å¥ÀÇ ÀÔ±¸¿¡ Ä«Æ®°¡ Á¤ÇØÁø ¼Óµµ·Î µµÂøÇÑ´Ù. Ä«Æ®¸¦ Ÿ±â À§Çؼ ¸ðµç »ç¶÷µéÀº ºó Ä«Æ®°¡ µµÂøÇÒ¶§ ±îÁö ±â´Ù·Á¾ßÇÑ´Ù. Ä«Æ®´Â ÅäÅ«À» ºñÀ¯µÇ°í »ç¶÷Àº ÆÐŶ¿¡ ºñÀ¯µÈ´Ù. ÀÌ·¯ÇÑ ¹æ¹ýÀº Àü¼Û·ü Á¦ÇÑ È¤Àº shaping ¸ÞÄ¿´ÏÁòÀÌ´Ù. ƯÁ¤ÇÑ ±â°£µ¿¾È ¿ÀÁ÷ Á¤ÇØÁø ¼ýÀÚÀÇ »ç¶÷µé¸¸ÀÌ ³îÀ̱ⱸ¸¦ Å» ¼ö ÀÖ´Ù.
³îÀ̱ⱸ ºñÀ¯¸¦ È®ÀåÇؼ »ý°¢Çغ¸ÀÚ. ³îÀÌ ±â±¸ ¾ÕÀÇ ºó ÁÙ°ú »ç¶÷µéÀ» Å¿ì·Á°í Æ®·¢¿¡¼ ±â´Ù¸®°í ÀÖ´Â ¸¹Àº ¼ýÀÚÀÇ Ä«Æ®¸¦ »ó»óÇغ¸ÀÚ. ¸¹Àº »ç¶÷µéÀÌ ÇѲ¨¹ø¿¡ ÀÔÀåÇؼ ³îÀ̱ⱸ¸¦ Ÿ·Á°í Çصµ ºó Ä«Æ®µéÀÌ ±â´Ù¸®°í ÀÖÀ¸¹Ç·Î ÇѲ¨¹ø¿¡ Ä«Æ®¸¦ Å» ¼ö ÀÖ´Ù. ¿©·¯´ëÀÇ ºó Ä«Æ®°¡ ¾çµ¿À̸¦ ÀǹÌÇÑ´Ù. ¾çµ¿ÀÌ´Â ±â´Ù¸± ÇÊ¿ä ¾øÀÌ ÇѲ¨¹ø¿¡ ´Ù »ç¿ëÇÒ ¼ö ÀÖ´Â ¿©·¯°³ÀÇ ÅäÅ«À» °¡Áö°í ÀÖ´Ù.
³îÀÌ °ø¿øÀÇ ³îÀ̱ⱸ ºñÀ¯¸¦ ¿Ï¼ºÇغ¸ÀÚ. Ä«Æ®(Áï ÅäÅ«)ÀÌ µµÂøÇß´Ù. Ä«Æ®´Â Á¤ÇØÁø ¼Óµµ·Î µµÂøÇÏ°í ÃÖ´ë ¾çµ¿ÀÌÀÇ Å©±â ¸¸Å ´ë±âÇÏ°í ÀÖÀ» ¼ö ÀÖ´Ù. ±×·¯¹Ç·Î ¾çµ¿ÀÌ´Â Á¤ÇØÁø ¼Óµµ·Î ÅäÅ«À¸·Î ü¿öÁø´Ù. ±×¸®°í ÅäÅ«À» »ç¿ëÇÏÁö ¾Ê°í ÀÖÀ¸¸é ¾çµ¿ÀÌ°¡ °¡µæ Âù´Ù. ÅäÅ«À» »ç¿ëÇÏ¸é ¾çµ¿ÀÌ´Â °¡µæ Â÷Áö ¾Ê´Â´Ù. ¾çµ¿ÀÌ´Â HTTP ó·³ ÀÏÁ¤ÇÏÁö ¾Ê°Ô ¸ô·Áµå´Â Æ®·¡ÇÈÀ» ¼ö¿ë ÇÒ ¼ö ÀÖ´Â ÇÙ½É °³³äÀÌ´Ù.
ÅäÅ«À» Áï½Ã ÇÊ¿ä·Î ÇÏÁö ¾Ê´Â Å¥ÀÇ °æ¿ì ÅäÅ«ÀÌ ÇÊ¿äÇÏ°Ô µÉ ¶§±îÁö ÅäÅ«À» ¸ðÀ» ¼ö ÀÖ´Ù. ÅäÅ«À» ¹«ÇÑÀÌ ¸ðÀ¸´Â °ÍÀº shapingÀÇ ÀåÁ¡À» ¾µ¸ð¾ø°Ô ¸¸µç´Ù. ±×·¯¹Ç·Î Á¤ÇØÁø °¹¼ö ±îÁö¸¸ ÅäÅ«À» ¸ðÀº´Ù. ÀÌÁ¦ Å¥´Â ¸¹Àº ¼öÀÇ ÆÐŶ°ú ¹ÙÀÌÆ®¸¦ Àü¼Û ÇÒ ¼ö ÀÖÀ»¸¸Å ÅäÅ«À» °¡Áö°í ÀÖ´Ù. ÀÌ ¹«ÇüÀÇ ÅäÅ«Àº ¹«ÇüÀÇ ¾çµ¿ÀÌ¿¡ ÀúÀåµÇ¾î ÀÖ´Ù. ±×¸®°í ¸ðÀ» ¼ö ÀÖ´Â ÅäÅ«ÀÇ °¹¼ö´Â ¾çµ¿ÀÌÀÇ Å©±â¿¡ ´Þ·ÁÀÖ´Ù.
ÀÌ°ÍÀº ¶ÇÇÑ ÅäÅ«À¸·Î ü¿öÁø ¾çµ¿ÀÌ´Â ¾ðÁ¦µçÁö »ç¿ë °¡´ÉÇÏ´Ù´Â °ÍÀ» ÀǹÌÇÑ´Ù. ¸Å¿ì ±ÔÄ¢ÀûÀÎ Æ®·¡ÇÈÀº ÀÛÀº ¾çµ¿À̷εµ °ü¸®ÇÒ ¼ö ÀÖ´Ù. ºÒ±ÔÄ¢ÀûÀÎ È帧À» ÁÙÀÌ·Á´Â ¸ñÀûÀÌ ¾Æ´Ñ ÀÌ»ó ºÒ±ÔÄ¢ÀûÀÎ Æ®·¡ÇÈÀº Å« ¾çµ¿ÀÌ°¡ ÇÊ¿äÇÏ´Ù.
¿ä¾àÇÏÀÚ¸é ÅäÅ«Àº Á¤ÇØÁø ¼Óµµ·Î ¸¸µé¾îÁö°í ¾çµ¿ÀÌ¿¡ Á¤ÇØÁø ÃÖ´ë °¹¼ö¸¸Å ÀúÀåµÈ´Ù. ÀÌ°ÍÀº Àü¼Û Æ®·¡ÇÈÀ» smooting ÇÏ°í shaping ÇÔÀ¸·Î½á ºÒ±ÔÄ¢ÀûÀÎ Æ®·¡ÇÈÀ» Á¦¾îÇÒ ¼ö ÀÖ°Ô ÇØÁØ´Ù.
ÅäÅ«°ú ¾çµ¿ÀÌÀÇ °³³äÀº ¼·Î ¹ÐÁ¢ÇÏ°Ô ¿¬°üµÇ¾î ÀÖ°í µÑ´Ù TBF(Ŭ·¡½º ¾ø´Â qdisc ÁßÀÇ Çϳª)¿Í HTB(class »ç¿ëÇÏ´Â qdisc ÁßÀÇ Çϳª)¿¡¼ »ç¿ëÇÑ´Ù.
tcng ¾ð¾î¿¡¼ two- and three-color meters ÀÇ »ç¿ëÀº ÀǽÉÇÒ ¿©Áö ¾øÀÌ ÅäÅ«°ú ¾çµ¿ÀÌ °³³äÀ» ¸»ÇÑ´Ù.
2.8. ÆÐŶ°ú ÇÁ·¹ÀÓ ¶³×Æ®¿÷À» °¡·ÎÁú·¯ Àü´ÞµÇ´Â µ¥ÀÌÅ͸¦ ºÎ¸£´Â ¿ë¾î´Â »ç¿ëÀÚ°¡ °üÂûÇÏ´Â ·¹À̾µû¶ó Á¶±Ý¾¿ ´Þ¶óÁø´Ù. ÀÌ ¹®¼´Â ÆÐŶ°ú ÇÁ·¹ÀÓÀ̶ó´Â ´Ü¾î¸¦ ¸íÈ®ÇÑ ±â¼úÀû ±¸ºÐ¾øÀÌ »ç¿ëÇÒ °ÍÀÌ´Ù. ºñ·Ï ´ÙÀ½¿¡¼ µÎ ¿ë¾î¸¦ ´ë·« ¼³¸íÇϱä ÇÏÁö¸¸.
ÇÁ·¹ÀÓÀ̶ó´Â ´Ü¾î´Â ÀϹÝÀûÀ¸·Î µÎ¹ø° ·¹À̾î(µ¥ÀÌÅÍ ¸µÅ© ·¹À̾î) ¿¡¼ ´ÙÀ½ ¼ö½Å´ÜÀ¸·Î Àü´ÞµÇ´Â µ¥ÀÌÅÍ ´ÜÀ§¸¦ ¶æÇÑ´Ù. ÀÌ´õ³Ý ÀÎÅÍÆäÀ̽º³ª PPP ÀÎÅÍÆäÀ̽º, T1 ÀÎÅÍÆäÀ̽º ¸ðµÎ ±×µéÀÇ ·¹À̾î 2 µ¥ÀÌÅÍ ´ÜÀ§¸¦ ÇÁ·¹ÀÓÀ̶ó°í ºÎ¸¥´Ù. ÇÁ·¹ÀÓÀº ½ÇÁ¦·Î Æ®·¡ÇÈ ÄÁÆ®·ÑÀÌ Àû¿ëµÇ´Â ´ÜÀ§ ÀÌ´Ù.
¹Ý¸é ÆÐŶÀº layer 3 (³×Æ®¿öÅ© ·¹À̾î)¿Í °°Àº ´õ »óÀ§ ·¹À̾îÀÇ °³³äÀÌ´Ù. ÀÌ ¹®¼¿¡¼´Â Á¶±Ý ´ú Á¤È®ÇÑ ´Ü¾îÀ̱â´Â ÇÏÁö¸¸ ÆÐŶÀ̶ó´Â ¿ë¾î¸¦ ´õ ¸¹ÀÌ »ç¿ëÇÑ´Ù.
3.1. ¼ÎÀÌÇÎ(shaping) ¶shaper´Â ÆÐŶÀ» ¿øÇÏ´Â ¼Óµµ·Î Áö¿¬ ½ÃŲ´Ù. ¼ÎÀÌÇÎ(shaping)Àº ¼Û½Å Å¥¿¡¼ ¿øÇÏ´Â ¼Û½Å ¼Óµµ¸¦ À¯ÁöÇϱâ À§ÇØ ÆÐŶÀ» Àü¼Û Àü¿¡ Áö¿¬½ÃÅ°´Â ¹æ¹ýÀÌ´Ù. ÀÌ°ÍÀº ´ë¿ªÆø Á¦¾î¸¦ ¿øÇÏ´Â »ç¿ëÀÚµéÀÇ °¡Àå ÀϹÝÀûÀÎ ¿ä±¸»çÇ× ÀÌ´Ù.
Æ®·¡ÇÈ ÄÁÆ®·ÑÀÇ ÇØ°áÃ¥À¸·Î½á ÆÐŶÀ» Áö¿¬½ÃÅ°´Â °ÍÀº ¸ðµç shaping ¸ÅÄ¿´ÏÁòÀ» non-work-conserving ¸ÅÄ¿´ÏÁòÀ¸·Î ¸¸µç´Ù.
½±°Ô ¸»Çؼ ÆÐŶÀ» Áö¿¬½ÃÅ°±âÀ§Çؼ´Â ÀÛ¾÷ÀÌ ÇÊ¿äÇÏ´Ù.
´Ù½Ã ¸»Çϸé non-work-conserving Å¥À× ¸ÞÄ¿´ÏÁòÀÌ shaping ÇÔ¼ö¸¦ ±¸ÇöÇÑ´Ù.
work-conserving Å¥À× ¸ÅÄ¿´ÏÁò(¿¹¸¦µé¾îPRIO)À¸·Î´Â ÆÐŶÀ» Áö¿¬½Ãų ¼ö ¾ø´Ù.
shaper´Â ¼³Á¤µÈ Àü¼Û ¼Óµµ(ÈçÈ÷ ÃÊ´ç ÆÐŶ ¼ö ȤÀº ÃÊ´ç bit/byte ¼ö·Î ÃøÁ¤)¸¦ ³ÑÁö ¾Êµµ·Ï Æ®·¡ÇÈÀ» Á¦ÇÑÇϰųª ÀÏÁ¤ÇÏ°Ô ºÐ¹èÇÏ·Á°í ÇÑ´Ù.
3.2. ½ºÄÉÁ층 ¶scheduler´Â Àü¼Û ÆÐŶÀ» Á¤·Ä ȤÀº ÀçÁ¤·ÄÇÑ´Ù.
3.3. Classifying ¶Classifiers´Â ¿©·¯°³ÀÇ Å¥·Î Æ®·¡ÇÈÀ» ±¸ºÐÇÏ°í Á¤¸®ÇÑ´Ù.
Classifying is the mechanism by which packets are separated for different treatment, possibly different output queues. During the process of accepting, routing and transmitting a packet, a networking device can classify the packet a number of different ways. Classification can include marking the packet, which usually happens on the boundary of a network under a single administrative control or classification can occur on each hop individually.
The Linux model (see Section 4.3) allows for a packet to cascade across a series of classifiers in a traffic control structure and to be classified in conjunction with policers (see also Section 4.5).
3.4. Policing ¶Policers measure and limit traffic in a particular queue.
Policing, as an element of traffic control, is simply a mechanism by which traffic can be limited. Policing is most frequently used on the network border to ensure that a peer is not consuming more than its allocated bandwidth. A policer will accept traffic to a certain rate, and then perform an action on traffic exceeding this rate. A rather harsh solution is to drop the traffic, although the traffic could be reclassified instead of being dropped.
A policer is a yes/no question about the rate at which traffic is entering a queue. If the packet is about to enter a queue below a given rate, take one action (allow the enqueuing). If the packet is about to enter a queue above a given rate, take another action. Although the policer uses a token bucket mechanism internally, it does not have the capability to delay a packet as a shaping mechanism does.
3.5. Dropping ¶Dropping discards an entire packet, flow or classification.
Dropping a packet is a mechanism by which a packet is discarded.
3.6. Marking ¶Marking is a mechanism by which the packet is altered.
This is not fwmark. The iptablestarget MARKand the ipchains--markare used to modify packet metadata, not the packet itself.
Traffic control marking mechanisms install a DSCP on the packet itself, which is then used and respected by other routers inside an administrative domain (usually for DiffServ).
4. ¸®´ª½º Æ®·¡ÇÈ ÄÁÆ®·Ñ ¿ä¼Ò ¶Table 1. Correlation between traffic control elements and Linux components
4.1. qdisc ¶°£´ÜÈ÷ ¸»Çϸé qdisc´Â ½ºÄÉÁì·¯ÀÌ´Ù. (Section 3.2).
¸ðµç ¼Û½Å ÀÎÅÍÆäÀ̽º´Â ¾î¶² Á¾·ùÀÇ ½ºÄÉÁì·¯¸¦ ÇÊ¿ä·ÎÇÑ´Ù. ±âº» ½ºÄÉÁì·¯´Â FIFOÀÌ´Ù.
¸®´ª½º »ó¿¡¼ »ç¿ë °¡´ÉÇÑ ´Ù¸¥ qdisc ´Â ½ºÄÉÁì·¯ÀÇ Å¥¿¡ µé¾î¿À´Â ÆÐŶÀ» ½ºÄÉÁì·¯ÀÇ ±ÔÄ¢¿¡ µû¶ó ÀçÁ¤·ÄÇÑ´Ù.
qdisc´Â ¸®´ª½º Æ®·¡ÇÈ ÄÁÆ®·Ñ ±¸¼ºÀÇ ÇÙ½É ¿ä¼ÒÀÌ´Ù. qdisc´Â Å¥À× ±ÔÄ¢(queueing discipline)À» ºÎ¸£´Â ¸»ÀÌ´Ù.
classful qdisc´Â Ŭ·¡½º¸¦ °¡Áö°í ÀÖ´Ù. ±×¸®°í ÇÊÅ͸¦ ºÙÀÏ ¼ö ÀÖ´Â ÇÚµéÀ» Á¦°øÇÑ´Ù.
ÇÏÀ§ Ŭ·¡½º¸¦ °¡Áö°í ÀÖÁö ¾ÊÀº classful qdisc¸¦ »ç¿ëÇÏ´Â °ÍÀ» ±ÝÁöÇÏÁö ¾Ê´Â´Ù. ÇÏÁö¸¸ º¸Åë ÀÌ°ÍÀº À̵æ¾øÀÌ ½Ã½ºÅÛÀÇ ÀÚ¿øÀ» ¼ÒºñÇÏ°Ô µÈ´Ù.
class ¾ø´Â qdisc´Â Ŭ·¡½º¸¦ °¡Áö°í ÀÖÁö ¾Ê´Ù. ¶Ç ÇÊÅ͸¦ ºÙÀÌ´Â °Íµµ ºÒ°¡´ÉÇÏ´Ù.
The classless qdiscs can contain no classes, nor is it possible to attach filter to a classless qdisc. Because a classless qdisc contains no children of any kind, there is no utility to classifying. This means that no filter can be attached to a classless qdisc.
A source of terminology confusion is the usage of the terms root qdisc and ingress qdisc. These are not really queuing disciplines, but rather locations onto which traffic control structures can be attached for egress (outbound traffic) and ingress (inbound traffic).
Each interface contains both. The primary and more common is the egress qdisc, known as the root qdisc. It can contain any of the queuing disciplines (qdiscs) with potential classes and class structures. The overwhelming majority of documentation applies to the root qdisc and its children. Traffic transmitted on an interface traverses the egress or root qdisc.
For traffic accepted on an interface, the ingress qdisc is traversed. With its limited utility, it allows no child class to be created, and only exists as an object onto which a filter can be attached. For practical purposes, the ingress qdisc is merely a convenient object onto which to attach a policer to limit the amount of traffic accepted on a network interface.
In short, you can do much more with an egress qdisc because it contains a real qdisc and the full power of the traffic control system. An ingress qdisc can only support a policer. The remainder of the documentation will concern itself with traffic control structures attached to the root qdisc unless otherwise specified.
4.2. class ¶Classes only exist inside a classful qdisc (e.g., HTB and CBQ). Classes are immensely flexible and can always contain either multiple children classes or a single child qdisc 1. There is no prohibition against a class containing a classful qdisc itself, which facilitates tremendously complex traffic control scenarios.
Any class can also have an arbitrary number of filters attached to it, which allows the selection of a child class or the use of a filter to reclassify or drop traffic entering a particular class.
A leaf class is a terminal class in a qdisc. It contains a qdisc (default FIFO) and will never contain a child class. Any class which contains a child class is an inner class (or root class) and not a leaf class.
4.3. filter ¶The filter is the most complex component in the Linux traffic control system. The filter provides a convenient mechanism for gluing together several of the key elements of traffic control. The simplest and most obvious role of the filter is to classify (see Section 3.3) packets. Linux filters allow the user to classify packets into an output queue with either several different filters or a single filter.
A filter must contain a classifier phrase.
A filter may contain a policer phrase.
Filters can be attached either to classful qdiscs or to classes, however the enqueued packet always enters the root qdisc first. After the filter attached to the root qdisc has been traversed, the packet may be directed to any subclasses (which can have their own filters) where the packet may undergo further classification.
4.4. classifier ¶Filter objects, which can be manipulated using tc, can use several different classifying mechanisms, the most common of which is the u32 classifier. The u32 classifier allows the user to select packets based on attributes of the packet.
The classifiers are tools which can be used as part of a filter to identify characteristics of a packet or a packet's metadata. The Linux classfier object is a direct analogue to the basic operation and elemental mechanism of traffic control classifying.
4.5. policer ¶This elemental mechanism is only used in Linux traffic control as part of a filter. A policer calls one action above and another action below the specified rate. Clever use of policers can simulate a three-color meter. See also Section 10.
Although both policing and shaping are basic elements of traffic control for limiting bandwidth usage a policer will never delay traffic. It can only perform an action based on specified criteria. See also Example 5.
4.6. drop ¶This basic traffic control mechanism is only used in Linux traffic control as part of a policer. Any policer attached to any filter could have a drop action.
The only place in the Linux traffic control system where a packet can be explicitly dropped is a policer. A policer can limit packets enqueued at a specific rate, or it can be configured to drop all traffic matching a particular pattern 2.
There are, however, places within the traffic control system where a packet may be dropped as a side effect. For example, a packet will be dropped if the scheduler employed uses this method to control flows as the GRED does.
Also, a shaper or scheduler which runs out of its allocated buffer space may have to drop a packet during a particularly bursty or overloaded period.
4.7. ÇÚµé ¶¸ðµç Ŭ·¡½º¿Í Ŭ·¡½º ÀÖ´Â qdisc´Â Æ®·¡ÇÈ ÄÁÆ®·Ñ ±¸Á¶ ¾È¿¡¼ À¯ÀÏÇÑ identifier°¡ ÇÊ¿äÇÏ´Ù. ÀÌ À¯ÀÏÇÑ identifier¸¦ ÇÚµéÀ̶ó°í ºÎ¸¥´Ù. ÇÚµéÀº ÁÖ¹øÈ£¿Í ºÎ¹øÈ£¶ó°í ºÒ¸®´Â µÎ°³ÀÇ ¼ýÀÚ·Î µÇ¾îÀÖ´Ù. ÀÌ ¼ýÀÚµéÀº ´ÙÀ½ ±ÔÄ¢¿¡ µû¶ó »ç¿ëÀÚ°¡ ¸¶À½´ë·Î ÇÒ´çÇÒ ¼ö ÀÖ´Ù.
Ŭ·¡½º(class)¿Í Å¥À×±ÔÄ¢(qdisc)ÀÇ Çڵ鿡 ¹øÈ£ ºÙÀ̱â
ÁÖ ¹øÈ£
ÁÖ¹øÈ£´Â Ä¿³Î·ÎºÎÅÍ ÀÚÀ¯·Ó°Ô ºÙÀÏ ¼ö ÀÖ´Ù. »ç¿ëÀÚ´Â ÀÓÀÇÀÇ ¼ýÀÚ¸¦ »ç¿ëÇÒ ¼ö ÀÖ´Ù. ÇÏÁö¸¸ °°Àº ºÎ¸ð¸¦ °¡Áø Æ®·¡ÇÈ ÄÁÆ®·ÑÀÇ ¸ðµç objectsµéÀº ÇϳªÀÇ ÁÖ¹øÈ£¸¦ »ç¿ëÇؾßÇÑ´Ù. ÀϹÝÀûÀ¸·Î´Â root qdisc¿¡ Á÷Á¢ ºÙÀº object´Â 1ºÎÅÍ ½ÃÀÛÇؼ ¼ýÀÚ¸¦ ºÙÀδÙ.
ºÎ ¹øÈ£
This parameter unambiguously identifies the object as a qdisc if minor is 0. Any other value identifies the object as a class. All classes sharing a parent must have unique minor numbers.
The special handle ffff:0 is reserved for the ingress qdisc.
The handle is used as the target in classid and flowid phrases of tc filter statements. These handles are external identifiers for the objects, usable by userland applications. The kernel maintains internal identifiers for each object.
|
Be careful how you get yourself involved with persons or situations that can't bear inspection. |