LinuxCommandLibrary

tc

Traffic control: shaping and prioritizing network traffic

TLDR

Add constant network delay to outbound packages

$ sudo tc [[q|qdisc]] [[a|add]] dev [eth0] root netem delay [delay_in_milliseconds]ms
copy

Add normal distributed network delay to outbound packages
$ sudo tc [[q|qdisc]] [[a|add]] dev [eth0] root netem delay [mean_delay_ms]ms [delay_std_ms]ms
copy

Add package corruption/loss/duplication to a portion of packages
$ sudo tc [[q|qdisc]] [[a|add]] dev [eth0] root netem [corruption|loss|duplication] [effect_percentage]%
copy

Limit bandwidth, burst rate and max latency
$ sudo tc [[q|qdisc]] [[a|add]] dev eth0 root tbf rate [max_bandwidth_mb]mbit burst [max_burst_rate_kb]kbit latency [max_latency_before_drop_ms]ms
copy

Show active traffic control policies
$ tc [[q|qdisc]] [[s|show]] dev [eth0]
copy

Delete all traffic control rules
$ sudo tc [[q|qdisc]] [[d|delete]] dev [eth0]
copy

Change traffic control rule
$ sudo tc [[q|qdisc]] [[c|change]] dev [eth0] root netem [policy] [policy_parameters]
copy

SYNOPSIS

tc [ OPTIONS ] OBJECT { COMMAND | help }
OBJECT := { qdisc | class | filter | action | monitor | resource }
OPTIONS := { -s | -d | -o | -n | -r | -p | -t | -B | -I | -V | -h | -force }
COMMAND := { add | change | replace | del | show | get | monitor }

PARAMETERS

-s
    Show statistics for objects (e.g., packet counts, bytes, errors).

-d
    Show default values for objects, which can be useful for debugging.

-o
    One shot operation; the command exits immediately upon the first error encountered.

-n
    Do not resolve network addresses or service names; display numeric values instead.

-r
    Replace an existing object if it already exists; otherwise, add it. This is a shorthand for 'add' with the 'replace' keyword.

-p
    Pretty print statistics, converting byte and bit rates into human-readable formats (e.g., KBps, Mbps).

-t
    Display timestamps for operations, showing when a command was processed.

-B <file>
    Read and execute tc commands from the specified batch file, one command per line.

-I
    Ignore errors for specified operations, allowing subsequent commands in a batch script to continue.

-V
    Show the version information for the tc utility.

-h
    Display a brief help message for the tc command.

-force
    Force the operation, overriding certain sanity checks that tc might otherwise perform.

DESCRIPTION

tc (Traffic Control) is the command-line utility used to configure Quality of Service (QoS) and traffic shaping for the Linux kernel. It allows administrators to manage network packet queues, classify packets, apply various scheduling algorithms (qdiscs), and implement rate limiting, policing, and prioritization. tc operates by manipulating the queuing discipline (qdisc) attached to network interfaces, which then manages how packets are buffered and transmitted. It's a powerful tool for optimizing network performance, managing congestion, and ensuring fair bandwidth allocation across different applications or users. Its extensive capabilities make it essential for advanced network management but also contribute to its significant complexity.

CAVEATS

tc is notoriously complex due to its hierarchical structure of qdiscs, classes, and filters, and the wide array of available algorithms. Misconfigurations can severely impact network connectivity, performance, or even render a network interface unusable. A deep understanding of networking concepts (queuing, scheduling, packet classification) is essential for effective use. Order of operations for adding and deleting components is critical.

CORE <B>TC</B> OBJECTS

The tc command operates on several types of objects, each representing a different aspect of traffic control:

  • qdisc (queuing discipline): The core component, attached to a network device, that manages packet queues and determines how packets are sent out the interface. Examples include htb, hfsc, fq_codel, tbf, prio.
  • class: Subdivisions within a qdisc, allowing for hierarchical structuring of traffic, where different types of traffic can be managed independently.
  • filter: Rules that classify incoming packets and direct them to specific classes within a qdisc for further processing. Filters use match criteria (e.g., source/destination IP, port, protocol) to identify traffic.
  • action: Operations applied to packets once they are classified by a filter, such as dropping, marking, or redirecting.

COMMON COMMANDS

For each object type, tc supports various commands:

  • add: Adds a new object (qdisc, class, filter).
  • change: Modifies an existing object's parameters.
  • replace: Atomically replaces an object if it exists, otherwise adds it.
  • del: Deletes an object and its associated sub-objects.
  • show: Displays the current configuration of objects on a network device.

HISTORY

The tc command is part of the iproute2 utilities, which replaced the older net-tools suite for network configuration in Linux. Developed largely by Alexey Kuznetsov, iproute2 (including tc) was designed to leverage the advanced networking capabilities of the Linux kernel, particularly Netlink sockets, providing a more powerful and flexible framework for network management compared to its predecessors. It has been the standard tool for Linux traffic control for many years, evolving with new kernel features.

SEE ALSO

ip(8), netlink(7), qdisc(8), class(8), filter(8), action(8), iptables(8)

Copied to clipboard