tc-choke

tc qdisc add dev parent [handle ] choke [limit ] [min ] [max ] [avpkt ] [burst ] [ecn | noecn] [probability ] [bandwidth ] [time ] [drop-force-min-pkt ] [drop-force-max-pkt ] [drop-force-burst-pkt ] [drop-force-prob ]

dev
    Specifies the network device to attach the qdisc to (e.g., eth0).

parent
    Defines where in the qdisc hierarchy this choke instance is attached. Use 'root' to attach it as the main qdisc on a device.

handle
    An optional identifier for this qdisc instance, typically in the format major:minor, used for referencing it later.

limit
    The maximum size of the queue in bytes or packets (e.g., 100kb, 500packets).

min
    The minimum threshold for the average queue size. Below this, no packets are dropped/marked by the RED component.

max
    The maximum threshold for the average queue size. Above this, all packets are dropped/marked.

avpkt
    The estimated average packet size. This value helps calculate other parameters like burst and time.

burst
    The maximum number of packets that can be sent in a burst without significantly affecting the calculated average queue size.

ecn | noecn
    Enables or disables Explicit Congestion Notification. When enabled, ECN-capable packets are marked instead of dropped to signal congestion.

probability
    The maximum drop/mark probability for the RED component when the average queue size is between 'min' and 'max' (a value from 0.0 to 1.0).

bandwidth
    The estimated average rate of traffic through the qdisc (e.g., 100Mbit). Used in conjunction with avpkt to calculate the time parameter.

time
    The maximum time a packet can spend in the queue (e.g., 100ms). It's typically computed automatically if bandwidth and avpkt are provided.

drop-force-min-pkt
    Sets the minimum packet size for consideration in the CHOKE-specific 'drop-force' mechanism.

drop-force-max-pkt
    Sets the maximum packet size for consideration in the CHOKE-specific 'drop-force' mechanism.

drop-force-burst-pkt
    Burst parameter specifically for the 'drop-force' mechanism, influencing how aggressively CHOKE penalizes dominant flows.

drop-force-prob
    The probability used by the 'drop-force' mechanism to drop/mark packets from aggressive flows when a match is found in the internal FIFO.

The tc-choke command is a queuing discipline (qdisc) used in Linux for advanced traffic control, specifically for Active Queue Management (AQM). It implements the CHOKE (CHannel Optimized KEeping track of congestion) algorithm, which is an enhancement over the traditional RED (Random Early Detection) algorithm.

While RED aims to prevent congestion by probabilistically dropping packets before a queue overflows, CHOKE adds a mechanism to identify and penalize 'unresponsive' or 'dominant' flows that contribute disproportionately to congestion. It does this by maintaining a small internal FIFO queue of recently dropped or marked packets. When a new packet arrives and the queue is congested, CHOKE checks if this new packet matches any in its internal FIFO. If a match is found, the incoming packet is dropped or marked with a higher probability.

Like RED, CHOKE also supports Explicit Congestion Notification (ECN), allowing routers to mark packets instead of dropping them to signal congestion to ECN-aware endpoints, thereby avoiding unnecessary packet loss. The primary goal of tc-choke is to reduce average queueing delay, prevent global synchronization of TCP flows, and improve fairness among competing traffic flows.

Configuring tc-choke requires a deep understanding of network traffic patterns and AQM principles. Improper tuning of parameters like min, max, and probability can lead to suboptimal network performance, including excessive packet drops or increased latency. The effectiveness of ECN also depends on both ends of the connection supporting it. CHOKE's ability to identify and penalize unresponsive flows is designed to improve fairness but might not be universally effective in all complex network scenarios.

CHOKE maintains a small FIFO buffer (typically of a few packets) of recently dropped or ECN-marked packets. When a new packet arrives and the queue is congested, CHOKE checks if the new packet's flow ID (e.g., based on source/destination IP and port) matches any flow ID of packets currently in this small FIFO buffer. If a match is found, the probability of dropping or marking the incoming packet is significantly increased, thereby penalizing the aggressive flow more heavily than a standard RED algorithm would.

While both RED and CHOKE are AQM algorithms, CHOKE extends RED by introducing a 'drop-forceless' or 'force-drop' mechanism. RED's dropping probability is solely based on the average queue size. CHOKE adds an additional layer where, if a packet belongs to a flow that has recently caused a drop/mark (as indicated by the small FIFO buffer), it faces a higher probability of being dropped/marked, thus aiming for better fairness against dominant, unresponsive flows.

The core concept of Random Early Detection (RED) was introduced in the early 1990s as a mechanism to alleviate network congestion before queues become full. The CHOKE algorithm emerged later, building upon RED, with the specific goal of addressing fairness issues where RED might not adequately penalize aggressively behaving flows. It was developed to specifically target and penalize flows that frequently cause congestion, thus promoting more equitable sharing of network resources.

tc(8), tc-red(8), tc-fq_codel(8), tc-pie(8), ip(8)