tc-red

tc qdisc [add|change|replace|delete] dev <DEV> [parent <HANDLE>] red [OPTIONS]

limit <BYTES>
    Maximum size of the RED queue in bytes. Packets are dropped if adding them would exceed this limit, regardless of RED thresholds.

min <BYTES>
    Minimum threshold for the average queue size. Below this, no packets are dropped by RED.

max <BYTES>
    Maximum threshold for the average queue size. Above this, all incoming packets are dropped by RED.

avpkt <BYTES>
    Average packet size in bytes. Used by RED to calculate the time constants for the average queue size and for burst calculations.

burst <PACKETS>
    Number of packets used to initialize the exponential weighted moving average (EWMA) calculation of the average queue size. A larger value makes the average queue size more resistant to short bursts.

ecn
    Enables Explicit Congestion Notification. Instead of dropping packets, RED will mark them with an ECN bit if both endpoints support it. This avoids packet loss for congestion signaling.

noecn
    Disables ECN. This is the default behavior if neither ecn nor harddrop is specified explicitly.

harddrop
    Forces RED to always drop packets when congestion occurs, even if ecn is enabled. This overrides ECN marking.

bandwidth <RATE>
    Estimated bandwidth of the interface (e.g., '100mbit', '1gbit'). This parameter is crucial for accurate calculation of the average queue size by influencing the time constants.

probability <PROBABILITY>
    The maximum probability (0 to 1) of dropping a packet when the average queue size is at the max threshold. Defaults to 0.02 (1/50).

nodrop
    (Rarely used) If specified, RED will never drop packets. It will only perform ECN marking when congestion thresholds are met. Requires ecn to be effective.

The tc-red command is part of the Linux traffic control (tc) framework, implementing the Random Early Detection (RED) active queue management (AQM) algorithm.

Unlike traditional tail-drop queues that only drop packets when the queue is completely full, RED proactively monitors the average queue size and starts dropping packets probabilistically before the queue becomes saturated. This helps to prevent global synchronization of TCP flows and improves overall network throughput and fairness.

RED operates by maintaining two thresholds: a minimum (min) and a maximum (max). Below the min threshold, no packets are dropped. Above the max threshold, all incoming packets are dropped. Between min and max, packets are dropped with a probability that increases linearly as the average queue size approaches max.

It also supports Explicit Congestion Notification (ECN), allowing routers to mark packets instead of dropping them, signaling congestion to ECN-capable endpoints. This can reduce retransmissions and improve performance in some scenarios. tc-red is a crucial tool for advanced network congestion avoidance strategies.

Tuning tc-red can be complex; incorrect parameters can lead to underutilization or continued congestion. The bandwidth parameter is critical for correct average queue size calculation. ECN requires support from both network endpoints to be effective.

Active Queue Management (AQM) refers to techniques that manage the length of network queues by dropping or marking packets before the queue becomes full. This is in contrast to traditional tail-drop queues, which only drop packets when the buffer is completely exhausted. RED is a foundational AQM algorithm designed to provide early feedback to TCP senders, prompting them to reduce their sending rates and preventing the queue from overflowing.

Global synchronization is a phenomenon where multiple TCP flows simultaneously reduce their sending rates due to packet loss at a congested router, and then simultaneously increase them again. This leads to oscillating link utilization (periods of underutilization followed by periods of severe congestion). RED mitigates this by dropping packets probabilistically and randomly, staggering the congestion signals received by different TCP flows and thus desynchronizing their congestion control mechanisms.

The Random Early Detection (RED) algorithm was primarily developed by Sally Floyd and Van Jacobson in the early 1990s as a significant advancement in Active Queue Management (AQM). Its purpose was to address the limitations of simple tail-drop queues, particularly the issues of global synchronization and inefficient link utilization.

RED was quickly adopted and integrated into operating systems' networking stacks, including Linux. It became a core component of the iproute2 utility suite's traffic control (tc) module, providing network administrators with a powerful tool for proactive congestion avoidance and improved network performance.

tc(8), tc-qdisc(8), tc-prio(8), tc-htb(8), tc-tbf(8), ip(8)