尽管我仅使用 tc 命令来定位传入数据包，但传入和传出的数据包都会延迟

Question 1

使用 TC，您只需处理传出的数据包。要匹配正在进行的数据包，您需要设置伊夫堡。

此外，您的连接正在聊天，例如，如果您通过 TCP 发送消息，响应者必须确认已收到该消息。因此，增加一种方式的延迟将增加两种方式的延迟。

对于 ping 来说，它也进行两种方式的测量。

Answer

使用 TC，您只需处理传出的数据包。要匹配正在进行的数据包，您需要设置伊夫堡。

此外，您的连接正在聊天，例如，如果您通过 TCP 发送消息，响应者必须确认已收到该消息。因此，增加一种方式的延迟将增加两种方式的延迟。

对于 ping 来说，它也进行两种方式的测量。

Question 2

您需要将 tc 与 ingress 和 ifb 一起使用 https://gist.githubusercontent.com/dogbunny/fda68f21784025876c57a4dfc3fb6bcc/raw/bfb19da28152364340f2d3f7ef179ee5371fd447/TC_ingress_port_filtering.txt

# This a solution for inducing latency on ingress traffic to a specific port
# note: ianae, but many hours of sleuthing and experimenting got me to this answer
# Adapted from https://wiki.gentoo.org/wiki/Traffic_shaping
# Note technically TC can only induce latency on egress traffic so we add an intermediate device which allows
#  us to first identify the traffic we want to affect and then send it to a queue to do <stuff>
# eth0 is the external interface receiving the traffic we want to filter, 4222 is the port we want to add latency to.
# Those are the only values that you should need to change, if necessary.

# Add a TC ingress queue to your external interface, by default you shouldn't have one
sudo tc qdisc add dev eth0 handle ffff: ingress
# make sure ifb module is loaded and bring up the interface (IFB = Intermediate Functional Block device)
sudo modprobe ifb
sudo ifconfig ifb0 up
# redirect all traffic to the ifb so that we can later filter on the traffic that leaves that interface
sudo tc filter add dev eth0 parent ffff: protocol all u32 match u32 0 0 action mirred egress redirect dev ifb0
# build up our egress queues and filters
# we need a root, this one uses priority queues which defaults to not modifying any traffic
sudo tc qdisc add dev ifb0 root handle 1: prio
# add a special queue that induces latency
sudo tc qdisc add dev ifb0 parent 1:1 handle 2: netem delay 100ms 50ms distribution normal
# if we find a packet that matches our destination port, send it to the above queue
sudo tc filter add dev ifb0 protocol ip parent 1:0 prio 1 u32 match ip dport 4222 0xffff flowid 2:1

Answer

您需要将 tc 与 ingress 和 ifb 一起使用 https://gist.githubusercontent.com/dogbunny/fda68f21784025876c57a4dfc3fb6bcc/raw/bfb19da28152364340f2d3f7ef179ee5371fd447/TC_ingress_port_filtering.txt

# This a solution for inducing latency on ingress traffic to a specific port
# note: ianae, but many hours of sleuthing and experimenting got me to this answer
# Adapted from https://wiki.gentoo.org/wiki/Traffic_shaping
# Note technically TC can only induce latency on egress traffic so we add an intermediate device which allows
#  us to first identify the traffic we want to affect and then send it to a queue to do <stuff>
# eth0 is the external interface receiving the traffic we want to filter, 4222 is the port we want to add latency to.
# Those are the only values that you should need to change, if necessary.

# Add a TC ingress queue to your external interface, by default you shouldn't have one
sudo tc qdisc add dev eth0 handle ffff: ingress
# make sure ifb module is loaded and bring up the interface (IFB = Intermediate Functional Block device)
sudo modprobe ifb
sudo ifconfig ifb0 up
# redirect all traffic to the ifb so that we can later filter on the traffic that leaves that interface
sudo tc filter add dev eth0 parent ffff: protocol all u32 match u32 0 0 action mirred egress redirect dev ifb0
# build up our egress queues and filters
# we need a root, this one uses priority queues which defaults to not modifying any traffic
sudo tc qdisc add dev ifb0 root handle 1: prio
# add a special queue that induces latency
sudo tc qdisc add dev ifb0 parent 1:1 handle 2: netem delay 100ms 50ms distribution normal
# if we find a packet that matches our destination port, send it to the above queue
sudo tc filter add dev ifb0 protocol ip parent 1:0 prio 1 u32 match ip dport 4222 0xffff flowid 2:1

尽管我仅使用 tc 命令来定位传入数据包，但传入和传出的数据包都会延迟

答案1

答案2

相关内容