Simulate Network Latency on Specific Port Using Tc

Simulate network latency on specific port using tc

Try this:

sudo tc qdisc add dev eth1 root handle 1: prio priomap 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0
sudo tc qdisc add dev eth1 parent 1:2 handle 20: netem delay 3000ms
sudo tc filter add dev eth1 parent 1:0 protocol ip u32 match ip sport 7000 0xffff flowid 1:2

Explanation:

  • Add the all zeros priomap to prio so all regular traffic flows through a single band. By default prio assigns traffic to different band according to the DSCP value of the packet. This means that some traffic that doesn't match your filter might end up in the same class as the delayed traffic.
  • Assign netem to one of the classes - 1:2
  • Finally, add your filter so it assigns the flow id 1:2 to matching packets. This is probably where you went wrong. You need to assign the filter to 1:2 of the classful prio qdisc, not the classless netem.

To test this setup, I changed the filter to dport 80 instead of sport 7000, and ran wget against checkip.amazonaws.com, which took 6 seconds (3 second delay for the TCP Syn, 3 second delay for the HTTP GET):

malt@ubuntu:~$ wget -O - checkip.amazonaws.com
--2016-10-23 06:21:42--  http://checkip.amazonaws.com/
Resolving checkip.amazonaws.com (checkip.amazonaws.com)... 75.101.161.183, 54.235.71.200, 107.20.206.176, ...
Connecting to checkip.amazonaws.com (checkip.amazonaws.com)|75.101.161.183|:80... connected.
HTTP request sent, awaiting response... 200 OK
Length: 10
Saving to: ‘STDOUT’

-                                   0%[                                                            ]       0  --.-KB/s               X.X.X.X
-                                 100%[===========================================================>]      10  --.-KB/s    in 0s

2016-10-23 06:21:48 (3.58 MB/s) - written to stdout [10/10]

Connections to other ports though (e.g. 443 - HTTPS, 22 - SSH, etc) were much quicker. You can also run sudo tc -s qdisc show dev eth1 to make sure that the number of packets handled by netem makes sense.

Network tools that simulate slow network connection

try Traffic Shaper XP
you can easily limit speed of IE or other browser with this App and its also freeware

Network traffic through a particular port using iftop

I can see 2 problems here:

1/ Is that a typo? The correct option for filtering is -f (small "f"). -F (capital "F") option is for net/mask.

2/ Though not explicitly stated by iftop documentation, the syntax for filtering seems to be the pcap one from the few examples given (and using ldd I can see that yes, the iftop binary is linked with libpcap). So a filter with http is simply not valid. To see the doc for pcap filtering syntax, have a look at pcap-filter (7) - packet filter syntax man page. In your example, a filter such as "tcp port 57787" would be OK. pcap does not do layer 5 and above protocol dissection such as http (pcap filters are handled by BPF in the kernel, so above layer 4 you're on your own, because that's none of the kernel business).

All in all, these looks like iperf bugs. It should refuse your "-F" option, and even with "-f" instead exit with an error code because pcap will refuse the filter expression. No big deal, iftop is a modest program. See edit bellow.

EDIT:

I just checked iftop version 1.0pre4 source code, and there is no such obvious bug from a look at set_filter_code() and its caller packet_init() in iftop.c. It correctly exit with error, but...

Error 2, use the "-f" option, but your incorrect filter syntax:

jbm@sumo:~$ sudo iftop -f "port http 57787"
interface: eth0
IP address is: 192.168.1.67
MAC address is: 8c:89:a5:57:10:3c
set_filter_code: syntax error

That's OK.

Error 1, the "-F" instead of "-f", there is a problem:

jbm@sumo:~$ sudo iftop -F "port http 57787"

(everything seems more or less OK, but then quit the program)

Could not parse net/mask: port http 57787
interface: eth0
IP address is: 192.168.1.67
MAC address is: 8c:89:a5:57:10:3c

Oops! "Could not parse net/mask: port http 57787"! That's a bug: it should exit right away.

Simulate dropped packets on Linux, based on protocol (UDP, TCP etc)

Use iptables instead - it has a probability option that should allow you to do this, for example:

iptables -A INPUT -m statistic -p tcp --mode random --probability 0.5 -j DROP

Adjust the various values to match the desired traffic/direction/probability.


Related Topics

How to Print Message to Stderr in Go

How to "Interconnect" Two Sockets in Linux

Embed an App into a Window

What Is the Status of Posix Asynchronous I/O (Aio)

Linux Curl Save as Utf-8

Creating a Self-Extracting Zip Archive on a Linux Box

Finding an Ip Address from an Interface Name

How to Prevent Out of Memory (Oom) Freezes on Linux

What Do the Characters in the Bash Environment Variable $- Mean

Linker Cannot Find Symbols, But Libraries Are Read and Symbols Exist

Debian 8. Failed to Load Iwlwifi

Good Svg Renderer for Linux

While Deploying More Than One Spring Boot Application in a Single Tomcat Server Means Showing Exception. How to Solve This

How to Connect to Jenkins Server (Amazon Linux Ami)

How to Pass an Environment Variable to a Netbeans Makefile on Ubuntu

Difference Between Real User Id, Effective User Id and Saved User Id

What Does This Command Do? "Exec Bash -L"

How to Delete Duplicated Rows Based in a Column Value


Leave a reply



Submit