1
混沌工程之 Linux 网络故障模拟工具 TC
作者:zuozewei
- 2022 年 1 月 17 日
本文字数:4311 字
阅读完需:约 14 分钟
一、什么是 TC?
TC(traffic control) 是 Linux 中的流量控制工具。它是通过控制 netem 来实现的网络场景模拟。该工具是直接对物理网卡生效的,如果是逻辑网卡,则该控制无效。如果是用的虚拟机,可视虚拟网卡为物理网卡。
二、什么是 HTB?
HTB 是 Hierarchy Token Bucket 的缩写。通过在实践基础上的改进,它实现了一个丰富的连接共享类别体系。使用 HTB 可以很容易地保证每个类别的带宽,虽然它也允许特定的类可以突破带宽上限,占用别的类的带宽。HTB 可以通过 TBF(Token Bucket Filter) 实现带宽限制,也能够划分类别的优先级。
三、TC 使用步骤
要对网卡进行流量控制的配置,需要进行如下的步骤:
为网卡配置一个队列
在该队列上建立分类
根据需要建立子队列和子分类
为每个分类建立过滤器
建立与过滤器配合的路由表
四、基本操作
1、正常网络
使用 iperf 产生流量
Server 端:
iperf - s复制代码
Client 端:
iperf -c 172.17.211.143 -p 5001 -i 2 -P 5复制代码
Server 端结果:
[ 12] 0.0-10.1 sec 95.2 MBytes 79.3 Mbits/sec[ 10] 0.0-10.1 sec 158 MBytes 131 Mbits/sec[ 6] 0.0-10.1 sec 116 MBytes 95.7 Mbits/sec[ 9] 0.0-10.2 sec 143 MBytes 118 Mbits/sec[ 4] 0.0-10.3 sec 183 MBytes 150 Mbits/sec[ 7] 0.0-10.3 sec 117 MBytes 96.0 Mbits/sec[ 11] 0.0-10.3 sec 156 MBytes 127 Mbits/sec[ 14] 0.0-10.3 sec 138 MBytes 113 Mbits/sec[ 8] 0.0-10.3 sec 136 MBytes 111 Mbits/sec[ 5] 0.0-10.3 sec 162 MBytes 132 Mbits/sec[SUM] 0.0-10.3 sec 1.37 GBytes 1.14 Gbits/sec复制代码
Client 端:
[ ID] Interval Transfer Bandwidth[ 6] 0.0- 2.0 sec 88.9 MBytes 373 Mbits/sec[ 4] 0.0- 2.0 sec 85.8 MBytes 360 Mbits/sec[ 5] 0.0- 2.0 sec 68.2 MBytes 286 Mbits/sec[ 7] 0.0- 2.0 sec 52.2 MBytes 219 Mbits/sec[ 3] 0.0- 2.0 sec 92.5 MBytes 388 Mbits/sec[SUM] 0.0- 2.0 sec 388 MBytes 1.63 Gbits/sec[ 4] 2.0- 4.0 sec 62.4 MBytes 262 Mbits/sec[ 6] 2.0- 4.0 sec 48.9 MBytes 205 Mbits/sec[ 5] 2.0- 4.0 sec 27.4 MBytes 115 Mbits/sec[ 3] 2.0- 4.0 sec 68.9 MBytes 289 Mbits/sec[ 7] 2.0- 4.0 sec 44.6 MBytes 187 Mbits/sec[SUM] 2.0- 4.0 sec 252 MBytes 1.06 Gbits/sec[ 3] 4.0- 6.0 sec 45.5 MBytes 191 Mbits/sec[ 5] 4.0- 6.0 sec 30.0 MBytes 126 Mbits/sec[ 4] 4.0- 6.0 sec 54.8 MBytes 230 Mbits/sec[ 6] 4.0- 6.0 sec 69.4 MBytes 291 Mbits/sec[ 7] 4.0- 6.0 sec 53.1 MBytes 223 Mbits/sec[SUM] 4.0- 6.0 sec 253 MBytes 1.06 Gbits/sec[ 4] 6.0- 8.0 sec 40.4 MBytes 169 Mbits/sec[ 6] 6.0- 8.0 sec 25.6 MBytes 107 Mbits/sec[ 7] 6.0- 8.0 sec 76.1 MBytes 319 Mbits/sec[ 3] 6.0- 8.0 sec 59.1 MBytes 248 Mbits/sec[ 5] 6.0- 8.0 sec 38.2 MBytes 160 Mbits/sec[SUM] 6.0- 8.0 sec 240 MBytes 1.00 Gbits/sec[ 6] 8.0-10.0 sec 37.8 MBytes 158 Mbits/sec[ 6] 0.0-10.0 sec 270 MBytes 227 Mbits/sec[ 4] 8.0-10.0 sec 39.9 MBytes 167 Mbits/sec[ 4] 0.0-10.1 sec 283 MBytes 234 Mbits/sec[ 5] 8.0-10.0 sec 40.8 MBytes 171 Mbits/sec[ 5] 0.0-10.1 sec 205 MBytes 169 Mbits/sec[ 7] 8.0-10.0 sec 48.0 MBytes 201 Mbits/sec[ 7] 0.0-10.1 sec 274 MBytes 227 Mbits/sec[ 3] 8.0-10.0 sec 84.8 MBytes 355 Mbits/sec[SUM] 8.0-10.0 sec 251 MBytes 1.05 Gbits/sec[ 3] 0.0-10.2 sec 351 MBytes 289 Mbits/sec[SUM] 0.0-10.2 sec 1.35 GBytes 1.14 Gbits/sec复制代码
做了多遍,都和上面的结果相似。5 个线程加在一起每秒大概 1Gbits 左右。
2、模拟网络丢包
模拟命令:
tc qdisc add dev eth0 root netem loss 10%复制代码
丢包率与带宽的关系:
3、模拟网络延迟
模拟命令:
tc qdisc add dev eth0 root netem delay 100ms复制代码
延迟与带宽的关系:
4、HTB 队列分层限制
分类配置:
tc qdisc add dev eth0 root handle 1: htb default 2
tc class add dev eth0 parent 1: classid 1:1 htb rate 100Mbps ceil 100Mbpstc class add dev eth0 parent 1:1 classid 1:2 htb rate 20Mbps ceil 20Mbpstc class add dev eth0 parent 1:1 classid 1:3 htb rate 50Mbps ceil 50Mbpstc class add dev eth0 parent 1:1 classid 1:4 htb rate 20Mbps ceil 20Mbps
tc filter add dev eth0 parent 1:0 protocol ip prio 100 routetc filter add dev eth0 parent 1:0 protocol ip prio 100 route to 2 flowid 1:2tc filter add dev eth0 parent 1:0 protocol ip prio 100 route to 3 flowid 1:3tc filter add dev eth0 parent 1:0 protocol ip prio 100 route to 4 flowid 1:4
ip route add 172.17.211.144 dev eth0 via 172.17.211.143 realm 2
[root@7dgroup ~]# tc -s class ls dev eth0class htb 1:1 root rate 800000Kbit ceil 800000Kbit burst 1600b cburst 1600b Sent 1350897 bytes 6146 pkt (dropped 0, overlimits 0 requeues 0) rate 0bit 0pps backlog 0b 0p requeues 0 lended: 0 borrowed: 0 giants: 0 tokens: 234 ctokens: 234 class htb 1:2 parent 1:1 prio 0 rate 160000Kbit ceil 160000Kbit burst 1600b cburst 1600b Sent 1350897 bytes 6146 pkt (dropped 0, overlimits 0 requeues 0) rate 0bit 0pps backlog 0b 0p requeues 0 lended: 5850 borrowed: 0 giants: 0 tokens: 1170 ctokens: 1170 class htb 1:3 parent 1:1 prio 0 rate 400000Kbit ceil 400000Kbit burst 1600b cburst 1600b Sent 0 bytes 0 pkt (dropped 0, overlimits 0 requeues 0) rate 0bit 0pps backlog 0b 0p requeues 0 lended: 0 borrowed: 0 giants: 0 tokens: 500 ctokens: 500
class htb 1:4 parent 1:1 prio 0 rate 160000Kbit ceil 160000Kbit burst 1600b cburst 1600b Sent 0 bytes 0 pkt (dropped 0, overlimits 0 requeues 0) rate 0bit 0pps backlog 0b 0p requeues 0 lended: 0 borrowed: 0 giants: 0 tokens: 1250 ctokens: 1250复制代码
5、网络限流效果
测试手段从 A 机往 B 机用 iperf 开 5 个线程发数据包。
不限制:
[ 5] 0.0-10.0 sec 168 MBytes 140 Mbits/sec[ 7] 0.0-10.1 sec 75.2 MBytes 62.4 Mbits/sec[ 8] 0.0-10.2 sec 210 MBytes 172 Mbits/sec[ 4] 0.0-10.3 sec 92.8 MBytes 75.7 Mbits/sec[ 6] 0.0-10.3 sec 158 MBytes 129 Mbits/sec[SUM] 0.0-10.3 sec 704 MBytes 574 Mbits/sec复制代码
限 10 M
[ 8] 0.0-10.2 sec 16.6 MBytes 13.7 Mbits/sec[ 4] 0.0-10.2 sec 16.4 MBytes 13.5 Mbits/sec[ 5] 0.0-10.2 sec 14.5 MBytes 11.9 Mbits/sec[ 6] 0.0-10.2 sec 25.8 MBytes 21.2 Mbits/sec[ 7] 0.0-10.2 sec 19.8 MBytes 16.2 Mbits/sec[SUM] 0.0-10.2 sec 93.0 MBytes 76.4 Mbits/sec复制代码
限 20 M
[ 5] 0.0-10.1 sec 55.6 MBytes 46.0 Mbits/sec[ 7] 0.0-10.2 sec 28.9 MBytes 23.8 Mbits/sec[ 9] 0.0-10.2 sec 26.1 MBytes 21.6 Mbits/sec[ 4] 0.0-10.2 sec 45.0 MBytes 37.1 Mbits/sec[ 6] 0.0-10.2 sec 29.5 MBytes 24.3 Mbits/sec[SUM] 0.0-10.2 sec 185 MBytes 153 Mbits/sec复制代码
限 30 M:
[ 4] 0.0-10.2 sec 53.0 MBytes 43.7 Mbits/sec[ 6] 0.0-10.2 sec 62.0 MBytes 51.1 Mbits/sec[ 8] 0.0-10.2 sec 57.9 MBytes 47.7 Mbits/sec[ 5] 0.0-10.2 sec 58.5 MBytes 48.2 Mbits/sec[ 7] 0.0-10.2 sec 46.4 MBytes 38.2 Mbits/sec[SUM] 0.0-10.2 sec 278 MBytes 229 Mbits/sec复制代码
限 40 M:
[ 5] 0.0-10.1 sec 76.6 MBytes 63.5 Mbits/sec[ 9] 0.0-10.1 sec 76.9 MBytes 63.6 Mbits/sec[ 6] 0.0-10.1 sec 72.4 MBytes 59.9 Mbits/sec[ 7] 0.0-10.1 sec 70.6 MBytes 58.5 Mbits/sec[ 4] 0.0-10.1 sec 72.9 MBytes 60.3 Mbits/sec[SUM] 0.0-10.1 sec 369 MBytes 305 Mbits/sec复制代码
限 50 M:
[ 4] 0.0-10.1 sec 89.9 MBytes 74.5 Mbits/sec[ 5] 0.0-10.1 sec 99.6 MBytes 82.5 Mbits/sec[ 8] 0.0-10.1 sec 89.9 MBytes 74.3 Mbits/sec[ 6] 0.0-10.1 sec 91.9 MBytes 76.0 Mbits/sec[ 7] 0.0-10.2 sec 89.8 MBytes 74.1 Mbits/sec[SUM] 0.0-10.2 sec 461 MBytes 381 Mbits/sec复制代码
限 60 M:
[ 4] 0.0-10.1 sec 107 MBytes 89.1 Mbits/sec[ 7] 0.0-10.1 sec 121 MBytes 101 Mbits/sec[ 9] 0.0-10.1 sec 108 MBytes 89.3 Mbits/sec[ 5] 0.0-10.1 sec 107 MBytes 89.1 Mbits/sec[ 6] 0.0-10.1 sec 107 MBytes 89.2 Mbits/sec[SUM] 0.0-10.1 sec 550 MBytes 457 Mbits/sec复制代码
限 70 M:
[ 8] 0.0-10.1 sec 178 MBytes 148 Mbits/sec[ 7] 0.0-10.1 sec 94.4 MBytes 78.5 Mbits/sec[ 4] 0.0-10.1 sec 95.0 MBytes 78.9 Mbits/sec[ 6] 0.0-10.1 sec 94.6 MBytes 78.6 Mbits/sec[ 5] 0.0-10.1 sec 178 MBytes 148 Mbits/sec[SUM] 0.0-10.1 sec 640 MBytes 531 Mbits/sec
复制代码
限 80M:
[ 7] 0.0-10.0 sec 167 MBytes 140 Mbits/sec[ 9] 0.0-10.1 sec 166 MBytes 137 Mbits/sec[ 4] 0.0-10.2 sec 99.8 MBytes 82.4 Mbits/sec[ 5] 0.0-10.2 sec 157 MBytes 129 Mbits/sec[ 6] 0.0-10.2 sec 110 MBytes 90.2 Mbits/sec[SUM] 0.0-10.2 sec 700 MBytes 574 Mbits/sec复制代码
限 90 M
[ 4] 0.0-10.0 sec 220 MBytes 184 Mbits/sec[ 7] 0.0-10.2 sec 124 MBytes 102 Mbits/sec[ 5] 0.0-10.2 sec 104 MBytes 85.2 Mbits/sec[ 8] 0.0-10.2 sec 117 MBytes 96.2 Mbits/sec[ 6] 0.0-10.2 sec 135 MBytes 111 Mbits/sec[SUM] 0.0-10.2 sec 699 MBytes 573 Mbits/sec复制代码
限 100 M
[ 4] 0.0-10.1 sec 140 MBytes 116 Mbits/sec[ 7] 0.0-10.1 sec 139 MBytes 116 Mbits/sec[ 6] 0.0-10.1 sec 145 MBytes 121 Mbits/sec[ 5] 0.0-10.1 sec 128 MBytes 106 Mbits/sec[ 9] 0.0-10.1 sec 146 MBytes 121 Mbits/sec[SUM] 0.0-10.1 sec 698 MBytes 579 Mbits/sec复制代码
五、小结
Linux 下有很多种手段可以模拟网络丢包、延迟、限流等情况,大家可以自行探索。
划线
评论
复制
发布于: 刚刚阅读数: 3
版权声明: 本文为 InfoQ 作者【zuozewei】的原创文章。
原文链接:【http://xie.infoq.cn/article/09871b5267930013bd61a7107】。
本文遵守【CC-BY 4.0】协议,转载请保留原文出处及本版权声明。
zuozewei
关注
测试及性能 | 公众号@7DGroup 2017.12.23 加入
CSDN博客专家、测试领域优质创作者,华为云云享专家、2021年度华为云社区十佳博主,掘金2021年度人气作者No.12,极客时间《全链路压测实战30讲》专栏作者之一,《性能测试实战30讲》《高楼的性能工程实战课》编委。
评论