On Thu, Mar 15, 2018 at 3:06 AM, Angel Lopez <[email protected]> wrote: > Hi, > > I need to limit the network bandwidth available to each LXC container using > cgroup's net_cls.classid feature. Each LXC container would have its own > classid value in such a way that all packets from containers would be tagged > with the classid and afterwards classified in the correct host configured > traffic class where the bandwidht limit applies. > > To achieve this, I followed these steps: > > 1. Configure traffic control: > > # tc qdisc del dev eno54 root
Asking the obvious, have you used tc (directly, not via wrapper) in another setup (e.g. VMs, physical server) where it successfully works as expected? > Expected behaviour: iperf running on container lxctest1 being limited to 10 > Mbps and iperf running on lxctest2 container being limited to 50 Mbps. > What I get: both iperf running unconstrained at maximum speed. What I've tested and works, is use fireqos (https://github.com/firehol/firehol/wiki/FireQOS-Tutorial). One of the things that might make it different compared to using tc directly is the presence of ifb interfaces. Be careful with 'upload' and 'download', it might be reversed in your setup. In my case I use IPs to limit BW. In your case it might be easier to use persistent veth names on host side instead (or, as the wiki mentioned, iptables' classify and mark targets). -- Fajar _______________________________________________ lxc-users mailing list [email protected] http://lists.linuxcontainers.org/listinfo/lxc-users
