Also, tc doesn't support port-specific operations as that's all handled in
a different space of the kernel. Only iptables can do port-specific
traffic shaping. You'd have to do something really clever like direct all
non port 22 traffic from specified ip to a tap interface off of a bridge
and then use tc on that interface, but if you can't mess with iptables
without lots of paperwork, I imagine making virtual network adapters public
is also not a possibility.
On Thu, Feb 25, 2016 at 12:26 AM, Todd Millecam <
tyggna@gmail.com> wrote:
> well, for that, then it's a:
> match ip src/dst 10.208.208.0/21
> appended onto your tc.
> To emulate loss, you'd use netem as well and just append a loss 1% to the
> end.
>
> Lastly, to get a proper range you'd want to change delay 100ms to the
> average and then the range, so like:
> delay 175ms 75ms loss 1%
>
> It's all in the same tc module, so man tc-netem will be a lot more helpful
> than me.
>
> On Wed, Feb 24, 2016 at 6:17 PM, Bryan O'Neal <
> Bryan.ONeal@theonealandassociates.com> wrote:
>
>> Can't mess with IP tables on the server. Well I could but that would
>> require a week of paperwork ;)
>>
>> Something like match ip src 10.208.208.0/21 match ip should work in tc
>> but how do I say not port? I know I can say sport but not sure about port
>> and I have no idea how to say "not port"
>>
>> as for latency range delay takes 2 arguments so it would be netem delay
>> 100ms 150ms would be from 100ms-250ms delay. IIRC
>>
>> Also you are using outbound/root, which I know is more full featured.
>> Trying to get something to work on inbound... I think I may just be too
>> tired and should probably call it a day and try tomorrow... Unless an
>> expert show up with a magic pill for me so I don't have to think at 7am :)
>>
>> On Wed, Feb 24, 2016 at 6:06 PM, Todd Millecam <tyggna@gmail.com> wrote:
>>
>>> tc qdisc add dev eth0 root netem delay 100ms
>>> iptables -A INPUT -m statistic --mode random --probability 0.01 -j DROP
>>>
>>>
>>> That should get you started
>>>
>>>
>>> On Wed, Feb 24, 2016 at 5:52 PM, Bryan O'Neal <
>>> Bryan.ONeal@theonealandassociates.com> wrote:
>>>
>>>> I am looking for a tc command that will add 100-250ms of latency
>>>> to all traffic that is not on port 22
>>>> to/from an ip range like 10.208.208.0/21.
>>>>
>>>> Bonus:
>>>> I would also like 0-1% packet loss
>>>> I would like this on inbound (ingress) not outbound (root) traffic
>>>>
>>>> Any one able to help?
>>>>
>>>> ---------------------------------------------------
>>>> PLUG-discuss mailing list - PLUG-discuss@lists.phxlinux.org
>>>> To subscribe, unsubscribe, or to change your mail settings:
>>>> http://lists.phxlinux.org/mailman/listinfo/plug-discuss
>>>>
>>>
>>>
>>>
>>> --
>>> Todd Millecam
>>>
>>> ---------------------------------------------------
>>> PLUG-discuss mailing list - PLUG-discuss@lists.phxlinux.org
>>> To subscribe, unsubscribe, or to change your mail settings:
>>> http://lists.phxlinux.org/mailman/listinfo/plug-discuss
>>>
>>
>>
>> ---------------------------------------------------
>> PLUG-discuss mailing list - PLUG-discuss@lists.phxlinux.org
>> To subscribe, unsubscribe, or to change your mail settings:
>> http://lists.phxlinux.org/mailman/listinfo/plug-discuss
>>
>
>
>
> --
> Todd Millecam
>
--
Todd Millecam
---------------------------------------------------
PLUG-discuss mailing list -
PLUG-discuss@lists.phxlinux.org
To subscribe, unsubscribe, or to change your mail settings:
http://lists.phxlinux.org/mailman/listinfo/plug-discuss