Network Traffic Bandwidth Control and Accounting System

Navigation:  Limits >

Network Traffic Bandwidth Control and Accounting System

Previous pageReturn to chapter overviewNext page

[Beta, requires kernel lve1.4.4.el6 or higher, for CloudLinux 6 only]

 

Network traffic bandwidth control and accounting systems in CloudLinux 6 allows for each LVE container:

 

Limiting outgoing network traffic bandwidth

Accounting incoming and outgoing network traffic

 

The system supports IPv4 only protocol.

 

How to limit outgoing network traffic

 

All outgoing IP packets generated inside LVE container and marked with LVE identifier. Traffic control utility tc from iproute2 package uses this marker to set required bandwidth.

 

Note. CloudLinux doesn’t limit the network traffic itself, it only marks IP packets with specific LVE id.

 

Example 1:

 

1. We create class with HTB qdiscs and rate 10kbit:

 

tc qdisc add dev eth1 root handle 1: htb

tc class add dev eth1 parent 1: classid 1:1 htb rate 10kbit

 

2. All packets marked with LVE id will be processed by class 1:1 (rate 10kbit).

 

tc filter add dev eth1 parent 1: handle 2121 fw flowid 1:1

 

Example 2:

 

1. As an example we create class with HTB qdiscs and rate 100mbit and class 1:10 will be used by default:

 

tc qdisc add dev eth3 root handle 1: htb default 10

tc class add dev eth3 parent 1: classid 1:1 htb rate 100mbit

 

2. For class 1:1 we create two branches with rate 5 mbit and 10 kbit accordingly, with classid 1:10 and 1:20.

 

tc class add dev eth3 parent 1:1 classid 1:10 htb rate 5mbit

tc class add dev eth3 parent 1:1 classid 1:20 htb rate 10kbit

 

3. All packets marked with LVE id=2121 are processed by 10 kbit class.

 

tc filter add dev eth3 protocol ip parent 1: prio 1 handle 2121 fw flowid 1:20

 

More info about tc and its syntax can be found on the link http://tldp.org/HOWTO/Traffic-Control-HOWTO/index.html

 

Traffic accounting

 

Traffic accounting is performed for each LVE container. Network statistics is collected at /proc/lve/list file. Network-related data found at fields:

 

1.lNETO - output traffic limit by volume, equals 0*

2.lNETI - input traffic limit by volume, equals 0*

3.NETO - current outgoing traffic value

4.NETI - current incoming traffic value

 

The data is also collected at /proc/lve/per-lve/<id>/net_stat, where id is an LVE container identifier. net_stat file contains 4 values in one row:

 

1.Outgoing traffic limit by volume, equals 0*

2.Incoming traffic limit by volume, equals 0*

3.current outgoing traffic value

4.current incoming traffic value

 

Note. The current version of CloudLinux network control system doesn’t limit network traffic volume for a specific period of time (for example 3GB per day), it limits only network bandwidth.

 

Note. Network limits are supported only for processes inside LVE. By default it does not limit static content, but only PHP/cgi scripts processed by Apache and processes launched over ssh etc.