[Requires kernel lve1.4.4.el6 or higher, or lve1.4.56.el7 or higher]
Network traffic bandwidth control and accounting systems in CloudLinux 6 allows for each LVE container:
•Limiting outgoing network traffic bandwidth
•Accounting incoming and outgoing network traffic
The system supports IPv4 only protocol.
How to limit outgoing network traffic
All outgoing IP packets generated inside LVE container and marked with LVE identifier. Traffic control utility tc from iproute2 package uses this marker to set required bandwidth.
Note. CloudLinux doesn’t limit the network traffic itself, it only marks IP packets with specific LVE id.
1. We create class with HTB qdiscs and rate 10kbit:
tc qdisc add dev eth1 root handle 1: htb
tc class add dev eth1 parent 1: classid 1:1 htb rate 10kbit
2. All packets marked with LVE id will be processed by class 1:1 (rate 10kbit).
tc filter add dev eth1 parent 1: handle 2121 fw flowid 1:1
1. As an example we create class with HTB qdiscs and rate 100mbit and class 1:10 will be used by default:
tc qdisc add dev eth3 root handle 1: htb default 10
tc class add dev eth3 parent 1: classid 1:1 htb rate 100mbit
2. For class 1:1 we create two branches with rate 5 mbit and 10 kbit accordingly, with classid 1:10 and 1:20.
tc class add dev eth3 parent 1:1 classid 1:10 htb rate 5mbit
tc class add dev eth3 parent 1:1 classid 1:20 htb rate 10kbit
3. All packets marked with LVE id=2121 are processed by 10 kbit class.
tc filter add dev eth3 protocol ip parent 1: prio 1 handle 2121 fw flowid 1:20
More info about tc and its syntax can be found on the link http://tldp.org/HOWTO/Traffic-Control-HOWTO/index.html
Traffic accounting is performed for each LVE container. Network statistics is collected at /proc/lve/list file. Network-related data found at fields:
1.lNETO - output traffic limit by volume, equals 0*
2.lNETI - input traffic limit by volume, equals 0*
3.NETO - current outgoing traffic value
4.NETI - current incoming traffic value
The data is also collected at /proc/lve/per-lve/<id>/net_stat, where id is an LVE container identifier. net_stat file contains 4 values in one row:
1.Outgoing traffic limit by volume, equals 0*
2.Incoming traffic limit by volume, equals 0*
3.current outgoing traffic value
4.current incoming traffic value
Note. The current version of CloudLinux network control system doesn’t limit network traffic volume for a specific period of time (for example 3GB per day), it limits only network bandwidth.
Note. Network limits are supported only for processes inside LVE. By default it does not limit static content, but only PHP/cgi scripts processed by Apache and processes launched over ssh etc.