examples/networking/neighbor_sharing/README.txt - platform/external/bcc - Git at Google

 This example shows how a combination of BPF programs can be used to perform
 per-IP classification and rate limiting. The simulation in this example
 shows an example where N+M devices are combined and use 1 WAN. Traffic sent
 from/to the "neighbor" devices have their combined bandwidth capped at
 128kbit, and the rest of the traffic can use an additional 1Mbit.

 This works by sharing a map between various tc ingress filters, each with
 a related set of bpf functions attached. The map stores a list of dynamically
 learned ip addresses that were seen on the neighbor devices and should be
 throttled.

                          /------------\                        |
 neigh1 --|->->->->->->->-|            |                        |
 neigh2 --|->->->->->->->-|    <-128kb-|        /------\        |
 neigh3 --|->->->->->->->-|            |  wan0  | wan  |        |
          | ^             |   br100    |-<-<-<--| sim  |        |
          | clsfy_neigh() |            |   ^    \------/        |
 lan1 ----|->->->->->->->-|    <--1Mb--|   |                    |
 lan2 ----|->->->->->->->-|            |   classify_wan()       |
            ^             \------------/                        |
            pass()                                              |

 To run the example:

 $ sudo /path/to/neighbor_sharing/neighbor_sharing.py
 Starting netserver with host 'IN(6)ADDR_ANY' port '12865' and family AF_UNSPEC
 Starting netserver with host 'IN(6)ADDR_ANY' port '12865' and family AF_UNSPEC
 Starting netserver with host 'IN(6)ADDR_ANY' port '12865' and family AF_UNSPEC
 Starting netserver with host 'IN(6)ADDR_ANY' port '12865' and family AF_UNSPEC
 Starting netserver with host 'IN(6)ADDR_ANY' port '12865' and family AF_UNSPEC
 Network ready. Create a shell in the wan0 namespace and test with netperf
    (Neighbors are 172.16.1.100-102, and LAN clients are 172.16.1.150-151)
  e.g.: ip netns exec wan0 netperf -H 172.16.1.100 -l 2
 Press enter when finished:


 In another shell:
 $ sudo ip netns exec wan0 netperf -H 172.16.1.100 -l 2
 MIGRATED TCP STREAM TEST from 0.0.0.0 (0.0.0.0) port 0 AF_INET to 172.16.1.100 () port 0 AF_INET : demo
 Recv   Send    Send
 Socket Socket  Message  Elapsed
 Size   Size    Size     Time     Throughput
 bytes  bytes   bytes    secs.    10^6bits/sec

  87380  16384  16384    4.30        0.18

 $ sudo ip netns exec wan0 netperf -H 172.16.1.150 -l 2
 MIGRATED TCP STREAM TEST from 0.0.0.0 (0.0.0.0) port 0 AF_INET to 172.16.1.150 () port 0 AF_INET : demo
 Recv   Send    Send
 Socket Socket  Message  Elapsed
 Size   Size    Size     Time     Throughput
 bytes  bytes   bytes    secs.    10^6bits/sec

  87380  16384  16384    4.10        1.01


 The bandwidth is throttled according to the IP.
	This example shows how a combination of BPF programs can be used to perform
	per-IP classification and rate limiting. The simulation in this example
	shows an example where N+M devices are combined and use 1 WAN. Traffic sent
	from/to the "neighbor" devices have their combined bandwidth capped at
	128kbit, and the rest of the traffic can use an additional 1Mbit.

	This works by sharing a map between various tc ingress filters, each with
	a related set of bpf functions attached. The map stores a list of dynamically
	learned ip addresses that were seen on the neighbor devices and should be
	throttled.

	/------------\ \|
	neigh1 --\|->->->->->->->-\| \| \|
	neigh2 --\|->->->->->->->-\| <-128kb-\| /------\ \|
	neigh3 --\|->->->->->->->-\| \| wan0 \| wan \| \|
	\| ^ \| br100 \|-<-<-<--\| sim \| \|
	\| clsfy_neigh() \| \| ^ \------/ \|
	lan1 ----\|->->->->->->->-\| <--1Mb--\| \| \|
	lan2 ----\|->->->->->->->-\| \| classify_wan() \|
	^ \------------/ \|
	pass() \|

	To run the example:

	$ sudo /path/to/neighbor_sharing/neighbor_sharing.py
	Starting netserver with host 'IN(6)ADDR_ANY' port '12865' and family AF_UNSPEC
	Starting netserver with host 'IN(6)ADDR_ANY' port '12865' and family AF_UNSPEC
	Starting netserver with host 'IN(6)ADDR_ANY' port '12865' and family AF_UNSPEC
	Starting netserver with host 'IN(6)ADDR_ANY' port '12865' and family AF_UNSPEC
	Starting netserver with host 'IN(6)ADDR_ANY' port '12865' and family AF_UNSPEC
	Network ready. Create a shell in the wan0 namespace and test with netperf
	(Neighbors are 172.16.1.100-102, and LAN clients are 172.16.1.150-151)
	e.g.: ip netns exec wan0 netperf -H 172.16.1.100 -l 2
	Press enter when finished:


	In another shell:
	$ sudo ip netns exec wan0 netperf -H 172.16.1.100 -l 2
	MIGRATED TCP STREAM TEST from 0.0.0.0 (0.0.0.0) port 0 AF_INET to 172.16.1.100 () port 0 AF_INET : demo
	Recv Send Send
	Socket Socket Message Elapsed
	Size Size Size Time Throughput
	bytes bytes bytes secs. 10^6bits/sec

	87380 16384 16384 4.30 0.18

	$ sudo ip netns exec wan0 netperf -H 172.16.1.150 -l 2
	MIGRATED TCP STREAM TEST from 0.0.0.0 (0.0.0.0) port 0 AF_INET to 172.16.1.150 () port 0 AF_INET : demo
	Recv Send Send
	Socket Socket Message Elapsed
	Size Size Size Time Throughput
	bytes bytes bytes secs. 10^6bits/sec

	87380 16384 16384 4.10 1.01


	The bandwidth is throttled according to the IP.