--DRL manual--
DRL employs two principal abstractions, limiters and identities.
An identity is a group of nodes that are cooperating to enforce a rate limit.
At any given node, an identity structure consists of a rate limit, a flow
accounting table, a list of neighboring nodes, and other accounting
information. Our implementation currently supports two types of identities.
"Machine" identities limit the outgoing rate of all traffic leaving a machine,
regardless of the traffic's sender. "Set" identities limit the outgoing rate
of some subset of the traffic leaving a machine. Sets can contain other sets
as well as leaves (which correspond to slivers in PlanetLab).
A limiter is an entity which contains (and schedules) identities, attributes
packets to identities, and sends and receives messages to other limiters on
behalf of identities. Typically, there will be only one limiter per node,
and it will be responsible for one or more identities.
-Implementation and configuration-
ulogd_DRL is a plugin for ulogd, the Linux userspace packet logging daemon.
Using DRL requires that two configuration files be configured appropriately.
The first file is ulogd's configuration file. Ulogd has a number of
configuration options that are not relevant to DRL, and an explanation of those
can be found in the ulogd documentation. The DRL sections of the ulogd config
file are as follows:
The ulogd_DRL.so plugin must be loaded. This is accomplished with a line such
as:
plugin="/usr/lib/ulogd/ulogd_DRL.so"
where /usr/lib/ulogd/ is the path of your ulogd plugin directory. After the
"plugin" line, the following parameters must be present:
[DRL]
nodelimit=0
policy=FPS
estintms=500
drl_logfile="/root/pl1-log"
drl_loglevel 2
drl_configfile="/root/config.xml"
nodelimit specifies a static limit on the amount of network traffic that can be
sent by the node (megabits/sec). NOTE: Set this to 0 for unlimited.
policy specifies the enforcement policy. Valid options are GRD and FPS. GRD
is currently broken, so use FPS for now.
estintms is the estimate interval. This specifies the time interval at which
DRL can schedule identity updates. Lower values give better responsiveness but
incur higher overhead. NOTE: this is in milliseconds.
drl_logfile specifies where the drl logfile should be written.
drl_loglevel specifies the verbosity of logging. 1 - Debug, 2 - Warn,
3 - Critical
drl_configfile specifies the location of the second, DRL-only configuration
file.
The second file (whose location is determined by drl_configfile) is an XML file
containing a series of DRL identity specifications. DRL supports two types of
identities. 1) machine identities: A machine identity is responsible for
limiting all traffic that leaves a machine, regardless of the traffic's sliver
of origin. 2) set identities: A set identity is responsible for limiting the
traffic from a set of slivers or other set identities.
The following is an example DRL configuration file:
137.110.222.242
137.110.222.243
137.110.222.240
1f9
137.110.222.245
1fa
20
This file creates one machine identity and two set identities. The resulting
hierarchy would look like this, where 1f9 and 1fa are slivers:
11
|
21
/ \
20 1fa
|
1f9
With each identity specifier, the following fields must be defined:
id is a globally unique identifier for the identity.
limit is the identity's rate limit (in megabits per second).
commfabric specifies the way in which the identity communicates with its peers.
Valid options are MESH and GOSSIP. If GOSSIP is select, the branch field must
be present and positive.
branch specifies the number of peers to which a message should be sent during
each estimate interval. Note that this field is ignored when commfabric is
MESH.
accounting specifies the packet accounting mechanism. Just leave this as
STANDARD for now, or bad things might happen. :)
ewma determines the extent to which rate changes are smoothed using rate
history information. 0.1 is generally a good value.
intervals specifies the number of estimate intervals (defined in the ulogd
config file) to wait between updates. For example, if the estimate interval is
500ms and an identity sets intervals to 2, the identity will be scheduled for
updates once every second.
Each identity must also have one or more peers. Peers are listed within
tags inside the identity specifier. In addition to peers, set identities must
also have at least one or tag. tags refer to slice ids for
slices that are available at the local node. tags refer to the globally
unique id of another set identity.