3 # Bandwidth limit module for PlanetLab nodes. The intent is to use the
4 # Hierarchical Token Bucket (HTB) queueing discipline (qdisc) to allow
5 # slices to fairly share access to available node bandwidth. We
6 # currently define three classes of "available node bandwidth":
8 # 1. Available hardware bandwidth (bwmax): The maximum rate of the
11 # 2. Available capped bandwidth (bwcap): The maximum rate allowed to
12 # non-exempt destinations. By default, equal to bwmax, but may be
15 # 3. Available uncapped ("exempt") bandwidth: The difference between
16 # bwmax and what is currently being used of bwcap, or the maximum rate
17 # allowed to destinations exempt from caps (e.g., Internet2).
19 # All three classes of bandwidth are fairly shared according to the
20 # notion of "shares". For instance, if the node is capped at 5 Mbps,
21 # there are N slices, and each slice has 1 share, then each slice
22 # should get at least 5/N Mbps of bandwidth. How HTB is implemented
23 # makes this statement a little too simplistic. What it really means
24 # is that during any single time period, only a certain number of
25 # bytes can be sent onto the wire. Each slice is guaranteed that at
26 # least some small number of its bytes will be sent. Whatever is left
27 # over from the budget, is split in proportion to the number of shares
30 # Even if the node is not capped at a particular limit (bwcap ==
31 # bwmax), this module enforces fair share access to bwmax. Also, if
32 # the node is capped at a particular limit, rules may optionally be
33 # defined that classify certain packets into the "exempt" class. This
34 # class receives whatever bandwidth is leftover between bwcap and
35 # bwmax; slices fairly share this bandwidth as well.
37 # The root context is exempt from sharing and can send as much as it
42 # 1. http://lartc.org/howto for how to use tc
43 # 2. http://luxik.cdi.cz/~devik/qos/htb/ for info on HTB
45 # Andy Bavier <acb@cs.princeton.edu>
46 # Mark Huang <mlhuang@cs.princeton.edu>
47 # Copyright (C) 2006 The Trustees of Princeton University
49 # $Id: bwlimit.py,v 1.13 2006/11/27 22:32:59 mlhuang Exp $
52 import sys, os, re, getopt
57 # Where the tc binary lives
66 # bwmin should be small enough that it can be considered negligibly
67 # slow compared to the hardware. 8 bits/second appears to be the
68 # smallest value supported by tc.
71 # bwmax should be large enough that it can be considered at least as
72 # fast as the hardware.
73 bwmax = 1000*1000*1000
75 # quantum is the maximum number of bytes that can be borrowed by a
76 # share (or slice, if each slice gets 1 share) in one time period
77 # (with HZ=1000, 1 ms). If multiple slices are competing for bandwidth
78 # above their guarantees, and each is attempting to borrow up to the
79 # node bandwidth cap, quantums control how the excess bandwidth is
80 # distributed. Slices with 2 shares will borrow twice the amount in
81 # one time period as slices with 1 share, so averaged over time, they
82 # will get twice as much of the excess bandwidth. The value should be
83 # as small as possible and at least 1 MTU. By default, it would be
84 # calculated as bwmin/10, but since we use such small a value for
85 # bwmin, it's better to just set it to a value safely above 1 Ethernet
89 # cburst is the maximum number of bytes that can be burst onto the
90 # wire in one time period (with HZ=1000, 1 ms). If multiple slices
91 # have data queued for transmission, cbursts control how long each
92 # slice can have the wire for. If not specified, it is set to the
93 # smallest possible value that would enable the slice's "ceil" rate
94 # (usually the node bandwidth cap), to be reached if a slice was able
95 # to borrow enough bandwidth to do so. For now, it's unclear how or if
96 # to relate this to the notion of shares, so just let tc set the
100 # There is another parameter that controls how bandwidth is allocated
101 # between slices on nodes that is outside the scope of HTB. We enforce
102 # a 16 GByte/day total limit on each slice, which works out to about
103 # 1.5mbit. If a slice exceeds this byte limit before the day finishes,
104 # it is capped at (i.e., its "ceil" rate is set to) the smaller of the
105 # node bandwidth cap or 1.5mbit. pl_mom is in charge of enforcing this
106 # rule and executes this script to override "ceil".
108 # We support multiple bandwidth limits, by reserving the top nibble of
109 # the minor classid to be the "subclassid". Theoretically, we could
110 # support up to 15 subclasses, but for now, we only define two: the
111 # "default" subclass 1:10 that is capped at the node bandwidth cap (in
112 # this example, 5mbit) and the "exempt" subclass 1:20 that is capped
113 # at bwmax (i.e., not capped). The 1:1 parent class exists only to
114 # make the borrowing model work. All bandwidth above minimum
115 # guarantees is fairly shared (in this example, slice 2 is guaranteed
116 # at least 1mbit in addition to fair access to the rest), subject to
117 # the restrictions of the class hierarchy: namely, that the total
118 # bandwidth to non-exempt destinations should not exceed the node
124 # ______________|_____________
126 # 1:10 (8bit, 5mbit) 1:20 (8bit, 1gbit)
128 # 1:1000 (8bit, 5mbit), 1:2000 (8bit, 1gbit),
129 # 1:1001 (8bit, 5mbit), 1:2001 (8bit, 1gbit),
130 # 1:1002 (1mbit, 5mbit), 1:2002 (1mbit, 1gbit),
132 # 1:1FFF (8bit, 5mbit) 1:2FFF (8bit, 1gbit)
134 default_minor = 0x1000
135 exempt_minor = 0x2000
137 # root_xid is for the root context. The root context is exempt from
138 # fair sharing in both the default and exempt subclasses. The root
139 # context gets 5 shares by default.
143 # default_xid is for unclassifiable packets. Packets should not be
144 # classified here very often. They can be if a slice's HTB classes are
145 # deleted before its processes are. Each slice gets 1 share by
150 # See tc_util.c and http://physics.nist.gov/cuu/Units/binary.html. Be
151 # warned that older versions of tc interpret "kbps", "mbps", "mbit",
152 # and "kbit" to mean (in this system) "kibps", "mibps", "mibit", and
153 # "kibit" and that if an older version is installed, all rates will
154 # be off by a small fraction.
162 "gibit": 1024*1024*1024,
164 "tibit": 1024*1024*1024*1024,
165 "tbit": 1000000000000,
169 "mibps": 8*1024*1024,
171 "gibps": 8*1024*1024*1024,
173 "tibps": 8*1024*1024*1024*1024,
174 "tbps": 8000000000000
180 Parses an integer or a tc rate string (e.g., 1.5mbit) into bits/second
185 m = re.match(r"([0-9.]+)(\D*)", s)
188 suffix = m.group(2).lower()
189 if suffixes.has_key(suffix):
190 return int(float(m.group(1)) * suffixes[suffix])
195 def format_tc_rate(rate):
197 Formats a bits/second rate into a tc rate string
200 if rate >= 1000000000 and (rate % 1000000000) == 0:
201 return "%.0fgbit" % (rate / 1000000000.)
202 elif rate >= 1000000 and (rate % 1000000) == 0:
203 return "%.0fmbit" % (rate / 1000000.)
205 return "%.0fkbit" % (rate / 1000.)
207 return "%.0fbit" % rate
210 # Parse /etc/planetlab/bwcap (or equivalent)
211 def read_bwcap(bwcap_file):
214 fp = open(bwcap_file, "r")
215 line = fp.readline().strip()
217 bwcap = get_tc_rate(line)
225 def get_bwcap(dev = dev):
227 Get the current (live) value of the node bandwidth cap
230 state = tc("-d class show dev %s" % dev)
231 base_re = re.compile(r"class htb 1:10 parent 1:1 .*ceil ([^ ]+) .*")
232 base_classes = filter(None, map(base_re.match, state))
235 if len(base_classes) > 1:
236 raise Exception, "unable to get current bwcap"
237 return get_tc_rate(base_classes[0].group(1))
242 Get slice name ("princeton_mlh") from slice xid (500)
247 if xid == default_xid:
250 return pwd.getpwuid(xid).pw_name
258 Get slice xid ("princeton_mlh") from slice name ("500" or "princeton_mlh")
263 if slice == "default":
270 return pwd.getpwnam(slice).pw_uid
276 def run(cmd, input = None):
278 Shortcut for running a shell command
283 sys.stderr.write("Executing: " + cmd + "\n")
285 fileobj = os.popen(cmd, "r")
286 output = fileobj.readlines()
288 fileobj = os.popen(cmd, "w")
291 if fileobj.close() is None:
300 Shortcut for running a tc command
303 return run(TC + " " + cmd)
306 def init(dev = dev, bwcap = bwmax):
308 (Re)initialize the bandwidth limits on this node
311 # Load the module used to manage exempt classes
312 run("/sbin/modprobe ip_set_iphash")
314 # Save current settings
315 paramslist = get(None, dev)
317 # Delete root qdisc 1: if it exists. This will also automatically
318 # delete any child classes.
319 for line in tc("qdisc show dev %s" % dev):
320 # Search for the root qdisc 1:
321 m = re.match(r"qdisc htb 1:", line)
323 tc("qdisc del dev %s root handle 1:" % dev)
326 # Initialize HTB. The "default" clause specifies that if a packet
327 # fails classification, it should go into the class with handle
329 tc("qdisc add dev %s root handle 1: htb default %x" % \
330 (dev, default_minor | default_xid))
332 # Set up a parent class from which all subclasses borrow.
333 tc("class add dev %s parent 1: classid 1:1 htb rate %dbit" % \
336 # Set up a subclass that represents the node bandwidth cap. We
337 # allow each slice to borrow up to this rate, so it is also
338 # usually the "ceil" rate for each slice.
339 tc("class add dev %s parent 1:1 classid 1:10 htb rate %dbit ceil %dbit" % \
342 # Set up a subclass that represents "exemption" from the node
343 # bandwidth cap. Once the node bandwidth cap is reached, bandwidth
344 # to exempt destinations can still be fairly shared up to bwmax.
345 tc("class add dev %s parent 1:1 classid 1:20 htb rate %dbit ceil %dbit" % \
348 # Set up the root class (and tell VNET what it is). Packets sent
349 # by root end up here and are capped at the node bandwidth
351 on(root_xid, dev, share = root_share)
352 file("/proc/sys/vnet/root_class", "w").write("%d" % ((1 << 16) | default_minor | root_xid))
354 # Set up the default class. Packets that fail classification end
356 on(default_xid, dev, share = default_share)
358 # Restore old settings
361 minexemptrate, maxexemptrate,
362 bytes, exemptbytes) in paramslist:
363 if xid not in (root_xid, default_xid):
364 on(xid, dev, share, minrate, maxrate, minexemptrate, maxexemptrate)
367 def get(xid = None, dev = dev):
369 Get the bandwidth limits and current byte totals for a
370 particular slice xid as a tuple (xid, share, minrate, maxrate,
371 minexemptrate, maxexemptrate, bytes, exemptbytes), or all classes
372 as a list of such tuples.
384 # class htb 1:1000 parent 1:10 leaf 1000: prio 0 quantum 8000 rate 8bit ceil 10000Kbit ...
385 # Sent 6851486 bytes 49244 pkt (dropped 0, overlimits 0 requeues 0)
387 # class htb 1:2000 parent 1:20 leaf 2000: prio 0 quantum 8000 rate 8bit ceil 1000Mbit ...
388 # Sent 0 bytes 0 pkt (dropped 0, overlimits 0 requeues 0)
390 for line in tc("-s -d class show dev %s" % dev):
391 # Rate parameter line
392 params = re.match(r"class htb 1:([0-9a-f]+) parent 1:(10|20)", line)
394 stats = re.match(r".* Sent ([0-9]+) bytes", line)
396 ignore = re.match(r"class htb", line)
398 if params is not None:
400 if params.group(2) == "10":
407 bytes = 'exemptbytes'
410 id = int(params.group(1), 16) & 0x0FFF;
412 if rates.has_key(id):
419 m = re.search(r"quantum (\d+)", line)
421 rate['share'] = int(m.group(1)) / quantum
425 m = re.search(r"rate (\w+)", line)
427 rate[min] = get_tc_rate(m.group(1))
431 m = re.search(r"ceil (\w+)", line)
433 rate[max] = get_tc_rate(m.group(1))
435 # Which statistics to parse
436 rate['stats'] = bytes
440 elif stats is not None:
442 rate[rate['stats']] = int(stats.group(1))
444 elif ignore is not None:
447 # Keep parsing until we get everything
448 if rate is not None and \
449 rate.has_key('min') and rate.has_key('minexempt') and \
450 rate.has_key('max') and rate.has_key('maxexempt') and \
451 rate.has_key('bytes') and rate.has_key('exemptbytes'):
452 params = (rate['id'], rate['share'],
453 rate['min'], rate['max'],
454 rate['minexempt'], rate['maxexempt'],
455 rate['bytes'], rate['exemptbytes'])
457 # Return a list of parameters
460 elif xid == rate['id']:
461 # Return the parameters for this class
468 def on(xid, dev = dev, share = None, minrate = None, maxrate = None, minexemptrate = None, maxexemptrate = None):
470 Apply specified bandwidth limit to the specified slice xid
473 # Get defaults from current state if available
482 if minexemptrate is None:
483 minexemptrate = cap[4]
484 if maxexemptrate is None:
485 maxexemptrate = cap[5]
487 # Figure out what the current node bandwidth cap is
492 share = default_share
496 minrate = get_tc_rate(minrate)
500 maxrate = get_tc_rate(maxrate)
501 if minexemptrate is None:
502 minexemptrate = minrate
504 minexemptrate = get_tc_rate(minexemptrate)
505 if maxexemptrate is None:
506 maxexemptrate = bwmax
508 maxexemptrate = get_tc_rate(maxexemptrate)
517 if minrate > maxrate:
519 if maxexemptrate > bwmax:
520 maxexemptrate = bwmax
521 if minexemptrate > maxexemptrate:
522 minexemptrate = maxexemptrate
524 # Set up subclasses for the slice
525 tc("class replace dev %s parent 1:10 classid 1:%x htb rate %dbit ceil %dbit quantum %d" % \
526 (dev, default_minor | xid, minrate, maxrate, share * quantum))
528 tc("class replace dev %s parent 1:20 classid 1:%x htb rate %dbit ceil %dbit quantum %d" % \
529 (dev, exempt_minor | xid, minexemptrate, maxexemptrate, share * quantum))
531 # Attach a FIFO to each subclass, which helps to throttle back
532 # processes that are sending faster than the token buckets can
534 tc("qdisc replace dev %s parent 1:%x handle %x pfifo" % \
535 (dev, default_minor | xid, default_minor | xid))
537 tc("qdisc replace dev %s parent 1:%x handle %x pfifo" % \
538 (dev, exempt_minor | xid, exempt_minor | xid))
541 def set(xid, share = None, minrate = None, maxrate = None, minexemptrate = None, maxexemptrate = None):
542 on(xid = xid, share = share,
543 minrate = minrate, maxrate = maxrate,
544 minexemptrate = minexemptrate, maxexemptrate = maxexemptrate)
547 # Remove class associated with specified slice xid. If further packets
548 # are seen from this slice, they will be classified into the default
550 def off(xid, dev = dev):
552 Remove class associated with specified slice xid. If further
553 packets are seen from this slice, they will be classified into the
554 default class 1:1FFF.
559 tc("class del dev %s classid 1:%x" % (dev, default_minor | xid))
560 tc("class del dev %s classid 1:%x" % (dev, exempt_minor | xid))
563 def exempt_init(group_name, node_ips):
565 Initialize the list of destinations exempt from the node bandwidth
570 iptables = "/sbin/iptables -t vnet %s POSTROUTING"
572 run("/sbin/ipset -X " + group_name)
574 # Create a hashed IP set of all of these destinations
575 lines = ["-N %s iphash" % group_name]
576 add_cmd = "-A %s " % group_name
577 lines += [(add_cmd + ip) for ip in node_ips]
579 restore = "\n".join(lines) + "\n"
580 run("/sbin/ipset -R", restore)
582 # Add rule to match on destination IP set
583 run((iptables + " -m set --set %s dst -j CLASSIFY --set-class 1:%x") %
584 ("-A", group_name, exempt_minor))
588 bwcap_description = format_tc_rate(get_bwcap())
593 %s [OPTION]... [COMMAND] [ARGUMENT]...
596 -d device Network interface (default: %s)
597 -r rate Node bandwidth cap (default: %s)
598 -q quantum Share multiplier (default: %d bytes)
599 -n Print rates in numeric bits per second
600 -v Enable verbose debug messages
605 (Re)initialize all bandwidth parameters
606 on slice [share|-] [minrate|-] [maxrate|-] [minexemptrate|-] [maxexemptrate|-]
607 Set bandwidth parameter(s) for the specified slice
609 Remove all bandwidth parameters for the specified slice
611 Get all bandwidth parameters for all slices
613 Get bandwidth parameters for the specified slice
614 """ % (sys.argv[0], dev, bwcap_description, quantum)
619 global dev, quantum, verbose
625 (opts, argv) = getopt.getopt(sys.argv[1:], "d:nr:q:vh")
626 for (opt, optval) in opts:
632 bwcap = get_tc_rate(optval)
634 quantum = int(optval)
641 if argv[0] == "init" or (argv[0] == "on" and len(argv) == 1):
643 init(dev, get_tc_rate(bwcap))
645 elif argv[0] == "get" or argv[0] == "show":
648 # Show a particular slice
649 xid = get_xid(argv[1])
651 sys.stderr.write("Error: Invalid slice name or context '%s'\n" % argv[1])
653 params = get(xid, dev)
657 paramslist = [params]
660 paramslist = get(None, dev)
664 minexemptrate, maxexemptrate,
665 bytes, exemptbytes) in paramslist:
666 slice = get_slice(xid)
668 # Orphaned (not associated with a slice) class
671 print "%s %d %d %d %d %d %d %d" % \
674 minexemptrate, maxexemptrate,
677 print "%s %d %s %s %s %s %d %d" % \
679 format_tc_rate(minrate), format_tc_rate(maxrate),
680 format_tc_rate(minexemptrate), format_tc_rate(maxexemptrate),
685 xid = get_xid(argv[1])
687 sys.stderr.write("Error: Invalid slice name or context '%s'\n" % argv[1])
690 if argv[0] == "on" or argv[0] == "add" or argv[0] == "replace" or argv[0] == "set":
694 # ... share, minrate, maxrate, minexemptrate, maxexemptrate
695 casts = [int, get_tc_rate, get_tc_rate, get_tc_rate, get_tc_rate]
696 for i, arg in enumerate(argv[2:]):
702 args.append(casts[i](arg))
705 elif argv[0] == "off" or argv[0] == "del":
716 if __name__ == '__main__':