Tree - source-git/iproute - CentOS Git server

source-git / iproute

Blame man/man8/tc-cgroup.8

Blob History Raw

Packit	d3f73b	`.TH "Cgroup classifier in tc" 8 " 21 Oct 2015" "iproute2" "Linux"`
Packit	d3f73b
Packit	d3f73b	`.SH NAME`
Packit	d3f73b	`cgroup \- control group based traffic control filter`
Packit	d3f73b	`.SH SYNOPSIS`
Packit	d3f73b	`.in +8`
Packit	d3f73b	`.ti -8`
Packit	d3f73b	`.BR tc " " filter " ... " cgroup " [ " match`
Packit	d3f73b	`.IR EMATCH_TREE " ] [ "`
Packit	d3f73b	`.B action`
Packit	d3f73b	`.IR ACTION_SPEC " ]"`
Packit	d3f73b	`.SH DESCRIPTION`
Packit	d3f73b	`This filter serves as a hint to`
Packit	d3f73b	`.B tc`
Packit	d3f73b	`that the assigned class ID of the net_cls control group the process the packet`
Packit	d3f73b	`originates from belongs to should be used for classification. Obviously, it is`
Packit	d3f73b	`useful for locally generated packets only.`
Packit	d3f73b	`.SH OPTIONS`
Packit	d3f73b	`.TP`
Packit	d3f73b	`.BI action " ACTION_SPEC"`
Packit	d3f73b	`Apply an action from the generic actions framework on matching packets.`
Packit	d3f73b	`.TP`
Packit	d3f73b	`.BI match " EMATCH_TREE"`
Packit	d3f73b	`Match packets using the extended match infrastructure. See`
Packit	d3f73b	`.BR tc-ematch (8)`
Packit	d3f73b	`for a detailed description of the allowed syntax in`
Packit	d3f73b	`.IR EMATCH_TREE .`
Packit	d3f73b	`.SH EXAMPLES`
Packit	d3f73b	`In order to use this filter, a net_cls control group has to be created first and`
Packit	d3f73b	`class as well as process ID(s) assigned to it. The following creates a net_cls`
Packit	d3f73b	`cgroup named "foobar":`
Packit	d3f73b
Packit	d3f73b	`.RS`
Packit	d3f73b	`.EX`
Packit	d3f73b	`modprobe cls_cgroup`
Packit	d3f73b	`mkdir /sys/fs/cgroup/net_cls`
Packit	d3f73b	`mount -t cgroup -onet_cls net_cls /sys/fs/cgroup/net_cls`
Packit	d3f73b	`mkdir /sys/fs/cgroup/net_cls/foobar`
Packit	d3f73b	`.EE`
Packit	d3f73b	`.RE`
Packit	d3f73b
Packit	d3f73b	`To assign a class ID to the created cgroup, a file named`
Packit	d3f73b	`.I net_cls.classid`
Packit	d3f73b	`has to be created which contains the class ID to be assigned as a hexadecimal,`
Packit	d3f73b	`64bit wide number. The upper 32bits are reserved for the major handle, the`
Packit	d3f73b	`remaining hold the minor. So a class ID of e.g.`
Packit	d3f73b	`.B ff:be`
Packit	d3f73b	`has to be written like so:`
Packit	d3f73b	`.B 0xff00be`
Packit	d3f73b	`(leading zeroes may be omitted). To continue the above example, the following`
Packit	d3f73b	`assigns class ID 1:2 to foobar cgroup:`
Packit	d3f73b
Packit	d3f73b	`.RS`
Packit	d3f73b	`.EX`
Packit	d3f73b	`echo 0x10002 > /sys/fs/cgroup/net_cls/foobar/net_cls.classid`
Packit	d3f73b	`.EE`
Packit	d3f73b	`.RE`
Packit	d3f73b
Packit	d3f73b	`Finally some PIDs can be assigned to the given cgroup:`
Packit	d3f73b
Packit	d3f73b	`.RS`
Packit	d3f73b	`.EX`
Packit	d3f73b	`echo 1234 > /sys/fs/cgroup/net_cls/foobar/tasks`
Packit	d3f73b	`echo 5678 > /sys/fs/cgroup/net_cls/foobar/tasks`
Packit	d3f73b	`.EE`
Packit	d3f73b	`.RE`
Packit	d3f73b
Packit	d3f73b	`Now by simply attaching a`
Packit	d3f73b	`.B cgroup`
Packit	d3f73b	`filter to a`
Packit	d3f73b	`.B qdisc`
Packit	d3f73b	`makes packets from PIDs 1234 and 5678 be pushed into class 1:2.`
Packit	d3f73b
Packit	d3f73b	`.SH SEE ALSO`
Packit	d3f73b	`.BR tc (8),`
Packit	d3f73b	`.BR tc-ematch (8),`
Packit	d3f73b	`.br`
Packit	d3f73b	`the file`
Packit	d3f73b	`.I Documentation/cgroups/net_cls.txt`
Packit	d3f73b	`of the Linux kernel tree`

source-git / iproute

Source Code

Blame man/man8/tc-cgroup.8