• brakmo's avatar
    bpf: Sample HBM BPF program to limit egress bw · 187d0738
    brakmo authored
    A cgroup skb BPF program to limit cgroup output bandwidth.
    It uses a modified virtual token bucket queue to limit average
    egress bandwidth. The implementation uses credits instead of tokens.
    Negative credits imply that queueing would have happened (this is
    a virtual queue, so no queueing is done by it. However, queueing may
    occur at the actual qdisc (which is not used for rate limiting).
    
    This implementation uses 3 thresholds, one to start marking packets and
    the other two to drop packets:
                                     CREDIT
           - <--------------------------|------------------------> +
                 |    |          |      0
                 |  Large pkt    |
                 |  drop thresh  |
      Small pkt drop             Mark threshold
          thresh
    
    The effect of marking depends on the type of packet:
    a) If the packet is ECN enabled, then the packet is ECN ce marked.
       The current mark threshold is tuned for DCTCP.
    c) Else, it is dropped if it is a large packet.
    
    If the credit is below the drop threshold, the packet is dropped.
    Note that dropping a packet through the BPF program does not trigger CWR
    (Congestion Window Reduction) in TCP packets. A future patch will add
    support for triggering CWR.
    
    This BPF program actually uses 2 drop thresholds, one threshold
    for larger packets (>= 120 bytes) and another for smaller packets. This
    protects smaller packets such as SYNs, ACKs, etc.
    
    The default bandwidth limit is set at 1Gbps but this can be changed by
    a user program through a shared BPF map. In addition, by default this BPF
    program does not limit connections using loopback. This behavior can be
    overwritten by the user program. There is also an option to calculate
    some statistics, such as percent of packets marked or dropped, which
    the user program can access.
    
    A latter patch provides such a program (hbm.c)
    Signed-off-by: default avatarLawrence Brakmo <brakmo@fb.com>
    Signed-off-by: default avatarAlexei Starovoitov <ast@kernel.org>
    187d0738
hbm_out_kern.c 5.02 KB