xref: /OK3568_Linux_fs/kernel/Documentation/admin-guide/cgroup-v1/net_cls.rst (revision 4882a59341e53eb6f0b4789bf948001014eff981) 
1*4882a593Smuzhiyun=========================
2*4882a593SmuzhiyunNetwork classifier cgroup
3*4882a593Smuzhiyun=========================
4*4882a593Smuzhiyun
5*4882a593SmuzhiyunThe Network classifier cgroup provides an interface to
6*4882a593Smuzhiyuntag network packets with a class identifier (classid).
7*4882a593Smuzhiyun
8*4882a593SmuzhiyunThe Traffic Controller (tc) can be used to assign
9*4882a593Smuzhiyundifferent priorities to packets from different cgroups.
10*4882a593SmuzhiyunAlso, Netfilter (iptables) can use this tag to perform
11*4882a593Smuzhiyunactions on such packets.
12*4882a593Smuzhiyun
13*4882a593SmuzhiyunCreating a net_cls cgroups instance creates a net_cls.classid file.
14*4882a593SmuzhiyunThis net_cls.classid value is initialized to 0.
15*4882a593Smuzhiyun
16*4882a593SmuzhiyunYou can write hexadecimal values to net_cls.classid; the format for these
17*4882a593Smuzhiyunvalues is 0xAAAABBBB; AAAA is the major handle number and BBBB
18*4882a593Smuzhiyunis the minor handle number.
19*4882a593SmuzhiyunReading net_cls.classid yields a decimal result.
20*4882a593Smuzhiyun
21*4882a593SmuzhiyunExample::
22*4882a593Smuzhiyun
23*4882a593Smuzhiyun	mkdir /sys/fs/cgroup/net_cls
24*4882a593Smuzhiyun	mount -t cgroup -onet_cls net_cls /sys/fs/cgroup/net_cls
25*4882a593Smuzhiyun	mkdir /sys/fs/cgroup/net_cls/0
26*4882a593Smuzhiyun	echo 0x100001 >  /sys/fs/cgroup/net_cls/0/net_cls.classid
27*4882a593Smuzhiyun
28*4882a593Smuzhiyun- setting a 10:1 handle::
29*4882a593Smuzhiyun
30*4882a593Smuzhiyun	cat /sys/fs/cgroup/net_cls/0/net_cls.classid
31*4882a593Smuzhiyun	1048577
32*4882a593Smuzhiyun
33*4882a593Smuzhiyun- configuring tc::
34*4882a593Smuzhiyun
35*4882a593Smuzhiyun	tc qdisc add dev eth0 root handle 10: htb
36*4882a593Smuzhiyun	tc class add dev eth0 parent 10: classid 10:1 htb rate 40mbit
37*4882a593Smuzhiyun
38*4882a593Smuzhiyun- creating traffic class 10:1::
39*4882a593Smuzhiyun
40*4882a593Smuzhiyun	tc filter add dev eth0 parent 10: protocol ip prio 10 handle 1: cgroup
41*4882a593Smuzhiyun
42*4882a593Smuzhiyunconfiguring iptables, basic example::
43*4882a593Smuzhiyun
44*4882a593Smuzhiyun	iptables -A OUTPUT -m cgroup ! --cgroup 0x100001 -j DROP
45