From mboxrd@z Thu Jan  1 00:00:00 1970
Return-Path: <h.laimer@proxmox.com>
Received: from firstgate.proxmox.com (firstgate.proxmox.com [212.224.123.68])
 (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)
 key-exchange X25519 server-signature RSA-PSS (2048 bits))
 (No client certificate requested)
 by lists.proxmox.com (Postfix) with ESMTPS id 3CBAA60F98
 for <pve-devel@lists.proxmox.com>; Fri, 11 Sep 2020 12:08:55 +0200 (CEST)
Received: from firstgate.proxmox.com (localhost [127.0.0.1])
 by firstgate.proxmox.com (Proxmox) with ESMTP id 2D91923982
 for <pve-devel@lists.proxmox.com>; Fri, 11 Sep 2020 12:08:25 +0200 (CEST)
Received: from proxmox-new.maurer-it.com (proxmox-new.maurer-it.com
 [212.186.127.180])
 (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)
 key-exchange X25519 server-signature RSA-PSS (2048 bits))
 (No client certificate requested)
 by firstgate.proxmox.com (Proxmox) with ESMTPS id 597F723953
 for <pve-devel@lists.proxmox.com>; Fri, 11 Sep 2020 12:08:23 +0200 (CEST)
Received: from proxmox-new.maurer-it.com (localhost.localdomain [127.0.0.1])
 by proxmox-new.maurer-it.com (Proxmox) with ESMTP id 168B844B71
 for <pve-devel@lists.proxmox.com>; Fri, 11 Sep 2020 12:08:23 +0200 (CEST)
From: Hannes Laimer <h.laimer@proxmox.com>
To: pve-devel@lists.proxmox.com
Date: Fri, 11 Sep 2020 12:08:12 +0200
Message-Id: <20200911100816.80543-2-h.laimer@proxmox.com>
X-Mailer: git-send-email 2.20.1
In-Reply-To: <20200911100816.80543-1-h.laimer@proxmox.com>
References: <20200911100816.80543-1-h.laimer@proxmox.com>
MIME-Version: 1.0
Content-Transfer-Encoding: 8bit
X-SPAM-LEVEL: Spam detection results:  0
 KAM_DMARC_STATUS 0.01 Test Rule for DKIM or SPF Failure with Strict Alignment
 RCVD_IN_DNSWL_MED        -2.3 Sender listed at https://www.dnswl.org/,
 medium trust
 SPF_HELO_NONE           0.001 SPF: HELO does not publish an SPF Record
 SPF_PASS               -0.001 SPF: sender matches SPF record
 URIBL_BLOCKED 0.001 ADMINISTRATOR NOTICE: The query to URIBL was blocked. See
 http://wiki.apache.org/spamassassin/DnsBlocklists#dnsbl-block for more
 information. [network.pm]
Subject: [pve-devel] [PATCH v1 pve-common 1/5] replace rate with out/in-rate
 in setup_tc_rate_limit and tap_rate_limit
X-BeenThere: pve-devel@lists.proxmox.com
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: Proxmox VE development discussion <pve-devel.lists.proxmox.com>
List-Unsubscribe: <https://lists.proxmox.com/cgi-bin/mailman/options/pve-devel>, 
 <mailto:pve-devel-request@lists.proxmox.com?subject=unsubscribe>
List-Archive: <http://lists.proxmox.com/pipermail/pve-devel/>
List-Post: <mailto:pve-devel@lists.proxmox.com>
List-Help: <mailto:pve-devel-request@lists.proxmox.com?subject=help>
List-Subscribe: <https://lists.proxmox.com/cgi-bin/mailman/listinfo/pve-devel>, 
 <mailto:pve-devel-request@lists.proxmox.com?subject=subscribe>
X-List-Received-Date: Fri, 11 Sep 2020 10:08:55 -0000

Signed-off-by: Hannes Laimer <h.laimer@proxmox.com>
---
 src/PVE/Network.pm | 36 +++++++++++++++++++++---------------
 1 file changed, 21 insertions(+), 15 deletions(-)

diff --git a/src/PVE/Network.pm b/src/PVE/Network.pm
index 12536c7..3e7a1c1 100644
--- a/src/PVE/Network.pm
+++ b/src/PVE/Network.pm
@@ -82,7 +82,7 @@ our $ipv4_mask_hash_localnet = {
 };
 
 sub setup_tc_rate_limit {
-    my ($iface, $rate, $burst) = @_;
+    my ($iface, $outrate, $inrate, $burst) = @_;
 
     # these are allowed / expected to fail, e.g. when there is no previous rate limit to remove
     eval { run_command("/sbin/tc class del dev $iface parent 1: classid 1:1 >/dev/null 2>&1"); };
@@ -90,29 +90,35 @@ sub setup_tc_rate_limit {
     eval { run_command("/sbin/tc qdisc del dev $iface ingress >/dev/null 2>&1"); };
     eval { run_command("/sbin/tc qdisc del dev $iface root >/dev/null 2>&1"); };
 
-    return if !$rate;
-
     # tbf does not work for unknown reason
     #$TC qdisc add dev $DEV root tbf rate $RATE latency 100ms burst $BURST
     # so we use htb instead
-    run_command("/sbin/tc qdisc add dev $iface root handle 1: htb default 1");
-    run_command("/sbin/tc class add dev $iface parent 1: classid 1:1 " .
-		"htb rate ${rate}bps burst ${burst}b");
-
-    run_command("/sbin/tc qdisc add dev $iface handle ffff: ingress");
-    run_command("/sbin/tc filter add dev $iface parent ffff: " .
-		"prio 50 basic " .
-		"police rate ${rate}bps burst ${burst}b mtu 64kb " .
-		"drop");
+
+    # inrate limits the egress of the tap device (=> inrate of the VM)
+    if($inrate) {
+	run_command("/sbin/tc qdisc add dev $iface root handle 1: htb default 1");
+	run_command("/sbin/tc class add dev $iface parent 1: classid 1:1 " .
+	    "htb rate ${inrate}bps burst ${burst}b");
+    }
+
+    # outrate limits the ingress of the tap device (=> outrate of the VM)
+    if($outrate) {
+	run_command("/sbin/tc qdisc add dev $iface handle ffff: ingress");
+	run_command("/sbin/tc filter add dev $iface parent ffff: " .
+	    "prio 50 basic " .
+	    "police rate ${outrate}bps burst ${burst}b mtu 64kb " .
+	    "drop")
+    }
 }
 
 sub tap_rate_limit {
-    my ($iface, $rate) = @_;
+    my ($iface, $outrate, $inrate) = @_;
 
-    $rate = int($rate*1024*1024) if $rate;
+    $outrate = int($outrate*1024*1024) if $outrate;
+    $inrate = int($inrate*1024*1024) if $inrate;
     my $burst = 1024*1024;
 
-    setup_tc_rate_limit($iface, $rate, $burst);
+    setup_tc_rate_limit($iface, $outrate, $inrate, $burst);
 }
 
 sub read_bridge_mtu {
-- 
2.20.1