Network simulator for Linux machine can be used for testing protocols by emulating the different properties of wide area networks such as packet loss, delay, packet duplication, packet reordering and other. Netem can be installed on Linux PC, two network cards will be used as incoming/outgoing traffic.
Be noticed: Netem emulates the network impairments for all packets going out of the local Ethernet card.
The example below demonstrate how set up a test bed with Netem tool using Debian Linux PC (you will probably need three network cards: two for traffic emulation and one for remote management):
1. Install bridge-utils package on Linuc PC:
aptitude install bridge-utils
2. Set up an ethernet bridge between two Linux PC network cards:
ifconfig eth1 0.0.0.0
ifconfig eth2 0.0.0.0
brctl addbr mybridge
brctl addif mybridge eth1
brctl addif mybridge eth2
ifconfig mybridge up
3. Enable promisc mode on the network interfaces: : the promisc mode allows to accept and forward the ethernet frames with any Ethernet MAC-Dest address (otherwise the network card will drop the ethernet frames with MAC-Dest address which don't match to its own MAC-Dest address):
ifconfig eth1 promisc
ifconfig eth2 promisc
4. Verify that traffic pass through the Linux bridge:
- if some traffic does not pass through the bridge (IP, VLAN-tagged):
## Turn off filtering (IP, ARP, VLAN-tagged, etc in kernel):
cd /proc/sys/net/bridge
ls
bridge-nf-call-arptables bridge-nf-call-iptables
bridge-nf-call-ip6tables bridge-nf-filter-vlan-tagged
for f in bridge-nf-*; do echo 0 > $f; done
5. Emulate different impairments in DUT-1 to DUT-2 direction:
- 50% packets to be randomly dropped on output of Eth2:
tc qdisc add dev eth2 root netem loss 50%
- add a fixed amount of delay (100 ms) to all packets going out of Eth2:
tc qdisc add dev eth2 root netem delay 100ms
- packet duplication:
- to remove a previuosly added impairment:
You can find a much more examples on http://www.linuxfoundation.org/collaborate/workgroups/networking/netem
P.S. I discovered that Netem is not very well performs delay/duplication of packets on high rate speeds. For example on TDM CESoEthernet PWs (2.048/1.544 Mbits/sec). But it is sufficiently good for slow rate protocols: ICMP, IGMP and etc.
Be noticed: Netem emulates the network impairments for all packets going out of the local Ethernet card.
The example below demonstrate how set up a test bed with Netem tool using Debian Linux PC (you will probably need three network cards: two for traffic emulation and one for remote management):
1. Install bridge-utils package on Linuc PC:
aptitude install bridge-utils
2. Set up an ethernet bridge between two Linux PC network cards:
ifconfig eth1 0.0.0.0
ifconfig eth2 0.0.0.0
brctl addbr mybridge
brctl addif mybridge eth1
brctl addif mybridge eth2
ifconfig mybridge up
3. Enable promisc mode on the network interfaces: : the promisc mode allows to accept and forward the ethernet frames with any Ethernet MAC-Dest address (otherwise the network card will drop the ethernet frames with MAC-Dest address which don't match to its own MAC-Dest address):
ifconfig eth1 promisc
ifconfig eth2 promisc
4. Verify that traffic pass through the Linux bridge:
- if some traffic does not pass through the bridge (IP, VLAN-tagged):
## Turn off filtering (IP, ARP, VLAN-tagged, etc in kernel):
cd /proc/sys/net/bridge
ls
bridge-nf-call-arptables bridge-nf-call-iptables
bridge-nf-call-ip6tables bridge-nf-filter-vlan-tagged
for f in bridge-nf-*; do echo 0 > $f; done
5. Emulate different impairments in DUT-1 to DUT-2 direction:
- 50% packets to be randomly dropped on output of Eth2:
tc qdisc add dev eth2 root netem loss 50%
- add a fixed amount of delay (100 ms) to all packets going out of Eth2:
tc qdisc add dev eth2 root netem delay 100ms
- packet duplication:
tc qdisc add dev eth2 root netem duplicate 5%
- to remove a previuosly added impairment:
tc qdisc del dev eth2 root netem duplicate 5%
You can find a much more examples on http://www.linuxfoundation.org/collaborate/workgroups/networking/netem
P.S. I discovered that Netem is not very well performs delay/duplication of packets on high rate speeds. For example on TDM CESoEthernet PWs (2.048/1.544 Mbits/sec). But it is sufficiently good for slow rate protocols: ICMP, IGMP and etc.
I am to use netem in order to limit the bandwidth of various ip's uplink and downlink limitations.I have created a bridge between 2 computers in linum kernel and testing it.I am using the following command but its not working.
ReplyDeletetc qdisc add dev eth0 root handle 1:0 htb default 99
tc class add dev eth0 parent 1:0 classid 1:1 htb rate 100Mbit ceil 100Mbit
tc class add dev eth0 parent 1:1 classid 1:11 htb rate 200Kbit ceil 200Kbit prio 2
tc qdisc add dev eth0 parent 1:11 handle 10: sfq perturb 10
tc qdisc add dev eth1 root handle 2:0 htb default 99
tc class add dev eth1 parent 2:0 classid 2:1 htb rate 100Mbit ceil 100Mbit
tc class add dev eth1 parent 2:1 classid 2:11 htb rate 5Mbit ceil 5Mbit prio 2
tc qdisc add dev eth1 parent 2:11 handle 20: sfq perturb 10
then to limit users you use 2 iptables lines per user
to limit uploads:
iptables -t mangle -A POSTROUTING -o eth0 -p tcp -s 192.168.0.100 -j CLASSIFY --set-class 1:11
to limit downloads
iptables -t mangle -A POSTROUTING -o eth1 -p tcp -d 192.168.0.100 -j CLASSIFY --set class 2:11
The simliest way to to limit the bandwidth using Netem is emulating of % packets to be randomly dropped on output of Linux Eth interface. IPtables and "tc class" rules are not required for that.
DeleteFor example, if emulate 50% of packet loss on 100Mbits connection you will have bandwidth of 50 Mbits/sec.
This comment has been removed by the author.
ReplyDeleteThis comment has been removed by the author.
ReplyDeletehello,
ReplyDeleteplease if you have idea about the NETEM installation step in fedora 15.
Hello, is it possible to use netem with ethernet frames not carrying IP traffic? For instance by selecting ethernet type filed or mac address?
ReplyDeleteThanks
It is nossible.
DeleteNetem process all ethernet frames sending out from Linux interface.