Hi, I’m using LXD 5.1 on Ubuntu 20.04. I experience some strange behavior regarding to limit.egress of nic device. I setup iperf3 server on a host and create container via LXD.
When I set limit.egress on nic device, let’s say limit.egress=500Mbit. I use iperf3 inside the instance to test the limit and found that the actual limit is just 70Mbit/s. That’s too much far below the setting.
When I unset limit.egress. I got around 40.6 Gbit/s. limit.ingress seems to be not affected and work as expected. When I set limit.ingress=500Mbit, the test result show the actual limit is 450 Mbit/s as expected (not much below the limit). This problem occurs on both virtual machine and container instance. How can I fix this problem?
Thank you in advance.
I suspect you can’t and that it just has to do with how the traffic control kernel API handles the limit.
Can you run tc qdisc show on the host to make sure that the limits LXD is setting do line up with what you requested?
I didn’t understand nor known what tc command output was so I capture tc monitor output during container creation and deletion instead. The config are limits.egress=670Mbit and limits.ingress=580Mbit
[2022-05-04T13:44:55.013761] deleted qdisc noqueue 0: dev vethf13ff564 root
[2022-05-04T13:44:55.013820] qdisc htb 1: dev vethf13ff564 root r2q 10 default 0x10 direct_packets_stat 0 direct_qlen 1000
[2022-05-04T13:44:55.015138] class htb 1:10 dev vethf13ff564 root prio 0 rate 580Mbit ceil 580Mbit burst 1522b cburst 1522b
[2022-05-04T13:44:55.016673] added chain dev vethf13ff564 parent 1: chain 0
[2022-05-04T13:44:55.016720] added filter dev vethf13ff564 parent 1: protocol all pref 49152 u32 chain 0 fh 800::800 order 2048 key ht 800 bkt 0 flowid 1:1 not_in_hw
match 00000000/00000000 at 0
[2022-05-04T13:44:55.018378] qdisc ingress ffff: dev vethf13ff564 parent ffff:fff1 ----------------
[2022-05-04T13:44:55.019671] added chain dev vethf13ff564 parent ffff: chain 0
[2022-05-04T13:44:55.048295] added filter dev vethf13ff564 parent ffff: protocol all pref 49152 u32 chain 0 fh 800::800 order 2048 key ht 800 bkt 0 terminal flowid ??? not_in_hw
match 00000000/00000000 at 0
police 0x1 rate 670Mbit burst 1048550b mtu 64Kb action drop overhead 0b
ref 1 bind 1
[2022-05-04T13:45:45.020489] deleted chain dev vethf13ff564 parent ffff: chain 0
[2022-05-04T13:45:45.020547] deleted chain dev vethf13ff564 parent 1: chain 0
looks like it match up with my config. too bad it didn’t do what I expected 