Limiting Bandwidth for Solaris Zones
Posted by Sam
I love Solaris. I mean I really love it. Using zones and ZFS is like a breath of fresh air. If I had one complaint it's that Solaris is sometimes over-documented. I know that seems strange at first, but case in point is trying to setup IPQoS to simply limit the bandwidth on a particular zone. This week I decided that I need to take some time and figure out how to limit a zone to only using 1mb of bandwidth. So I started by looking around on the web and there was nothing. It was a ghost town. Some people were talking about, but nobody had a simple example of how to implement it. In the Linux world there would be a million how-tos. More than half of which are out of date and of questionable quality, but they are out there none the less.
Since I couldn't get any love from the internet at large I decided to look at the documentation that Sun provides. Sun's documentation is great, but often times it's overkill. Or they expect that you've been to some training class and already have a pretty decent understanding of what you are doing. The documentation for IPQoS was no different. It came in at 72 pages when printed and was not at all helpful. Ugh! Finally, I put together a solution and I thought I would share it here. Hopefully it will help others as well.
In Solaris 10 update 4 there are three example files for QoS in the /etc/inet directory so I created a new file there. Here are the contents of the file.
fmt_version 1.0
The important parts of the file are committed_rate, committed_burst and peak_burst. Basically this tells IPQoS that it should start dropping packets whenever the bandwidth exceeds 1 megabit (1,048,576 bits). In the example above I have a class named web1 and a filter that's also named web1 that points to the class web1. These can be named anything you like, but make sure that filter > class has the same name as class > name.
action {
module ipgpc
name ipgpc.classify
params {
global_stats TRUE
}
class {
name web1
next_action cap
enable_stats FALSE
}
filter {
name web1
daddr 10.1.1.5
class web1
}
}
action {
module tokenmt
name cap
params {
committed_rate 1048576
committed_burst 1048576
peak_burst 1048576
red_action_name drop
green_action_name continue
yellow_action_name continue
global_stats TRUE
}
}
After you create the file above you can active it by using ipqosconf like so:
bash-3.00# ipqosconf -a ipqos.conf
Be sure to substitute the name of the file above for ipqos.conf. Assuming you don't have any errors you should be good to go!
Comments
Be the first to leave a comment.