In some cases, QoS policy shaper can generate unexpected tc filter rate rules, based on the unexpected default value of interface speed (1000mbit)
Configuration to reproduce:
touch /tmp/vyos.qos.debug set qos policy shaper SHAPE bandwidth '710mbit' set qos policy shaper SHAPE class 5 bandwidth '2%' set qos policy shaper SHAPE class 5 match tiny4 ip tcp syn set qos policy shaper SHAPE class 10 bandwidth '1%' set qos policy shaper SHAPE class 10 match dns ip protocol 'udp' set qos policy shaper SHAPE default bandwidth '95%' set qos policy shaper SHAPE default ceiling '100%' set qos policy shaper SHAPE default codel-quantum '8000' set qos interface eth1 egress SHAPE commit
After committing we can see 2 Warnings
WARNING: Interface speed cannot be determined (assuming 1000 Mbit/s)
That is strange because we set the speed manually to 710mbit
{'bandwidth': '710mbit',
'class': {'10': {'bandwidth': '1%',
'burst': '15k',
'codel_quantum': '1514',
'flows': '1024',
'interval': '100',
'match': {'dns': {'ip': {'protocol': 'udp'}}},
'queue_type': 'fq-codel',
'target': '5'},
'5': {'bandwidth': '2%',
'burst': '15k',
'codel_quantum': '1514',
'flows': '1024',
'interval': '100',
'match': {'tiny4': {'ip': {'tcp': {'syn': {}}}}},
'queue_type': 'fq-codel',
'target': '5'}},
'default': {'bandwidth': '95%',
'burst': '15k',
'ceiling': '100%',
'codel_quantum': '8000',
'flows': '1024',
'interval': '100',
'priority': '20',
'queue_type': 'fq-codel',
'target': '5'}}
DEBUG/QoS: tc qdisc replace dev eth1 root handle 1: htb r2q 444 default b
DEBUG/QoS: tc class replace dev eth1 parent 1: classid 1:1 htb rate 710000000
DEBUG/QoS: tc class replace dev eth1 parent 1:1 classid 1:5 htb rate 14200000 burst 15k quantum 1514
DEBUG/QoS: tc qdisc replace dev eth1 parent 1:5 sfq
DEBUG/QoS: tc class replace dev eth1 parent 1:1 classid 1:a htb rate 7100000 burst 15k quantum 1514
DEBUG/QoS: tc qdisc replace dev eth1 parent 1:a sfq
DEBUG/QoS: tc class replace dev eth1 parent 1:1 classid 1:b htb rate 674500000 burst 15k quantum 8000 prio 20 ceil 710000000
DEBUG/QoS: tc qdisc replace dev eth1 parent 1:b sfq
DEBUG/QoS: tc qdisc replace dev eth1 parent 1:5 fq_codel quantum 1514 flows 1024 interval 100 interval 100 target 5 noecn
DEBUG/QoS: tc filter add dev eth1 parent 1: protocol all prio 1 u32 match u8 0x2 0x2 at 33 flowid 1:5
WARNING: Interface speed cannot be determined (assuming 1000 Mbit/s)
DEBUG/QoS: tc filter add dev eth1 parent 1: protocol all prio 1 u32 match u8 0x2 0x2 at 33 flowid 1:5 action police rate 20000000 burst 15k flowid 1:5 <======== Unexpected rule with calculation 2 % of 1000mbit speed
DEBUG/QoS: tc qdisc replace dev eth1 parent 1:a fq_codel quantum 1514 flows 1024 interval 100 interval 100 target 5 noecn
DEBUG/QoS: tc filter add dev eth1 parent 1: protocol all prio 1 u32 match ip protocol 17 0xff flowid 1:a
WARNING: Interface speed cannot be determined (assuming 1000 Mbit/s)
DEBUG/QoS: tc filter add dev eth1 parent 1: protocol all prio 1 u32 match ip protocol 17 0xff flowid 1:a action police rate 10000000 burst 15k flowid 1:a <======== Unexpected rule with calculation 1 % of 1000mbit speed
DEBUG/QoS: tc qdisc replace dev eth1 parent 1:b fq_codel quantum 8000 flows 1024 interval 100 interval 100 target 5 noecnIn 1.3, we do not have those 2 tc filter rules (after each Warning)
tc filter add dev eth1 parent 1: protocol all prio 1 u32 match u8 0x2 0x2 at 33 flowid 1:5 action police rate 20000000 burst 15k flowid 1:5 tc filter add dev eth1 parent 1: protocol all prio 1 u32 match ip protocol 17 0xff flowid 1:a action police rate 10000000 burst 15k flowid 1:a
As we have proper filter flows to their classes:
tc filter add dev eth1 parent 1: protocol all prio 1 u32 match u8 0x2 0x2 at 33 flowid 1:5 tc filter add dev eth1 parent 1: protocol all prio 1 u32 match ip protocol 17 0xff flowid 1:a