CN103634235A - Method for limiting speed of network interface of virtual machine - Google Patents
Method for limiting speed of network interface of virtual machine Download PDFInfo
- Publication number
- CN103634235A CN103634235A CN201310535389.5A CN201310535389A CN103634235A CN 103634235 A CN103634235 A CN 103634235A CN 201310535389 A CN201310535389 A CN 201310535389A CN 103634235 A CN103634235 A CN 103634235A
- Authority
- CN
- China
- Prior art keywords
- virtual machine
- network interface
- queue
- speed
- network
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Pending
Links
Images
Landscapes
- Data Exchanges In Wide-Area Networks (AREA)
Abstract
The invention relates to the technical field of cloud computation and particularly relates to a method for limiting the speed of a network interface of a virtual machine. The method comprises the following steps: 1, downlink bandwidth limitation: searching the network interface of the virtual machine in a host computer; utilizing a TC (Traffic Controller) to establish an HTB (Hierarchical Token Bucket) queue, and binding the network interface to the queue; establishing a root category for the HTB queue and setting the maximum downlink usable bandwidth in the root category; establishing a filter for the root category, filtering out the data of the network interface of which the network bandwidth needs to be set of the virtual machine and sending a limit speed to the root category; 2, uplink bandwidth limitation: searching the network interface of the virtual machine in the host computer; utilizing the TC to establish an ingress queue; establishing a filter for the default root category of the ingress queue and setting the maximum uplink usable bandwidth. The method for limiting the speed of the network interface of the virtual machine, which is provided by the invention can be used for the bandwidth control of the virtual network adapter of the virtual machine.
Description
Technical field
The present invention relates to cloud computing technology field, refer to especially a kind of method that limits virtual machine network interface rate.
Background technology
Under cloud computing environment, in order to solve the excessive use of some fictitious host computer to the network bandwidth, need to limit the network bandwidth of virtual machine.The current method that virtual network is carried out to limit bandwidth has two kinds:
The first, the mode of the soft route setting by host using the data of all virtual communications all allow its through a main frame as software gateway, by the software firewall on gateway, unify limiting bandwidth.The problem that this method exists is that all communication focuses on a main frame, when, the traffic many in virtual machine quantity is large, can become the bottleneck of communication.
The second directly directly arranges rule limits bandwidth according to the IP of virtual machine on hardware firewall or router.This method also has problem: first the IP of virtual machine is modified, and the rule on fire compartment wall or router also will be followed modification, otherwise limit invalid; Virtual machine user can utilize this point to avoid the restriction of system.Secondly, this modification just can come into force after need to being configured at the IP of virtual machine, first creates the operation flow that network is set afterwards do not meet with general virtual machine.
Summary of the invention
The technical problem that the present invention solves is to provide a kind of method that limits virtual machine network interface rate, has solved the existing problem that cannot effectively control each virtual machine network interface upstream and downstream bandwidth on cloud computing platform.
The technical scheme that the present invention solves the problems of the technologies described above is: comprise the upstream bandwidth of virtual machine network interface and downlink bandwidth are limited;
Described downlink bandwidth limits step and comprises:
Step 1: the network interface that finds virtual machine in host;
Step 2: utilize TC to set up a htb queue, and network interface is tied in this queue;
Step 3: a root classification is set up in queue for htb, and in root classification, descending maximum available bandwidth is set;
Step 4: set up a filter for root classification, the data filtering of virtual machine network interface that will setting network bandwidth out, and is issued root classification speed restriction;
Described upstream bandwidth limits step and comprises:
Step 1: the network interface that finds virtual machine in host;
Step 2: use TC to set up an ingress queue;
Step 3: the root classification for ingress queue acquiescence is set up a filter and up maximum available bandwidth is set.
Described virtual machine network interface is Microsoft Loopback Adapter, and each virtual machine generally only has a network interface; If have a plurality ofly, can limit as required one or more specific network interfaces.
Described downlink bandwidth refers to that packet enters into the speed of virtual machine network interface card the inside, the i.e. speed of download of virtual machine other main frames from network from external network;
Described upstream bandwidth refers to that packet flows out to the speed of external network from virtual machine Microsoft Loopback Adapter, and the speed that virtual machine is uploaded that is to say that others carries out the speed of communication from virtual machine.
Described TC is the flow controller in (SuSE) Linux OS, and it utilizes queue discipline to set up the queue of handle packet, and the mode being sent out by the packet in definition queue realizes the control to flow;
Described queue discipline refers to the algorithm that managing network device flow inputs or outputs.
Described htb queue is the token bucket filter of a classification, utilizes the downlink bandwidth that it can simple and effective control network interface;
Described filter refers to the proper noun of computer network, and a filter comprises some matching conditions, and the packet of different classification completes classification by the matching condition of filter.
Adopt method of the present invention can solve the existing problem that cannot effectively control each virtual machine network interface upstream and downstream bandwidth on cloud computing platform, (described QoS is Quality of Service, i.e. service quality to the QoS of raising cloud computing platform virtual machine; Being a kind of security mechanism of network, is by a kind of technology that solves the problems such as network delay and obstruction; When network over loading or when congested, QoS can guarantee that important service amount is not postponed or abandons, and guarantees the efficient operation of network simultaneously).In addition, also there is following beneficial effect:
1, method of the present invention only limits the bandwidth of the virtual machine on this host, less to the expense of host performance, can not become the bottleneck of communication;
2, method of the present invention be take limiting network interface as means, does not rely on the IP of virtual machine, in the situation that virtual machine IP is modified, limits and also still comes into force;
Whether 3, method of the present invention limiting bandwidth on host, can pass through virtual machine ID, also can find virtual machine by IP, MAC, and arranged irrelevantly with virtual machine IP, can closely gather with the operation flow of virtual machine, and practicality is stronger.
Accompanying drawing explanation
Below in conjunction with accompanying drawing, the present invention is further described:
Accompanying drawing is the inventive method flow chart.
Embodiment
As shown in the figure, the host at login virtual machine place checks that band limits the virtual machine list of network interface speed:
[root@test-ssd-kvm?xm]#virsh?list
Utilize order above to draw the ID of virtual machine, carry out as issue orders obtaining the network interface vnet11 of virtual machine test-2003:
[root@test-ssd-kvm?xm]#virsh?domiflist82
Utilize TC to set up a htb queue, and virtual machine network interface vnet11 be tied in this queue:
[root@test-ssd-kvm?xm]#tc?qdisc?add?dev?vnet11root?handle1:htb?default1
For described htb queue, set up a root classification 1:1, and up maximum available bandwidth 4000kbit be set in root classification:
[root@test-ssd-kvm?xm]#tc?class?add?dev?vnet11parent1:classid1:1htb?rate4000kbit?ceil4000kbit
For root classification, set up a filter, want setting network bandwidth virtual machine network interface data filtering out, and issue root and classify to come speed restriction:
[root@test-ssd-kvm?xm]#tc?filter?add?dev?vnet11parent1:protocol?ip?pref49152fw
[root@test-ssd-kvm?xm]#tc?filter?add?dev?vnet11parent1:protocol?ip?pref49152handle1fw?classid:1
According to step above, the downlink bandwidth of the Microsoft Loopback Adapter vnet11 of virtual machine test-2003 is limited, if want to delete, limits, carry out as issued orders:
[root@test-ssd-kvm?xm]#tc?qdisc?del?dev?vnet11root?handle1:htb?default1
Virtual machine Microsoft Loopback Adapter upstream bandwidth is set as follows:
[root@test-ssd-kvm?xm]##tc?qdisc?add?dev?vnet11ingress
Use TC to set up an ingress queue for virtual machine network interface vnet11;
[root@test-ssd-kvm?xm]#tc?filter?add?dev?vnet8parent?ffff:protocol?ip?pref49152u32match?ip?src0.0.0.0/0police?rate1000kbit?burst125kb?mtu64kb?drop?flowid:1
Carry out mentioned order and set up a filter for the root classification of ingress queue acquiescence, and up maximum available bandwidth is set is 1000kbit.
According to step above, the upstream bandwidth of the Microsoft Loopback Adapter vnet11 of virtual machine test-2003 is limited, if want to delete, limits, carry out as issued orders:
[root@test-ssd-kvm?xm]#tc?qdisc?del?dev?vnet8ingress。
Claims (7)
1. a method that limits virtual machine network interface rate, is characterized in that: comprise the upstream bandwidth of virtual machine network interface and downlink bandwidth are limited;
Described downlink bandwidth limits step and comprises:
Step 1: the network interface that finds virtual machine in host;
Step 2: utilize TC to set up a htb queue, and network interface is tied in this queue;
Step 3: a root classification is set up in queue for htb, and in root classification, descending maximum available bandwidth is set;
Step 4: set up a filter for root classification, the data filtering of virtual machine network interface that will setting network bandwidth out, and is issued root classification speed restriction;
Described upstream bandwidth limits step and comprises:
Step 1: the network interface that finds virtual machine in host;
Step 2: use TC to set up an ingress queue;
Step 3: the root classification for ingress queue acquiescence is set up a filter and up maximum available bandwidth is set.
2. the method for restriction virtual machine network interface rate according to claim 1, is characterized in that: described virtual machine network interface is Microsoft Loopback Adapter, and each virtual machine generally only has a network interface; If have a plurality ofly, can limit as required one or more specific network interfaces.
3. the method for restriction virtual machine network interface rate according to claim 1, is characterized in that: described downlink bandwidth refers to that packet enters into the speed of virtual machine network interface card the inside, the i.e. speed of download of virtual machine other main frames from network from external network;
Described upstream bandwidth refers to that packet flows out to the speed of external network from virtual machine Microsoft Loopback Adapter, and the speed that virtual machine is uploaded that is to say that others carries out the speed of communication from virtual machine.
4. the method for restriction virtual machine network interface rate according to claim 2, is characterized in that: described downlink bandwidth refers to that packet enters into the speed of virtual machine network interface card the inside, the i.e. speed of download of virtual machine other main frames from network from external network;
Described upstream bandwidth refers to that packet flows out to the speed of external network from virtual machine Microsoft Loopback Adapter, and the speed that virtual machine is uploaded that is to say that others carries out the speed of communication from virtual machine.
5. according to the method for the restriction virtual machine network interface rate described in claim 1 to 4 any one, it is characterized in that: described TC is the flow controller in (SuSE) Linux OS, it utilizes queue discipline to set up the queue of handle packet, and the mode being sent out by the packet in definition queue realizes the control to flow;
Described queue discipline refers to the algorithm that managing network device flow inputs or outputs.
6. according to the method for the restriction virtual machine network interface rate described in claim 1 to 4 any one, it is characterized in that: described htb queue is the token bucket filter of a classification, utilize the downlink bandwidth that it can simple and effective control network interface;
Described filter refers to the proper noun of computer network, and a filter comprises some matching conditions, and the packet of different classification completes classification by the matching condition of filter.
7. the method for restriction virtual machine network interface rate according to claim 5, is characterized in that: described htb queue is the token bucket filter of a classification, utilizes the downlink bandwidth that it can simple and effective control network interface;
Described filter refers to the proper noun of computer network, and a filter comprises some matching conditions, and the packet of different classification completes classification by the matching condition of filter.
Priority Applications (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN201310535389.5A CN103634235A (en) | 2013-11-01 | 2013-11-01 | Method for limiting speed of network interface of virtual machine |
Applications Claiming Priority (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN201310535389.5A CN103634235A (en) | 2013-11-01 | 2013-11-01 | Method for limiting speed of network interface of virtual machine |
Publications (1)
Publication Number | Publication Date |
---|---|
CN103634235A true CN103634235A (en) | 2014-03-12 |
Family
ID=50214875
Family Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
CN201310535389.5A Pending CN103634235A (en) | 2013-11-01 | 2013-11-01 | Method for limiting speed of network interface of virtual machine |
Country Status (1)
Country | Link |
---|---|
CN (1) | CN103634235A (en) |
Cited By (11)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN105049242A (en) * | 2015-06-30 | 2015-11-11 | 浪潮电子信息产业股份有限公司 | Network interface method capable of flexibly defining bandwidth allocation |
CN105471765A (en) * | 2015-12-22 | 2016-04-06 | 国云科技股份有限公司 | Virtual machine extranet bandwidth limitation method for cloud platform |
CN105681125A (en) * | 2015-12-28 | 2016-06-15 | 国云科技股份有限公司 | Method for counting traffic of virtual machine extranet of cloud platform |
CN105915387A (en) * | 2016-05-31 | 2016-08-31 | 新浪网技术(中国)有限公司 | External network bandwidth speed limiting method, device and system of cloud host in IaaS cloud platform |
CN106130921A (en) * | 2016-07-19 | 2016-11-16 | 北京首都在线科技股份有限公司 | Public network IP bandwidth-restricted systems and driving layer and key-course implementation method |
CN107222349A (en) * | 2017-06-23 | 2017-09-29 | 北京三快在线科技有限公司 | A kind of method and device for configuring virtual machine network interface card speed |
CN107370686A (en) * | 2017-08-08 | 2017-11-21 | 郑州云海信息技术有限公司 | A kind of flow control methods and device |
CN107800645A (en) * | 2016-09-06 | 2018-03-13 | 北京京东尚科信息技术有限公司 | The transmission of cloud host data, reception, transmission method and device |
CN108683607A (en) * | 2018-06-14 | 2018-10-19 | 新华三云计算技术有限公司 | Virtual machine traffic control method, device and server |
CN112165435A (en) * | 2020-09-29 | 2021-01-01 | 山东省计算中心(国家超级计算济南中心) | Bidirectional flow control method and system based on network service quality of virtual machine |
CN115190077A (en) * | 2021-03-22 | 2022-10-14 | 阿里巴巴(中国)有限公司 | Control method and device and computing equipment |
Citations (1)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN102088404A (en) * | 2010-12-10 | 2011-06-08 | 北京世纪互联工程技术服务有限公司 | Method for limiting speed of network card in Xen virtual machine |
-
2013
- 2013-11-01 CN CN201310535389.5A patent/CN103634235A/en active Pending
Patent Citations (1)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN102088404A (en) * | 2010-12-10 | 2011-06-08 | 北京世纪互联工程技术服务有限公司 | Method for limiting speed of network card in Xen virtual machine |
Non-Patent Citations (2)
Title |
---|
ZHANGSKD: "输入方向的流量控制", 《CSDN博客》 * |
崔文明等: "Android 平台下应用程序流量控制技术及其***实现", 《技术研究》 * |
Cited By (18)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN105049242A (en) * | 2015-06-30 | 2015-11-11 | 浪潮电子信息产业股份有限公司 | Network interface method capable of flexibly defining bandwidth allocation |
CN105471765A (en) * | 2015-12-22 | 2016-04-06 | 国云科技股份有限公司 | Virtual machine extranet bandwidth limitation method for cloud platform |
CN105471765B (en) * | 2015-12-22 | 2019-12-10 | 国云科技股份有限公司 | Virtual machine external mesh bandwidth limiting method for cloud platform |
CN105681125A (en) * | 2015-12-28 | 2016-06-15 | 国云科技股份有限公司 | Method for counting traffic of virtual machine extranet of cloud platform |
CN105681125B (en) * | 2015-12-28 | 2019-08-13 | 国云科技股份有限公司 | A kind of virtual machine outer net flow statistical method of cloud platform |
CN105915387B (en) * | 2016-05-31 | 2019-04-30 | 新浪网技术(中国)有限公司 | The outer net bandwidth speed limiting method, apparatus and system of cloud host under a kind of IaaS cloud platform |
CN105915387A (en) * | 2016-05-31 | 2016-08-31 | 新浪网技术(中国)有限公司 | External network bandwidth speed limiting method, device and system of cloud host in IaaS cloud platform |
CN106130921A (en) * | 2016-07-19 | 2016-11-16 | 北京首都在线科技股份有限公司 | Public network IP bandwidth-restricted systems and driving layer and key-course implementation method |
CN107800645A (en) * | 2016-09-06 | 2018-03-13 | 北京京东尚科信息技术有限公司 | The transmission of cloud host data, reception, transmission method and device |
CN107800645B (en) * | 2016-09-06 | 2020-05-01 | 北京京东尚科信息技术有限公司 | Cloud host data sending, receiving and transmitting method and device |
WO2018233252A1 (en) * | 2017-06-23 | 2018-12-27 | 北京三快在线科技有限公司 | Method and apparatus for configuring virtual network card rate |
CN107222349A (en) * | 2017-06-23 | 2017-09-29 | 北京三快在线科技有限公司 | A kind of method and device for configuring virtual machine network interface card speed |
CN107222349B (en) * | 2017-06-23 | 2021-09-10 | 北京三快在线科技有限公司 | Method and device for configuring network card rate of virtual machine, computer equipment and storage medium |
CN107370686A (en) * | 2017-08-08 | 2017-11-21 | 郑州云海信息技术有限公司 | A kind of flow control methods and device |
CN108683607A (en) * | 2018-06-14 | 2018-10-19 | 新华三云计算技术有限公司 | Virtual machine traffic control method, device and server |
CN112165435A (en) * | 2020-09-29 | 2021-01-01 | 山东省计算中心(国家超级计算济南中心) | Bidirectional flow control method and system based on network service quality of virtual machine |
CN115190077A (en) * | 2021-03-22 | 2022-10-14 | 阿里巴巴(中国)有限公司 | Control method and device and computing equipment |
CN115190077B (en) * | 2021-03-22 | 2023-09-22 | 阿里巴巴(中国)有限公司 | Control method, control device and computing equipment |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
CN103634235A (en) | Method for limiting speed of network interface of virtual machine | |
CN111770028B (en) | Method and network device for computer network | |
CN111682952B (en) | On-demand probing for quality of experience metrics | |
US8842536B2 (en) | Ingress rate limiting | |
CN107204931B (en) | Communication device and method for communication | |
US9692706B2 (en) | Virtual enhanced transmission selection (VETS) for lossless ethernet | |
US8908522B2 (en) | Transmission rate control | |
EP3410641A1 (en) | Network-traffic control method and network device thereof | |
US8284789B2 (en) | Methods and apparatus for providing dynamic data flow queues | |
US9571410B2 (en) | Credit-based link level flow control and credit exchange using DCBX | |
US11258717B2 (en) | Method for sending service packet, network device, and system | |
US20170149666A1 (en) | Data traffic optimization system | |
CN106453126A (en) | Virtual machine traffic control method and device | |
CN112600684B (en) | Bandwidth management and configuration method of cloud service and related device | |
WO2015175810A1 (en) | Quality of service management system for a communication network | |
M. Abdelmoniem et al. | Reducing latency in multi-tenant data centers via cautious congestion watch | |
CN111245740A (en) | Service quality strategy method and device for configuration service and computing equipment | |
CN108092787B (en) | Cache adjusting method, network controller and system | |
EP2291757B1 (en) | Method and apparatus for providing qos for mp subscribers | |
DE102018006687A1 (en) | TECHNIQUES FOR SELECTING NON-MINIMUM WAYS AND THREADING THE CONNECTION SPEEDS TO INCREASE THE THROUGHPUT IN A NETWORK | |
White et al. | Low latency DOCSIS: Technology overview | |
US9467419B2 (en) | System and method for N port ID virtualization (NPIV) login limit intimation to converged network adaptor (CNA) in NPIV proxy gateway (NPG) mode | |
KR102174979B1 (en) | Method for controlling transsion of packet in virtual switch | |
CN106130921A (en) | Public network IP bandwidth-restricted systems and driving layer and key-course implementation method | |
KR101681613B1 (en) | Apparatus and method for scheduling resources in distributed parallel data transmission system |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
PB01 | Publication | ||
PB01 | Publication | ||
C10 | Entry into substantive examination | ||
SE01 | Entry into force of request for substantive examination | ||
RJ01 | Rejection of invention patent application after publication | ||
RJ01 | Rejection of invention patent application after publication |
Application publication date: 20140312 |