** Description changed: [Impact] The tc/tbf and tc/htb burst option is currently limited to 4 GiB (UINT_MAX for a 32-bit unsigned int). However, the kernel internally represents burst as “time at the configured rate,” which allows for bursts exceeding 4 GiB at high speeds. Due to this limitation, large bursts that are valid in the kernel cannot be configured from userspace. Conversely, smaller bursts can silently overflow the internal burst time calculation, causing invalid values to be passed to the kernel without detection, potentially resulting in misconfigured queues and incorrect rate limiting. [Test plan] Prerequisites A system with tc (iproute2) installed Root privileges Test interface (replace eth0 if needed) 1. TBF (Token Bucket Filter) 1.1 Before patch Case A: Burst >= 4GB rejected # tc qdisc add dev eth0 handle 10: root tbf rate 0.5mbit burst 4294967296 latency 70ms peakrate 1mbit minburst 1540 tbf: illegal value for "burst": "4294967296" Case B: Overflow not detected # tc qdisc add dev eth0 handle 10: root tbf rate 1mbit burst 34375000 latency 70ms peakrate 10Gbit minburst 1540 # tc qdisc show dev eth0 qdisc tbf 10: root refcnt 9 rate 1Mbit burst 15261b peakrate 10Gbit minburst 1250b lat 275s Burst was not set correctly and it should have been flagged as burst being out of range. 1.2 After the patch Case A: Burst >= 4GB supported # tc qdisc add dev eth0 handle 10: root tbf rate 10gbit burst 4294967296 latency 70ms peakrate 30Gbit mtu 64Kb # tc qdisc show dev eth0 qdisc tbf 10: root refcnt 2 rate 10Gbit burst 4Gb peakrate 30Gbit minburst 65520b lat 70ms Case B: Overflow properly rejected # tc qdisc add dev eth0 handle 10: root tbf rate 1mbit burst 34375000 latency 70ms peakrate 10Gbit minburst 1540 tbf: burst out of range 2. HTB (Hierarchical Token Bucket) 2.1 Before the patch Case A: Burst >= 4GB rejected # tc qdisc add dev eth0 root handle 1: htb # tc class add dev eth0 parent 1: classid 1:1 htb rate 10gbit ceil 10gbit burst 4gb Illegal "burst" Case B: Overflow not detected # tc class add dev eth0 parent 1: classid 1:1 htb rate 1mbit ceil 5mbit burst 34375000 # tc class show dev eth0 - class htb 1:1 root rate 1Mbit ceil 5Mbit burst 15261b + class htb 1:1 root prio 0 rate 1Mbit ceil 5Mbit burst 34359738b cburst 1600b Burst was not set correctly and it should have been flagged as burst being out of range. 2.2 After the patch Case A: Burst >= 4GB supported # tc qdisc add dev eth0 root handle 1: htb # tc class add dev eth0 parent 1: classid 1:1 htb rate 10gbit ceil 10gbit burst 4gb # tc class show dev eth0 class htb 1:1 root rate 10Gbit ceil 10Gbit burst 4Gb cburst 1680b Case B: Overflow properly rejected # tc class add dev eth0 parent 1: classid 1:1 htb rate 1mbit ceil 5mbit burst 34375000 htb: burst out of range [Where problems could occur] Externally, the main impact is that commands which previously caused silent overflows may now produce errors or fail. This could break scripts or automation that relied on the old behavior, though those scripts were already misbehaving due to the invalid configuration.
-- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/2147525 Title: [SRU] tc/tbf, tc/htb: Burst parameter capped at 4GB even though kernel can handle larger values To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/iproute2/+bug/2147525/+subscriptions -- ubuntu-bugs mailing list [email protected] https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
