search

KatharaFramework / Kathara

A lightweight container-based network emulation system.
https://www.kathara.org/
GNU General Public License v3.0
452 stars 63 forks source link

Unable to use command TC #108

Closed tiamilani closed 3 years ago

tiamilani commented 3 years ago

hello, I would like to use kathara to run different experiments with interfaces modified with the command tc to add delay and random packet dropping. I found that is not possible to use the command with the default docker image kathara/quagga So I created a new image with the command, but it's also required by docker to run the container with the flag "--cap-add NET_ADMIN" in order to properly work.

Is possible to add a flag to the kathara configuration file in order to include this flag at the container starting?

thanks, Mattia

tcaiazzi commented 3 years ago

Hi Mattia, As stated in Kathara documentation, you can start the containers with the -- privileged flag to overcome this problem. Rember that you have to use root privileges (or to start the powershell with administrator privileges, if you are on win) to use the flag.

Thanks, Tommaso.

tiamilani commented 3 years ago

Hi Tommaso, I don't think the flag --privileged is enough, if I try to use it but when I run the command: tc qdisc change dev eth0 root netem delay 100ms 20ms distribution normal I get the error: Error: Qdisc not found. To create specify NLM_F_CREATE flag.

If I run the same image in a docker container, launched with the flag --cap-add NET_ADMIN this doesn't happen

Thanks, Mattia

Skazza94 commented 3 years ago

Hi @tiamilani, first of all, tc is already shipped in the kathara/quagga image (since it is installed in iproute2, which is a package installed in kathara/base). Second, the containers are all started with the NET_ADMIN privilege by default, as you can check here. Third, are you trying to run it on Windows? Maybe Docker Desktop does not support the kernel module for tc.

We deployed a sample lab on Debian 10, without the --privileged flag, and run this command: tc qdisc add dev eth0 root netem delay 200ms and it works properly.

If the error persists on Windows, maybe you should open an issue for this on Docker Desktop repository.

tiamilani commented 3 years ago

I forgot to post more information about my system, I'm sorry. I'm using Ubuntu 18.04 here it is some information about my distro and kernel version:

Linux mattia-UX510UXK 5.4.0-52-generic #57~18.04.1-Ubuntu SMP Thu Oct 15 14:04:49 UTC 2020 x86_64 x86_64 x86_64 GNU/Linux

About your first point, yes it's shipped with kathara/base, but I was looking for using iperf that is not shipped with it, so I have a cooked image with it, I didn't mention it, sorry.

Second I found that I was always using: tc qdisc change dev eth0 root netem delay 100ms 20ms distribution normal without previously calling: tc qdisc add dev eth0 root netem ....

Now, if in the startup script I insert both, in the correct order (first the add and then the change) it works without problems in both images (mine and kathara/quagga).

So I think the problem was that there were no queueing disciplines to change and that gives the error above. I should have understood that by the message, I'm sorry that I have bothered you.

Thanks for the help, Mattia