1 FLOWADM(1M) Maintenance Commands FLOWADM(1M)
2
3
4
5 NAME
6 flowadm - administer bandwidth resource control and priority for
7 protocols, services, containers, and virtual machines
8
9 SYNOPSIS
10 flowadm show-flow [-pP] [-S] [-s [-i interval]] [-l link]
11 [-o field[,...]] [flow]
12
13
14 flowadm add-flow [-t] [-R root-dir] -l link -a attr=value[,...]
15 -p prop=value[,...] flow
16 flowadm remove-flow [-t] [-R root-dir] {-l link | flow}
17
18
19 flowadm set-flowprop [-t] [-R root-dir] -p prop=value[,...] flow
20 flowadm reset-flowprop [-t] [-R root-dir] [-p prop[,...]] flow
21 flowadm show-flowprop [-cP] [-l link] [-o field[,...]]
22 [-p prop[,...]] [flow]
23
24
25 flowadm show-usage [-a] [-d | {-p plotfile -F format}] [-s time]
26 [-e time] -f filename [flow]
27
28
29 DESCRIPTION
30 The flowadm command is used to create, modify, remove, and show
31 networking bandwidth and associated resources for a type of traffic on
32 a particular link.
33
34
35 The flowadm command allows users to manage networking bandwidth
36 resources for a transport, service, or a subnet. The service is
37 specified as a combination of transport and local port. The subnet is
38 specified by its IP address and subnet mask. The command can be used on
39 any type of data link, including physical links, virtual NICs, and link
40 aggregations.
41
42
43 A flow is defined as a set of attributes based on Layer 3 and Layer 4
44 headers, which can be used to identify a protocol, service, or a
45 virtual machine. When a flow is identified based on flow attributes,
46 separate kernel resources including layer 2, 3, and 4 queues, their
47 processing threads, and other resources are uniquely created for it,
48 such that other traffic has minimal or zero impact on it.
49
50
51 Inbound and outbound packet are matched to flows in a very fast and
52 scalable way, so that limits can be enforced with minimal performance
53 impact.
54
55
56 The flowadm command can be used to identify a flow without imposing any
57 bandwidth resource control. This would result in the traffic type
58 getting its own resources and queues so that it is isolated from rest
59 of the networking traffic for more observable and deterministic
60 behavior.
61
62
63 flowadm is implemented as a set of subcommands with corresponding
64 options. Options are described in the context of each subcommand.
65
66 SUBCOMMANDS
67 The following subcommands are supported:
68
69 flowadm show-flow [-pP] [-s [-i interval]] [-o field[,...]] [-l link]
70 [flow]
71
72 Show flow configuration information (the default) or statistics,
73 either for all flows, all flows on a link, or for the specified
74 flow.
75
76 -o field[,...]
77
78 A case-insensitive, comma-separated list of output fields to
79 display. The field name must be one of the fields listed below,
80 or a special value all, to display all fields. For each flow
81 found, the following fields can be displayed:
82
83 flow
84
85 The name of the flow.
86
87
88 link
89
90 The name of the link the flow is on.
91
92
93 ipaddr
94
95 IP address of the flow. This can be either local or remote
96 depending on how the flow was defined.
97
98
99 transport
100
101 The name of the layer for protocol to be used.
102
103
104 port
105
106 Local port of service for flow.
107
108
109 dsfield
110
111 Differentiated services value for flow and mask used with
112 DSFIELD value to state the bits of interest in the
113 differentiated services field of the IP header.
114
115
116
117 -p, --parsable
118
119 Display using a stable machine-parsable format.
120
121
122 -P, --persistent
123
124 Display persistent flow property information.
125
126
127 -S, --continuous
128
129 Continuously display network utilization by flow in a manner
130 similar to the way that prstat(1M) displays CPU utilization by
131 process.
132
133
134 -s, --statistics
135
136 Displays flow statistics.
137
138
139 -i interval, --interval=interval
140
141 Used with the -s option to specify an interval, in seconds, at
142 which statistics should be displayed. If this option is not
143 specified, statistics are displayed once.
144
145
146 -l link, --link=link | flow
147
148 Display information for all flows on the named link or
149 information for the named flow.
150
151
152
153 flowadm add-flow [-t] [-R root-dir] -l link -a attr=value[,...] -p
154 prop=value[,...] flow
155
156 Adds a flow to the system. The flow is identified by its flow
157 attributes and properties.
158
159 As part of identifying a particular flow, its bandwidth resource
160 can be limited and its relative priority to other traffic can be
161 specified. If no bandwidth limit or priority is specified, the
162 traffic still gets its unique layer 2, 3, and 4 queues and
163 processing threads, including NIC hardware resources (when
164 supported), so that the selected traffic can be separated from
165 others and can flow with minimal impact from other traffic.
166
167 -t, --temporary
168
169 The changes are temporary and will not persist across reboots.
170 Persistence is the default.
171
172
173 -R root-dir, --root-dir=root-dir
174
175 Specifies an alternate root directory where flowadm should
176 apply persistent creation.
177
178
179 -l link, --link=link
180
181 Specify the link to which the flow will be added.
182
183
184 -a attr=value[,...], --attr=value
185
186 A comma-separated list of attributes to be set to the specified
187 values.
188
189
190 -p prop=value[,...], --prop=value[,...]
191
192 A comma-separated list of properties to be set to the specified
193 values.
194
195
196
197 flowadm remove-flow [-t] [-R root-dir] -l {link | flow}
198
199 Remove an existing flow identified by its link or name.
200
201 -t, --temporary
202
203 The changes are temporary and will not persist across reboots.
204 Persistence is the default.
205
206
207 -R root-dir, --root-dir=root-dir
208
209 Specifies an alternate root directory where flowadm should
210 apply persistent removal.
211
212
213 -l link | flow, --link=link | flow
214
215 If a link is specified, remove all flows from that link. If a
216 single flow is specified, remove only that flow.
217
218
219
220 flowadm set-flowprop [-t] [-R root-dir] -p prop=value[,...] flow
221
222 Set values of one or more properties on the flow specified by name.
223 The complete list of properties can be retrieved using the show-
224 flow subcommand.
225
226 -t, --temporary
227
228 The changes are temporary and will not persist across reboots.
229 Persistence is the default.
230
231
232 -R root-dir, --root-dir=root-dir
233
234 Specifies an alternate root directory where flowadm should
235 apply persistent setting of properties.
236
237
238 -p prop=value[,...], --prop=value[,...]
239
240 A comma-separated list of properties to be set to the specified
241 values.
242
243
244
311
312 Flow properties are documented in the "Flow Properties" section,
313 below.
314
315 -c
316
317 Display using a stable machine-parsable format.
318
319
320 -P, --persistent
321
322 Display persistent flow property information.
323
324
325 -p prop[,...], --prop=prop[,...]
326
327 A comma-separated list of properties to show.
328
329
330
331 flowadm show-usage [-a] [-d | {-p plotfile -F format}] [-s time] [-e
332 time] [flow]
333
334 Show the historical network flow usage from a stored extended
335 accounting file. Configuration and enabling of network accounting
336 through acctadm(1M) is required. The default output will be the
337 summary of flow usage for the entire period of time in which
338 extended accounting was enabled.
339
340 -a
341
342 Display all historical network usage for the specified period
343 of time during which extended accounting is enabled. This
344 includes the usage information for the flows that have already
345 been deleted.
346
347
348 -d
349
350 Display the dates for which there is logging information. The
351 date is in the format DD/MM/YYYY.
352
353
354 -F format
355
356 Specifies the format of plotfile that is specified by the -p
357 option. As of this release, gnuplot is the only supported
358 format.
359
360
361 -p plotfile
362
363 When specified with -s or -e (or both), outputs flow usage data
364 to a file of the format specified by the -F option, which is
365 required.
366
367
368 -s time, -e time
369
370 Start and stop times for data display. Time is in the format
371 YYYY.MM.DD,hh:mm:ss.
372
373
374 -f filename
375
376 Read extended accounting records of network flow usage from
377 filename.
378
379
380 flow
381
382 If specified, display the network flow usage only from the
383 named flow. Otherwise, display network usage from all flows.
384
385
386
387 Flow Attributes
388 The flow operand that identify a flow in a flowadm command is a comma-
389 separated list of one or more keyword, value pairs from the list below.
390
391 local_ip[/prefix_len]
392
393 Identifies a network flow by the local IP address. value must be a
394 IPv4 address in dotted-decimal notation or an IPv6 address in
395 colon-separated notation. prefix_len is optional.
396
397 If prefix_len is specified, it describes the netmask for a subnet
398 address, following the same notation convention of ifconfig(1M) and
399 route(1M) addresses. If unspecified, the given IP address will be
400 considered as a host address for which the default prefix length
401 for a IPv4 address is /32 and for IPv6 is /128.
402
403
404 remote_ip[/prefix_len]
405
406 Identifies a network flow by the remote IP address. The syntax is
407 the same as local_ip attributes
408
409
410 transport={tcp|udp|sctp|icmp|icmpv6}
411
412 Identifies a layer 4 protocol to be used. It is typically used in
413 combination with local_port to identify the service that needs
414 special attention.
415
416
417 local_port
418
419 Identifies a service specified by the local port.
420
421
422 dsfield[:dsfield_mask]
423
424 Identifies the 8-bit differentiated services field (as defined in
425 RFC 2474).
426
427 The optional dsfield_mask is used to state the bits of interest in
428 the differentiated services field when comparing with the dsfield
429 value. A 0 in a bit position indicates that the bit value needs to
430 be ignored and a 1 indicates otherwise. The mask can range from
431 0x01 to 0xff. If dsfield_mask is not specified, the default mask
432 0xff is used. Both the dsfield value and mask must be in
433 hexadecimal.
434
435
436
437 The following five types of combinations of attributes are supported:
438
439 local_ip[/prefixlen]=address
440 remote_ip[/prefixlen]=address
441 transport={tcp|udp|sctp|icmp|icmpv6}
442 transport={tcp|udp|sctp},local_port=port
443 dsfield=val[:dsfield_mask]
444
445
446
447
448 On a given link, the combinations above are mutually exclusive. An
449 attempt to create flows of different combinations will fail.
450
451 Restrictions
452 There are individual flow restrictions and flow restrictions per zone.
453
454 Individual Flow Restrictions
455 Restrictions on individual flows do not require knowledge of other
456 flows that have been added to the link.
457
458
459 An attribute can be listed only once for each flow. For example, the
460 following command is not valid:
461
462 # flowadm add-flow -l vnic1 -a local_port=80,local_port=8080 httpflow
463
464
465
466
467 transport and local_port:
468
469
505
506
507 priority
508
509 Sets the relative priority for the flow. The value can be given as
510 one of the tokens high, medium, or low. The default is medium.
511
512
513 EXAMPLES
514 Example 1 Creating a Policy Around a Mission-Critical Port
515
516
517 The command below creates a policy around inbound HTTPS traffic on an
518 HTTPS server so that HTTPS obtains dedicated NIC hardware and kernel
519 TCP/IP resources. The name specified, https-1, can be used later to
520 modify or delete the policy.
521
522
523 # flowadm add-flow -l bge0 -a transport=TCP,local_port=443 https-1
524 # flowadm show-flow -l bge0
525 FLOW LINK IP ADDR PROTO PORT DSFLD
526 https1 bge0 -- tcp 443 --
527
528
529
530 Example 2 Modifying an Existing Policy to Add Bandwidth Resource
531 Control
532
533
534 The following command modifies the https-1 policy from the preceding
535 example. The command adds bandwidth control and give the policy a high
536 priority.
537
538
539 # flowadm set-flowprop -p maxbw=500M,priority=high https-1
540 # flowadm show-flow https-1
541 FLOW LINK IP ADDR PROTO PORT DSFLD
542 https1 bge0 -- tcp 443 --
543
544 # flowadm show-flowprop https-1
545 FLOW PROPERTY VALUE DEFAULT POSSIBLE
546 https-1 maxbw 500 -- --
547 https-1 priority HIGH -- LOW,NORMAL,HIGH
548
549
550
551 Example 3 Limiting the UDP Bandwidth Usage
552
553
554 The following command creates a policy for UDP protocol so that it
555 cannot consume more than 100Mbps of available bandwidth. The flow is
556 named limit-udp-1.
557
558
559 # flowadm add-flow -l bge0 -a transport=UDP -p maxbw=100M, \
560 priority=low limit-udp-1
561
562
563
564 Example 4 Showing Flow Usage
565
566
567 Flow usage statistics can be stored using the extended accounting
568 facility, acctadm(1M).
569
570
571 # acctadm -e extended -f /var/log/net.log net
572
573 # acctadm net
574 Network accounting: active
575 Network accounting file: /var/log/net.log
576 Tracked Network resources: extended
577 Untracked Network resources: none
578
579
580
581
582 The historical data that was saved can be retrieved in summary form
583 using the show-usage subcommand of flowadm.
584
585
586 Example 5 Setting Policy, Making Use of dsfield Attribute
587
588
589 The following command sets a policy for EF PHB (DSCP value of 101110
590 from RFC 2598) with a bandwidth of 500 Mbps and a high priority. The
591 dsfield value for this flow will be 0x2e (101110) with the dsfield_mask
592 being 0xfc (because we want to ignore the 2 least significant bits).
593
594
595 # flowadm add-flow -l bge0 -a dsfield=0x2e:0xfc \
596 -p maxbw=500M,priority=high efphb-flow
597
598
599
600
601 Display summary information:
602
603
604 # flowadm show-usage -f /var/log/net.log
605 FLOW DURATION IPACKETS RBYTES OPACKETS OBYTES BANDWIDTH
606 flowtcp 100 1031 546908 0 0 43.76 Kbps
607 flowudp 0 0 0 0 0 0.00 Mbps
608
609
610
611
612 Display dates for which logging information is available:
613
614
615 # flowadm show-usage -d -f /var/log/net.log
616 02/19/2008
617
618
619
620
621 Display logging information for flowtcp starting at 02/19/2008,
622 10:38:46 and ending at 02/19/2008, 10:40:06:
623
624
625 # flowadm show-usage -s 02/19/2008,10:39:06 -e 02/19/2008,10:40:06 \
626 -f /var/log/net.log flowtcp
627 FLOW TIME IPACKETS RBYTES OPACKETS OBYTES BANDWIDTH
628 flowtcp 10:39:06 1 1546 4 6539 3.23 Kbps
629 flowtcp 10:39:26 2 3586 5 9922 5.40 Kbps
630 flowtcp 10:39:46 1 240 1 216 182.40 bps
631 flowtcp 10:40:06 0 0 0 0 0.00 bps
632
633
634
635
636 Output the same information as above as a plotfile:
637
638
639 # flowadm show-usage -s 02/19/2008,10:39:06 -e 02/19/2008,10:40:06 \
640 -p /home/plot/myplot -F gnuplot -f /var/log/net.log flowtcp
641 # Time tcp-flow
642 10:39:06 3.23
643 10:39:26 5.40
644 10:39:46 0.18
645 10:40:06 0.00
646
647
648
649 EXIT STATUS
650 0
651
652 All actions were performed successfully.
653
654
655 >0
656
657 An error occurred.
658
659
660 ATTRIBUTES
661 See attributes(5) for descriptions of the following attributes:
662
663
664
665
666 +--------------------+-----------------+
667 | ATTRIBUTE TYPE | ATTRIBUTE VALUE |
668 +--------------------+-----------------+
669 |Interface Stability | Committed |
670 +--------------------+-----------------+
671
672 SEE ALSO
673 acctadm(1M), dladm(1M), ifconfig(1M), prstat(1M), route(1M),
674 attributes(5), dlpi(7P)
675
676
677
678 April 9, 2016 FLOWADM(1M)
|
1 FLOWADM(1M) Maintenance Commands FLOWADM(1M)
2
3
4
5 NAME
6 flowadm - administer bandwidth resource control and priority for
7 protocols, services, containers, and virtual machines
8
9 SYNOPSIS
10 flowadm add-flow [-t] [-R root-dir] -l link -a attr=value[,...]
11 [-p prop=value[,...]] flow
12 flowadm remove-flow [-t] [-R root-dir] {-l link | flow}
13 flowadm show-flow [-p] [-l link] [-o field[,...]] [flow]
14
15
16 flowadm set-flowprop [-t] [-R root-dir] -p prop=value[,...] flow
17 flowadm reset-flowprop [-t] [-R root-dir] [-p prop[,...]] flow
18 flowadm show-flowprop [-cP] [-l link] [-o field[,...]]
19 [-p prop[,...]] [flow]
20
21
22 DESCRIPTION
23 The flowadm command is used to create, modify, remove, and show
24 networking bandwidth and associated resources for a type of traffic on
25 a particular link.
26
27
28 The flowadm command allows users to manage networking bandwidth
29 resources for a transport, service, or a subnet. The service is
30 specified as a combination of transport and local port. The subnet is
31 specified by its IP address and subnet mask. The command can be used on
32 any type of data link, including physical links, virtual NICs, and link
33 aggregations.
34
35
36 A flow is defined as a set of attributes based on Layer 3 and Layer 4
37 headers, which can be used to identify a protocol, service, or a
38 virtual machine. When a flow is identified based on flow attributes,
39 separate kernel resources including layer 2, 3, and 4 queues, their
40 processing threads, and other resources are uniquely created for it,
41 such that other traffic has minimal or zero impact on it.
42
43
44 Inbound and outbound packet are matched to flows in a very fast and
45 scalable way, so that limits can be enforced with minimal performance
46 impact.
47
48
49 The flowadm command can be used to define a flow without imposing any
50 bandwidth resource control. This would result in the traffic type
51 getting its own resources and queues so that it is isolated from rest
52 of the networking traffic for more observable and deterministic
53 behavior.
54
55
56 flowadm is implemented as a set of subcommands with corresponding
57 options. Options are described in the context of each subcommand.
58
59 SUBCOMMANDS
60 The following subcommands are supported:
61
62 flowadm add-flow [-t] [-R root-dir] -l link -a attr=value[,...] [-p
63 prop=value[,...]] flow
64
65 Adds a flow to the system. The flow is identified by its flow
66 attributes and properties.
67
68 As part of identifying a particular flow, its bandwidth resource
69 can be limited and its relative priority to other traffic can be
70 specified. If no bandwidth limit or priority is specified, the
71 traffic still gets its unique layer 2, 3, and 4 queues and
72 processing threads, including NIC hardware resources (when
73 supported), so that the selected traffic can be separated from
74 others and can flow with minimal impact from other traffic.
75
76 -t, --temporary
77
78 The changes are temporary and will not persist across reboots.
79 Persistence is the default.
80
81
82 -R root-dir, --root-dir=root-dir
83
84 Specifies an alternate root directory where flowadm should
85 apply persistent creation.
86
87
88 -l link, --link=link
89
90 Specify the link to which the flow will be added.
91
92
93 -a attr=value[,...], --attr=value
94
95 A mandatory comma-separated list of attributes to be set to the
96 specified values.
97
98
99 -p prop=value[,...], --prop=value[,...]
100
101 An optional comma-separated list of properties to be set to the
102 specified values. Flow properties are documented in the "Flow
103 Properties" section, below.
104
105
106
107 flowadm remove-flow [-t] [-R root-dir] -l {link | flow}
108
109 Remove an existing flow identified by its link or name.
110
111 -t, --temporary
112
113 The changes are temporary and will not persist across reboots.
114 Persistence is the default.
115
116
117 -R root-dir, --root-dir=root-dir
118
119 Specifies an alternate root directory where flowadm should
120 apply persistent removal.
121
122
123 -l link | flow, --link=link | flow
124
125 If a link is specified, remove all flows from that link. If a
126 single flow is specified, remove only that flow.
127
128
129
130 flowadm show-flow [-pP] [-s [-i interval]] [-o field[,...]] [-l link]
131 [flow]
132
133 Show flow configuration information, either for all flows, all
134 flows on a link, or for the specified flow.
135
136 -o field[,...]
137
138 A case-insensitive, comma-separated list of output fields to
139 display. The field name must be one of the fields listed below,
140 or a special value all, to display all fields. For each flow
141 found, the following fields can be displayed:
142
143 flow
144
145 The name of the flow.
146
147
148 link
149
150 The name of the link the flow is on.
151
152
153 ipaddr
154
155 IP address of the flow. This can be either local or remote
156 depending on how the flow was defined.
157
158
159 proto
160
161 The name of the layer for protocol to be used.
162
163
164 lport
165
166 Local port of service for flow.
167
168
169 rport
170
171 Remote port of service for flow.
172
173
174 dsfld
175
176 Differentiated services value for flow and mask used with
177 DSFIELD value to state the bits of interest in the
178 differentiated services field of the IP header.
179
180
181
182 -p, --parsable
183
184 Display using a stable machine-parsable format.
185
186
187 -P, --persistent
188
189 Display persistent flow property information.
190
191
192 -l link, --link=link | flow
193
194 Display information for all flows on the named link or
195 information for the named flow.
196
197
198
199 flowadm set-flowprop [-t] [-R root-dir] -p prop=value[,...] flow
200
201 Set values of one or more properties on the flow specified by name.
202 The complete list of properties can be retrieved using the show-
203 flowprop subcommand.
204
205 -t, --temporary
206
207 The changes are temporary and will not persist across reboots.
208 Persistence is the default.
209
210
211 -R root-dir, --root-dir=root-dir
212
213 Specifies an alternate root directory where flowadm should
214 apply persistent setting of properties.
215
216
217 -p prop=value[,...], --prop=value[,...]
218
219 A comma-separated list of properties to be set to the specified
220 values.
221
222
223
290
291 Flow properties are documented in the "Flow Properties" section,
292 below.
293
294 -c
295
296 Display using a stable machine-parsable format.
297
298
299 -P, --persistent
300
301 Display persistent flow property information.
302
303
304 -p prop[,...], --prop=prop[,...]
305
306 A comma-separated list of properties to show.
307
308
309
310 Flow Attributes
311 The flow operand that identify a flow in a flowadm command is a comma-
312 separated list of one or more keyword, value pairs from the list below.
313
314 local_ip[/prefix_len]
315
316 Identifies a network flow by the local IP address. value must be a
317 IPv4 address in dotted-decimal notation or an IPv6 address in
318 colon-separated notation. prefix_len is optional.
319
320 If prefix_len is specified, it describes the netmask for a subnet
321 address, following the same notation convention of ifconfig(1M) and
322 route(1M) addresses. If unspecified, the given IP address will be
323 considered as a host address for which the default prefix length
324 for a IPv4 address is /32 and for IPv6 is /128.
325
326
327 remote_ip[/prefix_len]
328
329 Identifies a network flow by the remote IP address. The syntax is
330 the same as the local_ip attribute.
331
332
333 transport={tcp|udp|sctp|icmp|icmpv6}
334
335 Identifies a layer 4 protocol to be used. It is typically used in
336 combination with local_port to identify the service that needs
337 special attention.
338
339
340 local_port
341
342 Identifies a service specified by the local port.
343
344
345 remote_port
346
347 Identifies a service specified by the remote port.
348
349
350 dsfield[:dsfield_mask]
351
352 Identifies the 8-bit differentiated services field (as defined in
353 RFC 2474).
354
355 The optional dsfield_mask is used to state the bits of interest in
356 the differentiated services field when comparing with the dsfield
357 value. A 0 in a bit position indicates that the bit value needs to
358 be ignored and a 1 indicates otherwise. The mask can range from
359 0x01 to 0xff. If dsfield_mask is not specified, the default mask
360 0xff is used. Both the dsfield value and mask must be in
361 hexadecimal.
362
363
364
365 The following six types of combinations of attributes are supported:
366
367 local_ip[/prefixlen]=address
368 remote_ip[/prefixlen]=address
369 transport={tcp|udp|sctp|icmp|icmpv6}
370 transport={tcp|udp|sctp},local_port=port
371 transport={tcp|udp|sctp},remote_port=port
372 dsfield=val[:dsfield_mask]
373
374
375
376
377 On a given link, the types of combinations above are mutually
378 exclusive. An attempt to create flows of different types on a given
379 link will fail.
380
381 Restrictions
382 There are individual flow restrictions and flow restrictions per zone.
383
384 Individual Flow Restrictions
385 Restrictions on individual flows do not require knowledge of other
386 flows that have been added to the link.
387
388
389 An attribute can be listed only once for each flow. For example, the
390 following command is not valid:
391
392 # flowadm add-flow -l vnic1 -a local_port=80,local_port=8080 httpflow
393
394
395
396
397 transport and local_port:
398
399
435
436
437 priority
438
439 Sets the relative priority for the flow. The value can be given as
440 one of the tokens high, medium, or low. The default is medium.
441
442
443 EXAMPLES
444 Example 1 Creating a Policy Around a Mission-Critical Port
445
446
447 The command below creates a policy around inbound HTTPS traffic on an
448 HTTPS server so that HTTPS obtains dedicated NIC hardware and kernel
449 TCP/IP resources. The name specified, https-1, can be used later to
450 modify or delete the policy.
451
452
453 # flowadm add-flow -l bge0 -a transport=TCP,local_port=443 https-1
454 # flowadm show-flow -l bge0
455 FLOW LINK IPADDR PROTO LPORT RPORT DSFLD
456 https1 bge0 -- tcp 443 -- --
457
458
459
460 Example 2 Modifying an Existing Policy to Add Bandwidth Resource
461 Control
462
463
464 The following command modifies the https-1 policy from the preceding
465 example. The command adds bandwidth control and give the policy a high
466 priority.
467
468
469 # flowadm set-flowprop -p maxbw=500M,priority=high https-1
470 # flowadm show-flow https-1
471 FLOW LINK IPADDR PROTO LPORT RPORT DSFLD
472 https-1 bge0 -- tcp 443 -- --
473
474 # flowadm show-flowprop https-1
475 FLOW PROPERTY VALUE DEFAULT POSSIBLE
476 https-1 maxbw 500 -- --
477 https-1 priority high -- low,medium,high
478
479
480
481 Example 3 Limiting the UDP Bandwidth Usage
482
483
484 The following command creates a policy for UDP protocol so that it
485 cannot consume more than 100Mbps of available bandwidth. The flow is
486 named limit-udp-1.
487
488
489 # flowadm add-flow -l bge0 -a transport=UDP -p maxbw=100M, \
490 priority=low limit-udp-1
491
492
493
494 Example 4 Setting Policy, Making Use of dsfield Attribute
495
496
497 The following command sets a policy for EF PHB (DSCP value of 101110
498 from RFC 2598) with a bandwidth of 500 Mbps and a high priority. The
499 dsfield value for this flow will be 0x2e (101110) with the dsfield_mask
500 being 0xfc (because we want to ignore the 2 least significant bits).
501
502
503 # flowadm add-flow -l bge0 -a dsfield=0x2e:0xfc \
504 -p maxbw=500M,priority=high efphb-flow
505
506
507
508 EXIT STATUS
509 0
510
511 All actions were performed successfully.
512
513
514 >0
515
516 An error occurred.
517
518
519 ATTRIBUTES
520 See attributes(5) for descriptions of the following attributes:
521
522
523
524
525 +--------------------+-----------------+
526 | ATTRIBUTE TYPE | ATTRIBUTE VALUE |
527 +--------------------+-----------------+
528 |Interface Stability | Committed |
529 +--------------------+-----------------+
530
531 SEE ALSO
532 dladm(1M), flowstat(1M), ifconfig(1M), route(1M), attributes(5)
533
534
535 NOTES
536 The display of statistics by the show-flow subcommand, and the show-
537 usage subcommand, have been removed. This functionality can now be
538 accessed using the flowstat(1M) utility.
539
540
541
542 February 26, 2020 FLOWADM(1M)
|