I'm setting up a proof of concept to throttle ingress traffic at terminal end (client):
eth0 -> ifb0 -> htb -> filter by ip -> htb rate -> fq_codel+ecn
I have 2 source ips for specific program I want to throttle. The program in question opens a bunch of tcp connections (downloads, thus ingress throttle), and I would like to both limit total ingress bandwidth it uses (done) and have fair scheduling between connections to same ip address (this question).
In the end there's 1 bucket with rate attached and 1 fq_codel instance.
I have it working, but I have some questions:
Per internet research flow id is "hash of 5-tuple", question is, what elements of a packet are parts of the 5-tuple? Are both source and destination ports included?
Per http://mdh.diva-portal.org/smash/get/diva2:754020/FULLTEXT01.pdf (someone's PhD thesis):
The flows are separated by hashing a 5-tuple value from the packet (default is src/dest port/ip and protocol) together with a random number
Apart from default bit, it's clear.