Hi everyone,

Recently I wanted to try to limit the total outbound bandwidth available to my docker containers. I’ve been trying to write rules against tc, but have been having difficulty. The following script should allow for generous download by default to containers, but restrict upload to 50kbps.

DNLD=30gbit   # DOWNLOAD Limit
UPLD=50kbps   # UPLOAD Limit

tc qdisc del dev docker0 root
tc qdisc add dev docker0 root handle 1: htb default 10
tc class add dev docker0 parent 1: classid 1:10 htb rate $DNLD
tc class add dev docker0 parent 1: classid 1:11 htb rate $UPLD

# this rule should place all traffic originating from containers into the upload rate control
tc filter add dev docker0 protocol ip parent 1:0 u32 \
    match ip src 172.17.0.0/16 flowid 1:11

Unfortunately, when using speedtest-cli from inside a docker container, it doesn’t seem to restrict the upload speed at all. I’m using docker 1.11, and docker is definitely establishing docker0 at 172.17.*.*

Does anyone have any tips?

I have a similar script that used to work fine in April, but now doesn’t work anymore. And the only think that has changed is Docker (I was using Docker for Mac with VirtualBox and now I am using the new version without VirtualBox.

I have not used my script since April so I don’t really know when it stopped working (I use this particular container to test my application with specific network conditions)