For purpose of continuous testing, I would like have apache server to serve static files with at least 20ms delay.
I tried to find a apache configuration setting or a plugin with similar ability, but failed.
Combination of tc and iptables might work, but I only found a way to add delay based on outgoing port, (which is different for every client).
Variables IF=lo IFSPEED=100Mbps # Get from sudo /sbin/ethtool $IF DELAY=1000ms # # Create a tree of classful HTB objects # sudo /sbin/tc qdisc add dev $IF handle 1: root htb # # Create a classful child bucket with classid 1:11 # sudo /sbin/tc class add dev $IF parent 1: classid 1:11 htb rate $IFSPEED # # Create a qdisc (classless) netem child to provide a delay for packets in this 'bucket' # sudo /sbin/tc qdisc add dev $IF parent 1:11 handle 11: netem delay $DELAY # # Filter mangled/marked traffic to the above class # sudo /sbin/tc filter add dev $IF parent 1:0 prio 1 protocol ip handle 11 fw flowid 1:11 # # Use iptables to mangle TCP packets to port 4001 and mark packet for tc filtering # sudo /sbin/iptables -A OUTPUT -t mangle -p tcp --dport 4001 -j MARK --set-mark 11
So the previous snippet work, but how to change policy so every incoming packet with destinatiom port 80 is delayed?
— attempted to try iptables with PREROUTING , but still didn't work?
Best Answer
Adding delay can be done on incoming (ingress) or outgoing (egress) packets (or both). Delaying ingress packets is a bit harder (cause the packet has already arrived) but is achievable with Intermediate Functional Block device (have a look here. search for "netem on incoming traffic").
Because your goal can be achieved by delaying ingress or egress traffic and delaying egress is easier, I'd recommend to do that. Your configuration is almost correct: you just need to replace the iptables mangle line with