I'd like to set a lower priority on a specific docker container so it never starves other containers of network capacity. The model I'm looking for is something like:

tc filter add dev eth0 protocol ip parent 10: prio 2

I think I want to set it when launching the docker container so that all packets exiting the virtual interface for that container are tagged with a lower priority (higher number). The desired outcome is: If there's no congestion, everything works normally. The moment the queue backs up, traffic from the target container is de-prioritized.

I see examples for adding delay, setting a bandwidth cap or corruption, but nothing about setting priority.

Also, do I need to enable the queue on the docker bridge/nat interface so that TOS priorities are read?

virtual devices run without a qdisc attached by default (for performance reasons)