G'Day All, I'm putting together a PSARC case to begin integration of the DTrace network providers. I've drawn up a rough plan which splits this project into over a dozen smaller steps, as documented on the network provider page:
http://www.opensolaris.org/os/community/dtrace/NetworkProvider#Plan Below is a draft PSARC document for task 1, IP provider send/receive probes. I'm looking to integrate this in the coming weeks, and then to move straight onto tasks 2 and 3 - TCP and UDP providers. ------------------------------------------------------------ A. INTRODUCTION This case adds a DTrace 'ip' provider with probes for send and receive for both IPv4 and IPv6 protocols. This is intended for use by customers for network observability and troubleshooting, and is the first component of a suite of planned providers for the network stack. B. DESCRIPTION This will introduce the following probes for the 'ip' provider: ip:::send ip:::receive The arguments to these probes are: args[0] pktinfo_t * packet info args[1] csinfo_t * connection state info args[2] ipinfo_t * generic IP info args[3] illinfo_t * interface info args[4] ipv4info_t * IPv4 header args[5] ipv6info_t * IPv6 header The order and content has been chosen for consistency with other planned network providers, and to also leave room to accommodate future enhancements to the network stack. The arguments contain: /* * pktinfo is where packet ID info can be made available for deeper * analysis if packet IDs become supported by the kernel in the future. */ typedef struct pktinfo { uint64_t pkt_id; uintptr_t pkt_addr; } pktinfo_t; /* * csinfo is where connection state info can be made available if * connection IDs become supported by the kernel in the future. */ typedef struct csinfo { uintptr_t cs_addr; } csinfo_t; /* * ipinfo contains common IP info for both IPv4 and IPv6. */ typedef struct ipinfo { uint8_t ip_ver; /* IP version (4, 6) */ uint16_t ip_plength; /* payload length */ string ip_saddr; /* source address */ string ip_daddr; /* destination address */ } ipinfo_t; /* * illinfo contains IP Lower Layer info. */ typedef struct illinfo { string ill_name; /* interface name */ int8_t ill_local; /* is local */ netstackid_t ill_ipstack; /* ipstack ID */ uintptr_t ill_addr; /* pointer to raw ill_t */ } illinfo_t; /* * ipv4info is a translated version of the IPv4 header (with raw pointer). */ typedef struct ipv4info { uint8_t ipv4_ver; /* IP version (4) */ uint8_t ipv4_ihl; /* header length, bytes */ uint8_t ipv4_tos; /* type of service field */ uint16_t ipv4_length; /* length (header + payload) */ uint16_t ipv4_ident; /* identification */ uint8_t ipv4_flags; /* IP flags */ uint16_t ipv4_offset; /* fragment offset */ uint8_t ipv4_ttl; /* time to live */ uint8_t ipv4_protocol; /* next level protocol */ uint16_t ipv4_checksum; /* header checksum */ ipaddr_t ipv4_src; /* source address */ ipaddr_t ipv4_dst; /* destination address */ string ipv4_saddr; /* source address, string */ string ipv4_daddr; /* destination address, string */ ipha_t *ipv4_hdr; /* pointer to raw header */ } ipv4info_t; /* * ipv6info is a translated version of the IPv6 header (with raw pointer). */ typedef struct ipv6info { uint8_t ipv6_ver; /* IP version (6) */ uint8_t ipv6_tclass; /* traffic class */ uint32_t ipv6_flow; /* flow label */ uint16_t ipv6_plen; /* payload length */ uint8_t ipv6_next; /* next level protocol */ uint8_t ipv6_hlim; /* hop limit */ in6_addr_t *ipv6_src; /* source address */ in6_addr_t *ipv6_dst; /* destination address */ string ipv6_saddr; /* source address, string */ string ipv6_daddr; /* destination address, string */ ip6_t *ipv6_hdr; /* pointer to raw header */ } ipv6info_t; C. EXAMPLES This DTrace one-liner counts received packets by host: # dtrace -n 'ip:::receive { @[args[2]->ip_saddr] = count(); }' dtrace: description 'ip:::receive ' matched 4 probes ^C 192.168.1.5 1 192.168.1.185 4 fe80::214:4fff:fe3b:76c8 9 127.0.0.1 14 192.168.1.109 28 This DTrace one-liner prints distribution plots of sent payload size by destination: # dtrace -n 'ip:::send { @[args[2]->ip_daddr] = quantize(args[2]->ip_plength); }' dtrace: description 'ip:::send ' matched 11 probes ^C 192.168.2.27 value ------------- Distribution ------------- count 8 | 0 16 |@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@ 7 32 |@@@@ 1 64 |@@@@ 1 128 | 0 192.168.1.109 value ------------- Distribution ------------- count 8 | 0 16 |@@@@@ 5 32 |@@@ 3 64 |@@@@@@@@@@@@@@@@@@@@@@@@@@ 24 128 |@ 1 256 |@ 1 512 |@@ 2 1024 |@ 1 2048 | 0 This DTrace script uses the ip provider to show packets as they pass in and out of tunnels: # ./ipio.d CPU DELTA(us) SOURCE DEST INT BYTES 1 598913 10.1.100.123 -> 192.168.10.75 ip.tun0 68 1 73 192.168.1.108 -> 192.168.5.1 nge0 140 1 18325 192.168.1.108 <- 192.168.5.1 nge0 140 1 69 10.1.100.123 <- 192.168.10.75 ip.tun0 68 0 102921 10.1.100.123 -> 192.168.10.75 ip.tun0 20 0 79 192.168.1.108 -> 192.168.5.1 nge0 92 This DTrace script provides a neat summary for both send and receive IP traffic: # ./ipproto.d Tracing... Hit Ctrl-C to end. ^C SADDR DADDR PROTO COUNT 192.168.1.108 192.168.155.32 UDP 1 192.168.1.108 192.168.17.55 UDP 1 192.168.1.108 192.168.228.54 UDP 1 192.168.1.108 192.168.1.5 UDP 1 192.168.1.108 192.168.2.27 ICMP 1 192.168.1.200 192.168.3.255 UDP 1 192.168.1.5 192.168.1.108 UDP 1 192.168.2.27 192.168.1.108 ICMP 1 fe80::214:4fff:fe3b:76c8 ff02::1 ICMPV6 1 fe80::2e0:81ff:fe5e:8308 fe80::214:4fff:fe3b:76c8 ICMPV6 1 fe80::2e0:81ff:fe5e:8308 ff02::1:2 UDP 1 192.168.1.185 192.168.1.255 UDP 2 192.168.1.211 192.168.1.255 UDP 3 192.168.1.109 192.168.1.108 TCP 428 192.168.1.108 192.168.1.109 TCP 789 D. REFERENCES The suite of planned providers is described on the following website, which includes demonstrations and source from previous prototypes: http://www.opensolaris.org/os/community/dtrace/NetworkProvider These providers have also been discussed in the past on both dtrace-discuss and networking-discuss. E. DOCUMENTATION A new chapter in the Solaris Dynamic Tracing Guide will be added to document this ip provider. http://wikis.sun.com/display/DTrace/Documentation ------------------------------------------------------------ Brendan -- Brendan [CA, USA] _______________________________________________ networking-discuss mailing list [email protected]
