Ferenc Fejes <ferenc.fejes=40ericsson....@dmarc.ietf.org> wrote:
> We have an open-source tool tablesnoop [0], which might be of interest
> for fellow hackers. It can trace IPv4 and IPv6 routing table lookups in
> real-time on Linux. Also, it can trace policy lookups (ip rule)
> too. The tool written in C and it has a user and kernelspace part (eBPF
> C).
So this tells me how the FIB and, later, other tables are responding to current
uses?
Or does this let me provide source/dest (and other tuples) in order to learn
how they would be processed?
I've often thought that the sockets API needs a "just kidding" flag, which
would send a trial packet through the entire stack, and then report how the
packet got mangled on the way. But not actually send the packet!
Then report that to the application.
(Of course, it can't report on mangling by devices elsewhere, so it won't let
you learn what the policy-aware NAPT did to you. You still need TURN or the
various in-band OEM proposals, like Ron Bonica has been working on)
> It would be great if it could trace other table lookups as well, e.g.:
> lookups in the lwtunnel infrastructure (SRv6, MPLS, VXLAN), ARP table
> lookups, bridge FDB lookups. There are also netfilter lookups,
> configured with nftables (or legacy iptables). Currently, none of these
> are supported, but some of them could be implemented with minimal
> effort.
> I will be attending on the IETF 123 Hackathon Madrid and I plan to work
> on this tool there, the main focus will be tracing SRv6 encaps and End
> behaviors. If anyone is interested, I'm happy to show the tool and
> discuss about potential extensions and hack together.
Feedback to applications, to the effect, that their desire for DSCP XYZ will
not be respected, or that the outbound firewall does not permit something
would be useful. The current APIs for UDP packets and ICMP replies are hard
to use.
I recognize that's probably not the goal of tablesnoop (i read the readme..),
but this is my 6man-focused content :-)
--
Michael Richardson <mcr+i...@sandelman.ca> . o O ( IPv6 IøT consulting )
Sandelman Software Works Inc, Ottawa and Worldwide
signature.asc
Description: PGP signature
_______________________________________________ spring mailing list -- spring@ietf.org To unsubscribe send an email to spring-le...@ietf.org
