Skip to content

include port names in SDT probes #99

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Closed
rzezeski opened this issue Mar 31, 2022 · 2 comments
Closed

include port names in SDT probes #99

rzezeski opened this issue Mar 31, 2022 · 2 comments

Comments

@rzezeski
Copy link
Contributor

Now that things are moving further along, and we will increasingly have more than one guest running on a given host, it's time to add the port name to the various SDT probes so that an operator can more easily distinguish which port the data relates to. It would also be nice if this scripts could have a way to pass a port as argument as a filtering method.

Here's an example of the opte-rule-match.d script running. In this case we are seeing matching rules happening for two different ports/guests on the same host. In this example it's kind of easy to understand what's going on since it's just a ping between two guests; but this will quickly become overbearing without the ability to at least know which port each line applies to. Eventually we'll probably also want the ability to filter on other properties like various parts of the flow and such, but for now I think just starting with the port name is enough.

root@sled1:~/dtrace# ./opte-trace opte-rule-match
MATCH  DIR LAYER        FLOW                                        ACTION
NO     out dhcp4        XXX,0.0.0.0:0,0.0.0.0:0                     --
NO     out icmp         XXX,0.0.0.0:0,0.0.0.0:0                     --
YES    out arp          XXX,0.0.0.0:0,0.0.0.0:0                     HAIRPIN: ArpReply 10.0.0.254 => A8:40:25:00:00:01
NO     out dhcp4        ICMP,10.0.0.1:0,10.0.0.2:0                  --
NO     out icmp         ICMP,10.0.0.1:0,10.0.0.2:0                  --
NO     out arp          ICMP,10.0.0.1:0,10.0.0.2:0                  --
YES    out firewall     ICMP,10.0.0.1:0,10.0.0.2:0                  STATEFUL: Firewall
YES    out router       ICMP,10.0.0.1:0,10.0.0.2:0                  META: RouterTarget = Subnet: 10.0.0.0/24
YES    out overlay      ICMP,10.0.0.1:0,10.0.0.2:0                  STATIC: Encap
MATCH  DIR LAYER        FLOW                                        ACTION
YES    in  overlay      ICMP,10.0.0.1:0,10.0.0.2:0                  STATIC: Decap
NO     in  router       ICMP,10.0.0.1:0,10.0.0.2:0                  --
YES    in  firewall     ICMP,10.0.0.1:0,10.0.0.2:0                  STATEFUL: Firewall
NO     in  arp          ICMP,10.0.0.1:0,10.0.0.2:0                  --
NO     in  icmp         ICMP,10.0.0.1:0,10.0.0.2:0                  --
NO     in  dhcp4        ICMP,10.0.0.1:0,10.0.0.2:0                  --
NO     out dhcp4        XXX,0.0.0.0:0,0.0.0.0:0                     --
NO     out icmp         XXX,0.0.0.0:0,0.0.0.0:0                     --
YES    out arp          XXX,0.0.0.0:0,0.0.0.0:0                     HAIRPIN: ArpReply 10.0.0.254 => A8:40:25:00:00:01
NO     out dhcp4        ICMP,10.0.0.2:0,10.0.0.1:0                  --
NO     out icmp         ICMP,10.0.0.2:0,10.0.0.1:0                  --
NO     out arp          ICMP,10.0.0.2:0,10.0.0.1:0                  --
MATCH  DIR LAYER        FLOW                                        ACTION
YES    out router       ICMP,10.0.0.2:0,10.0.0.1:0                  META: RouterTarget = Subnet: 10.0.0.0/24
YES    out overlay      ICMP,10.0.0.2:0,10.0.0.1:0                  STATIC: Encap
YES    in  overlay      ICMP,10.0.0.2:0,10.0.0.1:0                  STATIC: Decap
NO     in  router       ICMP,10.0.0.2:0,10.0.0.1:0                  --
NO     in  arp          ICMP,10.0.0.2:0,10.0.0.1:0                  --
NO     in  icmp         ICMP,10.0.0.2:0,10.0.0.1:0                  --
NO     in  dhcp4        ICMP,10.0.0.2:0,10.0.0.1:0                  --
@rzezeski rzezeski changed the title various opte SDT probes and scripts should display port names various SDT probes and scripts should display port names Mar 31, 2022
@rzezeski rzezeski mentioned this issue Apr 1, 2022
Merged
@rzezeski rzezeski changed the title various SDT probes and scripts should display port names include port names in SDT probes Apr 1, 2022
rzezeski added a commit that referenced this issue Apr 1, 2022
@rzezeski
include port names in SDT probes (#99)
6789ed0 
want USDT support for probes (#56)
rzezeski added a commit that referenced this issue Apr 1, 2022
@rzezeski
include port names in SDT probes (#99)
1cada72 
want USDT support for probes (#56)
@rzezeski
Copy link
Contributor Author

rzezeski commented Apr 1, 2022

New output with port names.

root@sled1:~/dtrace# ./opte-trace opte-rule-match
PORT     LAYER        MATCH  DIR FLOW                                        ACTION
xde0     dhcp4        NO     out XXX,0.0.0.0:0,0.0.0.0:0                     --
xde0     icmp         NO     out XXX,0.0.0.0:0,0.0.0.0:0                     --
xde0     arp          YES    out XXX,0.0.0.0:0,0.0.0.0:0                     HAIRPIN: ArpReply 10.0.0.254 => A8:40:25:00:00:01
xde0     dhcp4        NO     out ICMP,10.0.0.1:0,10.0.0.2:0                  --
xde0     icmp         NO     out ICMP,10.0.0.1:0,10.0.0.2:0                  --
xde0     arp          NO     out ICMP,10.0.0.1:0,10.0.0.2:0                  --
xde0     firewall     YES    out ICMP,10.0.0.1:0,10.0.0.2:0                  STATEFUL: Firewall
xde0     router       YES    out ICMP,10.0.0.1:0,10.0.0.2:0                  META: RouterTarget = Subnet: 10.0.0.0/24
xde0     overlay      YES    out ICMP,10.0.0.1:0,10.0.0.2:0                  STATIC: Encap
PORT     LAYER        MATCH  DIR FLOW                                        ACTION
xde1     overlay      YES    in  ICMP,10.0.0.1:0,10.0.0.2:0                  STATIC: Decap
xde1     router       NO     in  ICMP,10.0.0.1:0,10.0.0.2:0                  --
xde1     firewall     YES    in  ICMP,10.0.0.1:0,10.0.0.2:0                  STATEFUL: Firewall
xde1     arp          NO     in  ICMP,10.0.0.1:0,10.0.0.2:0                  --
xde1     icmp         NO     in  ICMP,10.0.0.1:0,10.0.0.2:0                  --
xde1     dhcp4        NO     in  ICMP,10.0.0.1:0,10.0.0.2:0                  --
xde1     dhcp4        NO     out XXX,0.0.0.0:0,0.0.0.0:0                     --
xde1     icmp         NO     out XXX,0.0.0.0:0,0.0.0.0:0                     --
xde1     arp          YES    out XXX,0.0.0.0:0,0.0.0.0:0                     HAIRPIN: ArpReply 10.0.0.254 => A8:40:25:00:00:01
xde1     dhcp4        NO     out ICMP,10.0.0.2:0,10.0.0.1:0                  --
xde1     icmp         NO     out ICMP,10.0.0.2:0,10.0.0.1:0                  --
xde1     arp          NO     out ICMP,10.0.0.2:0,10.0.0.1:0                  --
PORT     LAYER        MATCH  DIR FLOW                                        ACTION
xde1     router       YES    out ICMP,10.0.0.2:0,10.0.0.1:0                  META: RouterTarget = Subnet: 10.0.0.0/24
xde1     overlay      YES    out ICMP,10.0.0.2:0,10.0.0.1:0                  STATIC: Encap
xde0     overlay      YES    in  ICMP,10.0.0.2:0,10.0.0.1:0                  STATIC: Decap
xde0     router       NO     in  ICMP,10.0.0.2:0,10.0.0.1:0                  --
xde0     arp          NO     in  ICMP,10.0.0.2:0,10.0.0.1:0                  --
xde0     icmp         NO     in  ICMP,10.0.0.2:0,10.0.0.1:0                  --
xde0     dhcp4        NO     in  ICMP,10.0.0.2:0,10.0.0.1:0                  --

@rzezeski
Copy link
Contributor Author

rzezeski commented Apr 1, 2022

Fixed in 1cada72.

@rzezeski rzezeski closed this as completed Apr 1, 2022
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
1 participant
@rzezeski