Skip site navigation (1)Skip section navigation (2) 
Date:      Fri, 27 Oct 2023 18:27:06 -0700
From:      Rick Macklem <rick.macklem@gmail.com>
To:        "Simon J. Gerraty" <sjg@juniper.net>
Cc:        Freddie Cash <fjwcash@gmail.com>, FreeBSD CURRENT <freebsd-current@freebsd.org>
Subject:   Re: RFC: NFS over TLS stats
Message-ID:  <CAM5tNy488H-vqzsLvqvdqnD1Kqdehrh4zAxtEr1LsWz%2Bo=ru2Q@mail.gmail.com>
In-Reply-To: <CAM5tNy7WDvEHnN=QC8fqbt5QyHC=DTmLBR-mz4ZogO5NJoWugQ@mail.gmail.com>
References:  <CAM5tNy4=ioUd3gRqwEr5-ss7jek1N7DWc-b4_c4xWWEe-5uQyg@mail.gmail.com> <CAOjFWZ5cyS8LWo19qH2gqCQmDfPR1%2Bmxr0iebPA0HSZ4SuTsPw@mail.gmail.com> <63874.1698283976@kaos.jnpr.net> <CAM5tNy54ZX_D5nKGTxdHhpmpchSv0MddQjNuhku3D2tM6mrh_g@mail.gmail.com> <48556.1698289785@kaos.jnpr.net> <CAM5tNy7WDvEHnN=QC8fqbt5QyHC=DTmLBR-mz4ZogO5NJoWugQ@mail.gmail.com>
next in thread | previous in thread | raw e-mail | index | archive | help 
On Thu, Oct 26, 2023 at 11:28=E2=80=AFAM Rick Macklem <rick.macklem@gmail.c=
om> wrote:
>
> On Wed, Oct 25, 2023 at 8:10=E2=80=AFPM Simon J. Gerraty <sjg@juniper.net=
> wrote:
> >
> > Rick Macklem <rick.macklem@gmail.com> wrote:
> > > > kern.rpctls.tls.snd_msgbytes: 20828
> > > > kern.rpctls.tls.snd_msgcnt: 57
> > > > kern.rpctls.tls.rcv_tmsgbytes: 12336
> > > > kern.rpctls.tls.rcv_msgcnt: 57
> > > >
> > > > which allows for sysctl kern.rpctls.tls
> > > Not sure what you mean?
> >
> > If for some reason I only care about tls I can do
> >
> > sysctl kern.rpctls.tls
> >
> > and get
> >
> > kern.rpctls.tls.snd_msgbytes: 20828
> > kern.rpctls.tls.snd_msgcnt: 57
> > kern.rpctls.tls.rcv_tmsgbytes: 12336
> > kern.rpctls.tls.rcv_msgcnt: 57
> >
> > otherwise I'd have to do
> >
> > sysctl kern.rpctls | grep tls
> >
> > > I am listing counts for TLS and non-TLS so they can
> > > be compared. As such, a "tls" in the last component of
> > > the name is needed, unless I list the non-TLS ones
> >
> > Ok
> >
> > > under something else like:
> > > kern.rpc.snd_msgbytes
> > >
> > > I currently actually have them all as:
> > > kern.rpc.tls.XXX instead of kern.rpctls.XXX,
> >
> > Haha I didn't notice the tls in rpctls ;-)
> >
> > > since there was already kern.rpc.gss.XXX.
> >
> > kern.rpc.tls.XXX sounds fine
> Ok, how does this look?
>
> kern.rpc.nontls.tx_msgcnt: 58
> kern.rpc.nontls.tx_msgbytes: 20828
> kern.rpc.nontls.rx_msgcnt: 58
> kern.rpc.nontls.rx_msgbytes: 12072
As suggested by someone off-list, I have replaced "nontls"
with "unenc".

rick

> kern.rpc.tls.tx_msgcnt: 62639
> kern.rpc.tls.tx_msgbytes: 30800352
> kern.rpc.tls.rx_msgcnt: 62639
> kern.rpc.tls.rx_msgbytes: 13473756
> kern.rpc.tls.handshake_success: 1
> kern.rpc.tls.handshake_failed: 0
> kern.rpc.tls.alerts: 1
>
> It doesn't put the nonTLS and TLS lines for a given stat next to each oth=
er,
> but does allow either the nonTLS or TLS stats to be displayed easily
> and keeps the two sets adjacent, so they can be compared easily.
>
> rick
>
> >
> > >
> > > rick

Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?CAM5tNy488H-vqzsLvqvdqnD1Kqdehrh4zAxtEr1LsWz%2Bo=ru2Q>