From owner-svn-src-head@freebsd.org Wed Oct 14 02:39:34 2015 Return-Path: Delivered-To: svn-src-head@mailman.ysv.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) by mailman.ysv.freebsd.org (Postfix) with ESMTP id 58188A12F91; Wed, 14 Oct 2015 02:39:34 +0000 (UTC) (envelope-from bdrewery@FreeBSD.org) Received: from freefall.freebsd.org (freefall.freebsd.org [IPv6:2001:1900:2254:206c::16:87]) by mx1.freebsd.org (Postfix) with ESMTP id 3ADC51E5E; Wed, 14 Oct 2015 02:39:34 +0000 (UTC) (envelope-from bdrewery@FreeBSD.org) Received: from mail.xzibition.com (localhost [IPv6:::1]) by freefall.freebsd.org (Postfix) with ESMTP id 2EAA81D8E; Wed, 14 Oct 2015 02:39:34 +0000 (UTC) (envelope-from bdrewery@FreeBSD.org) Received: from mail.xzibition.com (localhost [172.31.3.2]) by mail.xzibition.com (Postfix) with ESMTP id DBCF21483D; Wed, 14 Oct 2015 02:39:33 +0000 (UTC) X-Virus-Scanned: amavisd-new at mail.xzibition.com Received: from mail.xzibition.com ([172.31.3.2]) by mail.xzibition.com (mail.xzibition.com [172.31.3.2]) (amavisd-new, port 10026) with LMTP id nPsZjxpwBbly; Wed, 14 Oct 2015 02:39:30 +0000 (UTC) Subject: Re: svn commit: r289276 - in head/sys: conf kern netinet sys DKIM-Filter: OpenDKIM Filter v2.9.2 mail.xzibition.com 70CF114837 To: Hiren Panchasara References: <201510140035.t9E0ZbXS030094@repo.freebsd.org> <561DB6CB.8060208@FreeBSD.org> <20151014023352.GI87252@strugglingcoder.info> Cc: src-committers@freebsd.org, svn-src-all@freebsd.org, svn-src-head@freebsd.org From: Bryan Drewery Openpgp: id=F9173CB2C3AAEA7A5C8A1F0935D771BB6E4697CF; url=http://www.shatow.net/bryan/bryan2.asc Organization: FreeBSD Message-ID: <561DC062.1010605@FreeBSD.org> Date: Tue, 13 Oct 2015 19:39:30 -0700 User-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64; rv:38.0) Gecko/20100101 Thunderbird/38.3.0 MIME-Version: 1.0 In-Reply-To: <20151014023352.GI87252@strugglingcoder.info> Content-Type: multipart/signed; micalg=pgp-sha1; protocol="application/pgp-signature"; boundary="WgiWCgh4S1TTTJOruSowfNAAPqC6mCCAc" X-BeenThere: svn-src-head@freebsd.org X-Mailman-Version: 2.1.20 Precedence: list List-Id: SVN commit messages for the src tree for head/-current List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 14 Oct 2015 02:39:34 -0000 This is an OpenPGP/MIME signed message (RFC 4880 and 3156) --WgiWCgh4S1TTTJOruSowfNAAPqC6mCCAc Content-Type: text/plain; charset=windows-1252 Content-Transfer-Encoding: quoted-printable On 10/13/2015 7:33 PM, Hiren Panchasara wrote: > On 10/13/15 at 06:58P, Bryan Drewery wrote: >> On 10/13/2015 5:35 PM, Hiren Panchasara wrote: >>> Author: hiren >>> Date: Wed Oct 14 00:35:37 2015 >>> New Revision: 289276 >>> URL: https://svnweb.freebsd.org/changeset/base/289276 >>> >>> Log: >>> There are times when it would be really nice to have a record of th= e last few >>> packets and/or state transitions from each TCP socket. That would h= elp with >>> narrowing down certain problems we see in the field that are hard t= o reproduce >>> without understanding the history of how we got into a certain stat= e. This >>> change provides just that. >>> =20 >>> It saves copies of the last N packets in a list in the tcpcb. When = the tcpcb is >>> destroyed, the list is freed. I thought this was likely to be more >>> performance-friendly than saving copies of the tcpcb. Plus, with th= e packets, >>> you should be able to reverse-engineer what happened to the tcpcb. >>> =20 >>> To enable the feature, you will need to compile a kernel with the T= CPPCAP >>> option. Even then, the feature defaults to being deactivated. You c= an activate >>> it by setting a positive value for the number of captured packets. = You can do >>> that on either a global basis or on a per-socket basis (via a setso= ckopt call). >>> =20 >>> There is no way to get the packets out of the kernel other than usi= ng kmem or >>> getting a coredump. I thought that would help some of the legal/pri= vacy concerns >>> regarding such a feature. However, it should be possible to add a f= uture effort >>> to export them in PCAP format. >>> =20 >>> I tested this at low scale, and found that there were no mbuf leaks= and the peak >>> mbuf usage appeared to be unchanged with and without the feature. >>> =20 >>> The main performance concern I can envision is the number of mbufs = that would be >>> used on systems with a large number of sockets. If you save five pa= ckets per >>> direction per socket and have 3,000 sockets, that will consume at l= east 30,000 >>> mbufs just to keep these packets. I tried to reduce the concerns as= sociated with >>> this by limiting the number of clusters (not mbufs) that could be u= sed for this >>> feature. Again, in my testing, that appears to work correctly. >>> =20 >>> Differential Revision: D3100 >> >> You're supposed to use the full URL here which will auto close the rev= iew. >=20 > Okay. It did pick up the commit though. What more does it need to know?= =20 >> Hm true. It seems that it will auto-close if you use the full URL only. I swear a decision was made on the "proper" way to relate these, but the fact that both methods touch the system and act different is odd. --=20 Regards, Bryan Drewery --WgiWCgh4S1TTTJOruSowfNAAPqC6mCCAc Content-Type: application/pgp-signature; name="signature.asc" Content-Description: OpenPGP digital signature Content-Disposition: attachment; filename="signature.asc" -----BEGIN PGP SIGNATURE----- Version: GnuPG v2 iQEcBAEBAgAGBQJWHcBjAAoJEDXXcbtuRpfProEIANqhCrjWWMK90NLTZSh9Smas o0sPK7dx2diPuwh54eybUXIPVzg22MV5xE4VZfT7raOBjAs/AasOl9oYlHfViD3w zH+UvnbDvwi3gf2c0HFc8d27i7KfFZMI8Mlst32OULxAhUeCJqQRIhnHGlqdQSVI qLaTBjyxMffpiJ7wnHxeg0Yezb1kmMfiZ+3QDMgUODnJq6u8/a7WW3LnXPg2jR60 axlcC4qrIuSOhf+OLvVwldaJd61dYWW0HBm5c8sDZrIuOnMK2ZXIERIqEO8e0mJC CP2Na1BwoKP64KIWvr5qKsDLXC+0n41mIcZPvDb6iIkvKn9b9WjxmCHQqwoW8eE= =L+FE -----END PGP SIGNATURE----- --WgiWCgh4S1TTTJOruSowfNAAPqC6mCCAc--