summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorViacheslav Hletenko <v.gletenko@vyos.io>2023-03-17 12:38:27 +0000
committerViacheslav Hletenko <v.gletenko@vyos.io>2023-03-17 12:43:13 +0000
commit57c06dcd78f9b711c4fb46e6657b0a496059a685 (patch)
tree0a37d9f887ac862cbd6f8122b88e8f4eafa1f582
parentda42b37983e75dc4587160036be9eb71df4e4989 (diff)
downloadvyos-1x-57c06dcd78f9b711c4fb46e6657b0a496059a685.tar.gz
vyos-1x-57c06dcd78f9b711c4fb46e6657b0a496059a685.zip
T5086: Add sFlow drop-monitor-limit option
hsflowd will export the headers of dropped packets (along with the name of the function in the Linux kernel where that skb was dropped) as part of the standard sFlow feed. This measurement complements the sFlow packet sampling and counter-telemetry well because it provides visibility into the traffic that is not flowing. Very helpful for troubleshooting. The limit (a rate limit max of N drops per second sent out in the sFlow datagrams) is the parameter you would set in the CLI. set system sflow drop-monitor-limit 50
-rw-r--r--data/templates/sflow/hsflowd.conf.j23
-rw-r--r--interface-definitions/system-sflow.xml.in12
-rwxr-xr-xsmoketest/scripts/cli/test_system_sflow.py3
3 files changed, 18 insertions, 0 deletions
diff --git a/data/templates/sflow/hsflowd.conf.j2 b/data/templates/sflow/hsflowd.conf.j2
index 7ce6554d7..94f5939be 100644
--- a/data/templates/sflow/hsflowd.conf.j2
+++ b/data/templates/sflow/hsflowd.conf.j2
@@ -25,4 +25,7 @@ sflow {
pcap { dev={{ iface }} }
{% endfor %}
{% endif %}
+{% if drop_monitor_limit is vyos_defined %}
+ dropmon { limit={{ drop_monitor_limit }} start=on sw=on hw=off }
+{% endif %}
}
diff --git a/interface-definitions/system-sflow.xml.in b/interface-definitions/system-sflow.xml.in
index a53c99937..335181fe1 100644
--- a/interface-definitions/system-sflow.xml.in
+++ b/interface-definitions/system-sflow.xml.in
@@ -46,6 +46,18 @@
</constraint>
</properties>
</leafNode>
+ <leafNode name="drop-monitor-limit">
+ <properties>
+ <help>Export headers of dropped by kernel packets</help>
+ <valueHelp>
+ <format>u32:1-65535</format>
+ <description>Maximum rate limit of N drops per second send out in the sFlow datagrams</description>
+ </valueHelp>
+ <constraint>
+ <validator name="numeric" argument="--range 1-65535"/>
+ </constraint>
+ </properties>
+ </leafNode>
#include <include/generic-interface-multi.xml.i>
<leafNode name="polling">
<properties>
diff --git a/smoketest/scripts/cli/test_system_sflow.py b/smoketest/scripts/cli/test_system_sflow.py
index b593c21e6..f50052d31 100755
--- a/smoketest/scripts/cli/test_system_sflow.py
+++ b/smoketest/scripts/cli/test_system_sflow.py
@@ -57,6 +57,7 @@ class TestSystemFlowAccounting(VyOSUnitTestSHIM.TestCase):
sampling_rate = '128'
server = '192.0.2.254'
port = '8192'
+ mon_limit = '50'
self.cli_set(
['interfaces', 'dummy', 'dum0', 'address', f'{agent_address}/24'])
@@ -72,6 +73,7 @@ class TestSystemFlowAccounting(VyOSUnitTestSHIM.TestCase):
self.cli_set(base_path + ['polling', polling])
self.cli_set(base_path + ['sampling-rate', sampling_rate])
self.cli_set(base_path + ['server', server, 'port', port])
+ self.cli_set(base_path + ['drop-monitor-limit', mon_limit])
# commit changes
self.cli_commit()
@@ -84,6 +86,7 @@ class TestSystemFlowAccounting(VyOSUnitTestSHIM.TestCase):
self.assertIn(f'agentIP={agent_address}', hsflowd)
self.assertIn(f'agent={agent_interface}', hsflowd)
self.assertIn(f'collector {{ ip = {server} udpport = {port} }}', hsflowd)
+ self.assertIn(f'dropmon {{ limit={mon_limit} start=on sw=on hw=off }}', hsflowd)
for interface in Section.interfaces('ethernet'):
self.assertIn(f'pcap {{ dev={interface} }}', hsflowd)