diff options
author | Viacheslav Hletenko <v.gletenko@vyos.io> | 2023-03-17 12:38:27 +0000 |
---|---|---|
committer | Viacheslav Hletenko <v.gletenko@vyos.io> | 2023-03-17 12:43:13 +0000 |
commit | 57c06dcd78f9b711c4fb46e6657b0a496059a685 (patch) | |
tree | 0a37d9f887ac862cbd6f8122b88e8f4eafa1f582 | |
parent | da42b37983e75dc4587160036be9eb71df4e4989 (diff) | |
download | vyos-1x-57c06dcd78f9b711c4fb46e6657b0a496059a685.tar.gz vyos-1x-57c06dcd78f9b711c4fb46e6657b0a496059a685.zip |
T5086: Add sFlow drop-monitor-limit option
hsflowd will export the headers of dropped packets (along with the
name of the function in the Linux kernel where that skb was dropped)
as part of the standard sFlow feed.
This measurement complements the sFlow packet sampling and
counter-telemetry well because it provides visibility into the
traffic that is not flowing.
Very helpful for troubleshooting.
The limit (a rate limit max of N drops per second sent out in the
sFlow datagrams) is the parameter you would set in the CLI.
set system sflow drop-monitor-limit 50
-rw-r--r-- | data/templates/sflow/hsflowd.conf.j2 | 3 | ||||
-rw-r--r-- | interface-definitions/system-sflow.xml.in | 12 | ||||
-rwxr-xr-x | smoketest/scripts/cli/test_system_sflow.py | 3 |
3 files changed, 18 insertions, 0 deletions
diff --git a/data/templates/sflow/hsflowd.conf.j2 b/data/templates/sflow/hsflowd.conf.j2 index 7ce6554d7..94f5939be 100644 --- a/data/templates/sflow/hsflowd.conf.j2 +++ b/data/templates/sflow/hsflowd.conf.j2 @@ -25,4 +25,7 @@ sflow { pcap { dev={{ iface }} } {% endfor %} {% endif %} +{% if drop_monitor_limit is vyos_defined %} + dropmon { limit={{ drop_monitor_limit }} start=on sw=on hw=off } +{% endif %} } diff --git a/interface-definitions/system-sflow.xml.in b/interface-definitions/system-sflow.xml.in index a53c99937..335181fe1 100644 --- a/interface-definitions/system-sflow.xml.in +++ b/interface-definitions/system-sflow.xml.in @@ -46,6 +46,18 @@ </constraint> </properties> </leafNode> + <leafNode name="drop-monitor-limit"> + <properties> + <help>Export headers of dropped by kernel packets</help> + <valueHelp> + <format>u32:1-65535</format> + <description>Maximum rate limit of N drops per second send out in the sFlow datagrams</description> + </valueHelp> + <constraint> + <validator name="numeric" argument="--range 1-65535"/> + </constraint> + </properties> + </leafNode> #include <include/generic-interface-multi.xml.i> <leafNode name="polling"> <properties> diff --git a/smoketest/scripts/cli/test_system_sflow.py b/smoketest/scripts/cli/test_system_sflow.py index b593c21e6..f50052d31 100755 --- a/smoketest/scripts/cli/test_system_sflow.py +++ b/smoketest/scripts/cli/test_system_sflow.py @@ -57,6 +57,7 @@ class TestSystemFlowAccounting(VyOSUnitTestSHIM.TestCase): sampling_rate = '128' server = '192.0.2.254' port = '8192' + mon_limit = '50' self.cli_set( ['interfaces', 'dummy', 'dum0', 'address', f'{agent_address}/24']) @@ -72,6 +73,7 @@ class TestSystemFlowAccounting(VyOSUnitTestSHIM.TestCase): self.cli_set(base_path + ['polling', polling]) self.cli_set(base_path + ['sampling-rate', sampling_rate]) self.cli_set(base_path + ['server', server, 'port', port]) + self.cli_set(base_path + ['drop-monitor-limit', mon_limit]) # commit changes self.cli_commit() @@ -84,6 +86,7 @@ class TestSystemFlowAccounting(VyOSUnitTestSHIM.TestCase): self.assertIn(f'agentIP={agent_address}', hsflowd) self.assertIn(f'agent={agent_interface}', hsflowd) self.assertIn(f'collector {{ ip = {server} udpport = {port} }}', hsflowd) + self.assertIn(f'dropmon {{ limit={mon_limit} start=on sw=on hw=off }}', hsflowd) for interface in Section.interfaces('ethernet'): self.assertIn(f'pcap {{ dev={interface} }}', hsflowd) |