Skip to content
Projects
Groups
Snippets
Help
Loading...
Help
Support
Keyboard shortcuts
?
Submit feedback
Contribute to GitLab
Sign in / Register
Toggle navigation
B
bcc
Project overview
Project overview
Details
Activity
Releases
Repository
Repository
Files
Commits
Branches
Tags
Contributors
Graph
Compare
Issues
0
Issues
0
List
Boards
Labels
Milestones
Merge Requests
0
Merge Requests
0
Analytics
Analytics
Repository
Value Stream
Wiki
Wiki
Snippets
Snippets
Members
Members
Collapse sidebar
Close sidebar
Activity
Graph
Create a new issue
Commits
Issue Boards
Open sidebar
Kirill Smelkov
bcc
Commits
db1abcaf
Commit
db1abcaf
authored
Jan 19, 2018
by
Brendan Gregg
Committed by
GitHub
Jan 19, 2018
Browse files
Options
Browse Files
Download
Plain Diff
Merge pull request #1538 from dpayne/master
Adding minimum latency filter to tcpconnlat
parents
f1bb6eaf
40cf3a3b
Changes
3
Show whitespace changes
Inline
Side-by-side
Showing
3 changed files
with
68 additions
and
10 deletions
+68
-10
man/man8/tcpconnlat.8
man/man8/tcpconnlat.8
+20
-6
tools/tcpconnlat.py
tools/tcpconnlat.py
+41
-3
tools/tcpconnlat_example.txt
tools/tcpconnlat_example.txt
+7
-1
No files found.
man/man8/tcpconnlat.8
View file @
db1abcaf
.TH tcpconn
ec
t 8 "2016-02-19" "USER COMMANDS"
.TH tcpconn
la
t 8 "2016-02-19" "USER COMMANDS"
.SH NAME
.SH NAME
tcpconn
ec
t \- Trace TCP active connection latency. Uses Linux eBPF/bcc.
tcpconn
la
t \- Trace TCP active connection latency. Uses Linux eBPF/bcc.
.SH SYNOPSIS
.SH SYNOPSIS
.B tcpconn
ect [\-h] [\-t] [\-p PID
]
.B tcpconn
lat [\-h] [\-t] [\-p PID] [-v] [min_ms
]
.SH DESCRIPTION
.SH DESCRIPTION
This tool traces active TCP connections
This tool traces active TCP connections
(eg, via a connect() syscall), and shows the latency (time) for the connection
(eg, via a connect() syscall), and shows the latency (time) for the connection
...
@@ -30,19 +30,33 @@ Include a timestamp column.
...
@@ -30,19 +30,33 @@ Include a timestamp column.
.TP
.TP
\-p PID
\-p PID
Trace this process ID only (filtered in-kernel).
Trace this process ID only (filtered in-kernel).
.TP
\-v
Print the resulting BPF program, for debugging purposes.
.TP
min_ms
Minimum duration to trace, in milliseconds.
.SH EXAMPLES
.SH EXAMPLES
.TP
.TP
Trace all active TCP connections, and show connection latency (SYN->response round trip):
Trace all active TCP connections, and show connection latency (SYN->response round trip):
#
#
.B tcpconn
ec
t
.B tcpconn
la
t
.TP
.TP
Include timestamps:
Include timestamps:
#
#
.B tcpconn
ec
t \-t
.B tcpconn
la
t \-t
.TP
.TP
Trace PID 181 only:
Trace PID 181 only:
#
#
.B tcpconnect \-p 181
.B tcpconnlat \-p 181
.TP
Trace connects with latency longer than 10 ms:
#
.B tcpconnlat 10
.TP
Print the BPF program:
#
.B tcpconnlat \-v
.SH FIELDS
.SH FIELDS
.TP
.TP
TIME(s)
TIME(s)
...
...
tools/tcpconnlat.py
View file @
db1abcaf
...
@@ -21,9 +21,22 @@ from struct import pack
...
@@ -21,9 +21,22 @@ from struct import pack
import
argparse
import
argparse
import
ctypes
as
ct
import
ctypes
as
ct
# arg validation
def
positive_float
(
val
):
try
:
ival
=
float
(
val
)
except
ValueError
:
raise
argparse
.
ArgumentTypeError
(
"must be a float"
)
if
ival
<
0
:
raise
argparse
.
ArgumentTypeError
(
"must be positive"
)
return
ival
# arguments
# arguments
examples
=
"""examples:
examples
=
"""examples:
./tcpconnlat # trace all TCP connect()s
./tcpconnlat # trace all TCP connect()s
./tcpconnlat 1 # trace connection latency slower than 1 ms
./tcpconnlat 0.1 # trace connection latency slower than 100 us
./tcpconnlat -t # include timestamps
./tcpconnlat -t # include timestamps
./tcpconnlat -p 181 # only trace PID 181
./tcpconnlat -p 181 # only trace PID 181
"""
"""
...
@@ -35,7 +48,19 @@ parser.add_argument("-t", "--timestamp", action="store_true",
...
@@ -35,7 +48,19 @@ parser.add_argument("-t", "--timestamp", action="store_true",
help
=
"include timestamp on output"
)
help
=
"include timestamp on output"
)
parser
.
add_argument
(
"-p"
,
"--pid"
,
parser
.
add_argument
(
"-p"
,
"--pid"
,
help
=
"trace this PID only"
)
help
=
"trace this PID only"
)
parser
.
add_argument
(
"duration_ms"
,
nargs
=
"?"
,
default
=
0
,
type
=
positive_float
,
help
=
"minimum duration to trace (ms)"
)
parser
.
add_argument
(
"-v"
,
"--verbose"
,
action
=
"store_true"
,
help
=
"print the BPF program for debugging purposes"
)
args
=
parser
.
parse_args
()
args
=
parser
.
parse_args
()
if
args
.
duration_ms
:
# support fractions but round to nearest microsecond
duration_us
=
int
(
args
.
duration_ms
*
1000
)
else
:
duration_us
=
0
# default is show all
debug
=
0
debug
=
0
# define BPF program
# define BPF program
...
@@ -104,9 +129,18 @@ int trace_tcp_rcv_state_process(struct pt_regs *ctx, struct sock *skp)
...
@@ -104,9 +129,18 @@ int trace_tcp_rcv_state_process(struct pt_regs *ctx, struct sock *skp)
if (infop == 0) {
if (infop == 0) {
return 0; // missed entry or filtered
return 0; // missed entry or filtered
}
}
u64 ts = infop->ts;
u64 ts = infop->ts;
u64 now = bpf_ktime_get_ns();
u64 now = bpf_ktime_get_ns();
u64 delta_us = (now - ts) / 1000ul;
#ifdef MIN_LATENCY
if ( delta_us < DURATION_US ) {
return 0; // connect latency is below latency filter minimum
}
#endif
// pull in details
// pull in details
u16 family = 0, dport = 0;
u16 family = 0, dport = 0;
family = skp->__sk_common.skc_family;
family = skp->__sk_common.skc_family;
...
@@ -119,7 +153,7 @@ int trace_tcp_rcv_state_process(struct pt_regs *ctx, struct sock *skp)
...
@@ -119,7 +153,7 @@ int trace_tcp_rcv_state_process(struct pt_regs *ctx, struct sock *skp)
data4.saddr = skp->__sk_common.skc_rcv_saddr;
data4.saddr = skp->__sk_common.skc_rcv_saddr;
data4.daddr = skp->__sk_common.skc_daddr;
data4.daddr = skp->__sk_common.skc_daddr;
data4.dport = ntohs(dport);
data4.dport = ntohs(dport);
data4.delta_us =
(now - ts) / 1000
;
data4.delta_us =
delta_us
;
__builtin_memcpy(&data4.task, infop->task, sizeof(data4.task));
__builtin_memcpy(&data4.task, infop->task, sizeof(data4.task));
ipv4_events.perf_submit(ctx, &data4, sizeof(data4));
ipv4_events.perf_submit(ctx, &data4, sizeof(data4));
...
@@ -131,7 +165,7 @@ int trace_tcp_rcv_state_process(struct pt_regs *ctx, struct sock *skp)
...
@@ -131,7 +165,7 @@ int trace_tcp_rcv_state_process(struct pt_regs *ctx, struct sock *skp)
bpf_probe_read(&data6.daddr, sizeof(data6.daddr),
bpf_probe_read(&data6.daddr, sizeof(data6.daddr),
skp->__sk_common.skc_v6_daddr.in6_u.u6_addr32);
skp->__sk_common.skc_v6_daddr.in6_u.u6_addr32);
data6.dport = ntohs(dport);
data6.dport = ntohs(dport);
data6.delta_us =
(now - ts) / 1000
;
data6.delta_us =
delta_us
;
__builtin_memcpy(&data6.task, infop->task, sizeof(data6.task));
__builtin_memcpy(&data6.task, infop->task, sizeof(data6.task));
ipv6_events.perf_submit(ctx, &data6, sizeof(data6));
ipv6_events.perf_submit(ctx, &data6, sizeof(data6));
}
}
...
@@ -142,13 +176,17 @@ int trace_tcp_rcv_state_process(struct pt_regs *ctx, struct sock *skp)
...
@@ -142,13 +176,17 @@ int trace_tcp_rcv_state_process(struct pt_regs *ctx, struct sock *skp)
}
}
"""
"""
if
duration_us
>
0
:
bpf_text
=
"#define MIN_LATENCY
\
n
"
+
bpf_text
bpf_text
=
bpf_text
.
replace
(
'DURATION_US'
,
str
(
duration_us
))
# code substitutions
# code substitutions
if
args
.
pid
:
if
args
.
pid
:
bpf_text
=
bpf_text
.
replace
(
'FILTER'
,
bpf_text
=
bpf_text
.
replace
(
'FILTER'
,
'if (pid != %s) { return 0; }'
%
args
.
pid
)
'if (pid != %s) { return 0; }'
%
args
.
pid
)
else
:
else
:
bpf_text
=
bpf_text
.
replace
(
'FILTER'
,
''
)
bpf_text
=
bpf_text
.
replace
(
'FILTER'
,
''
)
if
debug
:
if
debug
or
args
.
verbose
:
print
(
bpf_text
)
print
(
bpf_text
)
# initialize BPF
# initialize BPF
...
...
tools/tcpconnlat_example.txt
View file @
db1abcaf
...
@@ -34,10 +34,13 @@ if the response is a RST (port closed).
...
@@ -34,10 +34,13 @@ if the response is a RST (port closed).
USAGE message:
USAGE message:
# ./tcpconnlat -h
# ./tcpconnlat -h
usage: tcpconnlat [-h] [-t] [-p PID]
usage: tcpconnlat [-h] [-t] [-p PID]
[min_ms]
Trace TCP connects and show connection latency
Trace TCP connects and show connection latency
positional arguments:
min_ms minimum duration to trace, in ms (default 0)
optional arguments:
optional arguments:
-h, --help show this help message and exit
-h, --help show this help message and exit
-t, --timestamp include timestamp on output
-t, --timestamp include timestamp on output
...
@@ -47,3 +50,6 @@ examples:
...
@@ -47,3 +50,6 @@ examples:
./tcpconnlat # trace all TCP connect()s
./tcpconnlat # trace all TCP connect()s
./tcpconnlat -t # include timestamps
./tcpconnlat -t # include timestamps
./tcpconnlat -p 181 # only trace PID 181
./tcpconnlat -p 181 # only trace PID 181
./tcpconnlat 1 # only show connects longer than 1 ms
./tcpconnlat 0.1 # only show connects longer than 100 us
./tcpconnlat -v # Show the BPF program
Write
Preview
Markdown
is supported
0%
Try again
or
attach a new file
Attach a file
Cancel
You are about to add
0
people
to the discussion. Proceed with caution.
Finish editing this message first!
Cancel
Please
register
or
sign in
to comment