On Wed, Jul 12, 2017 at 6:37 AM, Neil Horman <nhor...@tuxdriver.com> wrote: > On Wed, Jul 12, 2017 at 06:40:49PM +0800, martinbj2...@gmail.com wrote: >> The dropwatch is a very useful tool to diagnose network problem, >> which give us greate help. >> Dropwatch could not work under container(net namespace). >> It is a pitty, so let it support net ns. >> > Sorry, Im having a hard time wrapping my head around this. Why exactly is it > that dropwatch won't work in a namespaced environment? IIRC, the kfree > tracepoints are namespace agnostic, and so running dropwatch anywhere should > result in seeing drops in all namespaces. I grant that perhaps it would be > nice > to filter on a namespace, but it should all 'just work' for some definition of > the term, no?
Agreed. And I doubt Martin's implementation which uses skb->sk to retrieve net works for RX packets, since skb->sk is set very late (except with early demux) on RX side but we can drop them at anytime...
