pfcount -i veth1
> On 08 Oct 2015, at 11:11, Mikhail Sokolov <[email protected]> wrote: > > I see. > Many thanks. > > Failed to run pfcount > root@parallels-Parallels-Virtual-Platform:~# ip netns exec GEN pfcount veth1 > pfring_open error [No such device] (pf_ring not loaded or interface eth0 is > down ?) > > Should I do something prior to run it? > > > Mikhail > Четверг, 8 октября 2015, 11:03 +02:00 от Alfredo Cardigliano > <[email protected]>: > > Hi Mikhail > ok I understand, the reason is that n2disk is configured to capture rx > direction only (it is usually *not* > used to capture traffic generated by the host it runs on). If you are using > n2disk just as sample application > to verify packet capture, please use pfcount instead. > > Alfredo > >> On 08 Oct 2015, at 10:39, Mikhail Sokolov <[email protected] >> <x-msg://e.mail.ru/compose/?mailto=mailto%[email protected]>> wrote: >> >> Here is a listing of staring n2disk >> >> root@parallels-Parallels-Virtual-Platform:~# ip netns exec NET n2disk -i >> veth2 -o /tmp/ >> 08/Oct/2015 11:38:10 [n2disk_zc.c:4203] WARNING: Invalid license found for >> 7114BE24760661D8 >> 08/Oct/2015 11:38:10 [n2disk_zc.c:4204] WARNING: (See /etc/n2disk.license) >> [Missing license file] >> 08/Oct/2015 11:38:10 [n2disk_zc.c:4636] WARNING: >> *************************************************** >> 08/Oct/2015 11:38:10 [n2disk_zc.c:4637] WARNING: ** ** >> 08/Oct/2015 11:38:10 [n2disk_zc.c:4638] WARNING: ** Switching to DEMO MODE >> due to license error ** >> 08/Oct/2015 11:38:10 [n2disk_zc.c:4639] WARNING: ** ** >> 08/Oct/2015 11:38:10 [n2disk_zc.c:4640] WARNING: >> *************************************************** >> 08/Oct/2015 11:38:10 [n2disk_zc.c:4641] WARNING: ** Dumping will stop after >> 5 min ** >> 08/Oct/2015 11:38:10 [n2disk_zc.c:4643] WARNING: >> *************************************************** >> 08/Oct/2015 11:38:10 [n2disk_zc.c:4647] Welcome to n2disk v.2.3.151007 >> (r4458) >> 08/Oct/2015 11:38:10 [n2disk_zc.c:4673] Running on 1 node(s) system with 1 >> core(s). NUMA affinity set to node -1. >> 08/Oct/2015 11:38:10 [n2disk_zc.c:4747] Using PF_RING for packet capture >> 08/Oct/2015 11:38:10 [n2disk_zc.c:4862] Dump files max size is set to 100 MB >> 08/Oct/2015 11:38:10 [n2disk_zc.c:4881] Buffer memory is set to 200 MB (2 >> pcap files buffer) >> 08/Oct/2015 11:38:10 [n2disk_zc.c:4918] Using directory /tmp for dump files >> 08/Oct/2015 11:38:10 [n2disk_zc.c:4923] No sub-directories will be created >> 08/Oct/2015 11:38:10 [n2disk_zc.c:4925] Up to 1000 files will be written >> before overwriting >> 08/Oct/2015 11:38:10 [n2disk_zc.c:4950] Dumping data in 0.1 MB chunks >> 08/Oct/2015 11:38:10 [n2disk_zc.c:5162] Memory allocated successfully >> 08/Oct/2015 11:38:10 [n2disk_zc.c:3325] Using packet timestamps from pf_ring >> 08/Oct/2015 11:38:10 [n2disk_zc.c:3364] Using PF_RING v.6.1.1 >> 08/Oct/2015 11:38:10 [n2disk_zc.c:3374] Dumping traffic statistics on >> /proc/net/pf_ring/stats/3324-veth2.13 >> 08/Oct/2015 11:38:10 [n2disk_zc.c:3383] Started PF_RING packet reader thread >> for device veth2 >> 08/Oct/2015 11:38:10 [n2disk_zc.c:3770] [reader] Packet capture started >> 08/Oct/2015 11:38:11 [n2disk_zc.c:391] n2disk changed user to n2disk >> >> >> Mikhail >> Четверг, 8 октября 2015, 11:32 +03:00 от Mikhail Sokolov <[email protected] >> <x-msg://e.mail.ru/compose/?mailto=mailto%[email protected]>>: >> >> Hi, Alfredo, >> my setup - Ubuntu 12.04 in VM using Parallels Desktop. >> I want to simulate point to point link inside one VM with some delay and >> loss. Delay and loss are simulated using netem kernel module (tc utility is >> used to config it). >> There are 3 namespaces in my config GEN, NET and REC. >> GEN is a source of the traffic. >> NET is a simulation of the network. >> REC is a receiver/responder. >> For now I use ping as a traffic generator, next I want to use iperf. >> >> I'd like to use nprobe (pf_ring) to dump traffic on both ends, at source and >> responder, and send some data to DB via ZeroMQ. Next I want to calc some >> stats based on stored data. >> This is my test env. If it work fine, then I will be using separate VM or >> real machines for sender and receiver, network will be simulated with >> special HW appliance. >> >> To check how pf_ring is working at first I've decided to simply use n2disk. >> >> >> Mikhail >> >> Четверг, 8 октября 2015, 10:06 +02:00 от Alfredo Cardigliano >> <[email protected] <>>: >> >> Hi Mikhail >> please provide more details about your setup, including topology, pf_ring >> configuration, n2disk command. >> >> Thank you >> Alfredo >> >> > On 08 Oct 2015, at 10:01, Mikhail Sokolov <[email protected] <>> wrote: >> > >> > Hi. >> > I have some issue with using n2disk in the network namespace environment. >> > Here is a config I have: >> > >> > #!/bin/bash >> > # add the namespaces >> > ip netns add GEN >> > ip netns add NET >> > ip netns add REC >> > # create the veth pair >> > ip link add veth1 type veth peer name veth2 >> > ip link add veth3 type veth peer name veth4 >> > # move the interfaces to the namespaces >> > ip link set veth1 netns GEN >> > ip link set veth2 netns NET >> > ip link set veth3 netns NET >> > ip link set veth4 netns REC >> > # bring up the links >> > ip netns exec GEN ip link set dev veth1 up >> > ip netns exec NET ip link set dev veth2 up >> > ip netns exec NET ip link set dev veth3 up >> > ip netns exec REC ip link set dev veth4 up >> > # now assign the ip addresses >> > ip netns exec GEN ip addr add 20.0.0.1/24 dev veth1 >> > ip netns exec REC ip addr add 20.0.0.2/24 dev veth4 >> > # create the bridge >> > ip netns exec NET brctl addbr br-test >> > ip netns exec NET brctl stp br-test off >> > ip netns exec NET ip link set dev br-test up >> > # add int to bridge >> > ip netns exec NET brctl addif br-test veth2 >> > ip netns exec NET brctl addif br-test veth3 >> > # simulate delay >> > ip netns exec NET tc qdisc add dev veth2 root netem delay 1000ms >> > >> > ping works fine and I see expected delay >> > >> > root@parallels-Parallels-Virtual-Platform:~# ip netns exec GEN ping -c 5 >> > 20.0.0.2 >> > PING 20.0.0.2 (20.0.0.2) 56(84) bytes of data. >> > 64 bytes from 20.0.0.2: icmp_req=1 ttl=64 time=1000 ms >> > 64 bytes from 20.0.0.2: icmp_req=2 ttl=64 time=1000 ms >> > 64 bytes from 20.0.0.2: icmp_req=3 ttl=64 time=1000 ms >> > 64 bytes from 20.0.0.2: icmp_req=4 ttl=64 time=1000 ms >> > 64 bytes from 20.0.0.2: icmp_req=5 ttl=64 time=1000 ms >> > >> > --- 20.0.0.2 ping statistics --- >> > 5 packets transmitted, 5 received, 0% packet loss, time 4000ms >> > rtt min/avg/max/mdev = 1000.048/1000.056/1000.067/1.095 ms >> > >> > tshark (sniffer) also shows delay >> > >> > root@parallels-Parallels-Virtual-Platform:~# ip netns exec GEN tshark -i >> > veth1tshark: Lua: Error during loading: >> > [string "/usr/share/wireshark/init.lua"]:45: dofile has been disabled >> > Running as user "root" and group "root". This could be dangerous. >> > Capturing on veth1 >> > 0.000000 20.0.0.1 -> 20.0.0.2 ICMP 98 Echo (ping) request id=0x0c10, >> > seq=1/256, ttl=64 >> > 1.000092 20.0.0.2 -> 20.0.0.1 ICMP 98 Echo (ping) reply id=0x0c10, >> > seq=1/256, ttl=64 >> > 1.000242 20.0.0.1 -> 20.0.0.2 ICMP 98 Echo (ping) request id=0x0c10, >> > seq=2/512, ttl=64 >> > 2.000299 20.0.0.2 -> 20.0.0.1 ICMP 98 Echo (ping) reply id=0x0c10, >> > seq=2/512, ttl=64 >> > 2.000375 20.0.0.1 -> 20.0.0.2 ICMP 98 Echo (ping) request id=0x0c10, >> > seq=3/768, ttl=64 >> > 3.000436 20.0.0.2 -> 20.0.0.1 ICMP 98 Echo (ping) reply id=0x0c10, >> > seq=3/768, ttl=64 >> > 3.000538 20.0.0.1 -> 20.0.0.2 ICMP 98 Echo (ping) request id=0x0c10, >> > seq=4/1024, ttl=64 >> > 4.000586 20.0.0.2 -> 20.0.0.1 ICMP 98 Echo (ping) reply id=0x0c10, >> > seq=4/1024, ttl=64 >> > 4.000685 20.0.0.1 -> 20.0.0.2 ICMP 98 Echo (ping) request id=0x0c10, >> > seq=5/1280, ttl=64 >> > 5.000727 20.0.0.2 -> 20.0.0.1 ICMP 98 Echo (ping) reply id=0x0c10, >> > seq=5/1280, ttl=64 >> > >> > But if I dump packets to disk using n2disk (ip netns exec GEN n2disk -i >> > veth1 -o /tmp) I see packets only in one direction - ICMP replies. >> > >> > Is there any caveats with using n2disk (pf_ring) in virtualized >> > environment? >> > >> > Thanks. >> > >> > >> > Mikhail >> > _______________________________________________ >> > Ntop-misc mailing list >> > [email protected] <> >> > http://listgateway.unipi.it/mailman/listinfo/ntop-misc >> > <http://listgateway.unipi.it/mailman/listinfo/ntop-misc> >> >> >> _______________________________________________ >> Ntop-misc mailing list >> [email protected] <> >> http://listgateway.unipi.it/mailman/listinfo/ntop-misc >> <http://listgateway.unipi.it/mailman/listinfo/ntop-misc>
_______________________________________________ Ntop-misc mailing list [email protected] http://listgateway.unipi.it/mailman/listinfo/ntop-misc
