Of course, forgot about -i key Thanks one more time. Mikhail Четверг, 8 октября 2015, 11:12 +02:00 от Alfredo Cardigliano <[email protected]>: > >pfcount -i veth1 > >>On 08 Oct 2015, at 11:11, Mikhail Sokolov < [email protected] > wrote: >>I see. >>Many thanks. >> >>Failed to run pfcount >>root@parallels-Parallels-Virtual-Platform:~# ip netns exec GEN pfcount veth1 >>pfring_open error [No such device] (pf_ring not loaded or interface eth0 is >>down ?) >> >>Should I do something prior to run it? >>Mikhail >>>Четверг, 8 октября 2015, 11:03 +02:00 от Alfredo Cardigliano < >>>[email protected] >: >>> >>>Hi Mikhail >>>ok I understand, the reason is that n2disk is configured to capture rx >>>direction only (it is usually *not* >>>used to capture traffic generated by the host it runs on). If you are using >>>n2disk just as sample application >>>to verify packet capture, please use pfcount instead. >>> >>>Alfredo >>>>On 08 Oct 2015, at 10:39, Mikhail Sokolov < [email protected] > wrote: >>>>Here is a listing of staring n2disk >>>> >>>>root@parallels-Parallels-Virtual-Platform:~# ip netns exec NET n2disk -i >>>>veth2 -o /tmp/ >>>>08/Oct/2015 11:38:10 [n2disk_zc.c:4203] WARNING: Invalid license found for >>>>7114BE24760661D8 >>>>08/Oct/2015 11:38:10 [n2disk_zc.c:4204] WARNING: (See /etc/n2disk.license) >>>>[Missing license file] >>>>08/Oct/2015 11:38:10 [n2disk_zc.c:4636] WARNING: >>>>*************************************************** >>>>08/Oct/2015 11:38:10 [n2disk_zc.c:4637] WARNING: ** ** >>>>08/Oct/2015 11:38:10 [n2disk_zc.c:4638] WARNING: ** Switching to DEMO MODE >>>>due to license error ** >>>>08/Oct/2015 11:38:10 [n2disk_zc.c:4639] WARNING: ** ** >>>>08/Oct/2015 11:38:10 [n2disk_zc.c:4640] WARNING: >>>>*************************************************** >>>>08/Oct/2015 11:38:10 [n2disk_zc.c:4641] WARNING: ** Dumping will stop after >>>>5 min ** >>>>08/Oct/2015 11:38:10 [n2disk_zc.c:4643] WARNING: >>>>*************************************************** >>>>08/Oct/2015 11:38:10 [n2disk_zc.c:4647] Welcome to n2disk v.2.3.151007 >>>>(r4458) >>>>08/Oct/2015 11:38:10 [n2disk_zc.c:4673] Running on 1 node(s) system with 1 >>>>core(s). NUMA affinity set to node -1. >>>>08/Oct/2015 11:38:10 [n2disk_zc.c:4747] Using PF_RING for packet capture >>>>08/Oct/2015 11:38:10 [n2disk_zc.c:4862] Dump files max size is set to 100 MB >>>>08/Oct/2015 11:38:10 [n2disk_zc.c:4881] Buffer memory is set to 200 MB (2 >>>>pcap files buffer) >>>>08/Oct/2015 11:38:10 [n2disk_zc.c:4918] Using directory /tmp for dump files >>>>08/Oct/2015 11:38:10 [n2disk_zc.c:4923] No sub-directories will be created >>>>08/Oct/2015 11:38:10 [n2disk_zc.c:4925] Up to 1000 files will be written >>>>before overwriting >>>>08/Oct/2015 11:38:10 [n2disk_zc.c:4950] Dumping data in 0.1 MB chunks >>>>08/Oct/2015 11:38:10 [n2disk_zc.c:5162] Memory allocated successfully >>>>08/Oct/2015 11:38:10 [n2disk_zc.c:3325] Using packet timestamps from pf_ring >>>>08/Oct/2015 11:38:10 [n2disk_zc.c:3364] Using PF_RING v.6.1.1 >>>>08/Oct/2015 11:38:10 [n2disk_zc.c:3374] Dumping traffic statistics on >>>>/proc/net/pf_ring/stats/3324-veth2.13 >>>>08/Oct/2015 11:38:10 [n2disk_zc.c:3383] Started PF_RING packet reader >>>>thread for device veth2 >>>>08/Oct/2015 11:38:10 [n2disk_zc.c:3770] [reader] Packet capture started >>>>08/Oct/2015 11:38:11 [n2disk_zc.c:391] n2disk changed user to n2disk >>>>Mikhail >>>>>Четверг, 8 октября 2015, 11:32 +03:00 от Mikhail Sokolov < [email protected] >>>>>>: >>>>> >>>>>Hi, Alfredo, >>>>>my setup - Ubuntu 12.04 in VM using Parallels Desktop. >>>>>I want to simulate point to point link inside one VM with some delay and >>>>>loss. Delay and loss are simulated using netem kernel module (tc utility >>>>>is used to config it). >>>>>There are 3 namespaces in my config GEN, NET and REC. >>>>>GEN is a source of the traffic. >>>>>NET is a simulation of the network. >>>>>REC is a receiver/responder. >>>>>For now I use ping as a traffic generator, next I want to use iperf. >>>>> >>>>>I'd like to use nprobe (pf_ring) to dump traffic on both ends, at source >>>>>and responder, and send some data to DB via ZeroMQ. Next I want to calc >>>>>some stats based on stored data. >>>>>This is my test env. If it work fine, then I will be using separate VM or >>>>>real machines for sender and receiver, network will be simulated with >>>>>special HW appliance. >>>>> >>>>>To check how pf_ring is working at first I've decided to simply use n2disk. >>>>> >>>>> >>>>>Mikhail >>>>> >>>>>>Четверг, 8 октября 2015, 10:06 +02:00 от Alfredo Cardigliano < >>>>>>[email protected] >: >>>>>> >>>>>>Hi Mikhail >>>>>>please provide more details about your setup, including topology, pf_ring >>>>>>configuration, n2disk command. >>>>>> >>>>>>Thank you >>>>>>Alfredo >>>>>> >>>>>>> On 08 Oct 2015, at 10:01, Mikhail Sokolov < [email protected] > wrote: >>>>>>> >>>>>>> Hi. >>>>>>> I have some issue with using n2disk in the network namespace >>>>>>> environment. >>>>>>> Here is a config I have: >>>>>>> >>>>>>> #!/bin/bash >>>>>>> # add the namespaces >>>>>>> ip netns add GEN >>>>>>> ip netns add NET >>>>>>> ip netns add REC >>>>>>> # create the veth pair >>>>>>> ip link add veth1 type veth peer name veth2 >>>>>>> ip link add veth3 type veth peer name veth4 >>>>>>> # move the interfaces to the namespaces >>>>>>> ip link set veth1 netns GEN >>>>>>> ip link set veth2 netns NET >>>>>>> ip link set veth3 netns NET >>>>>>> ip link set veth4 netns REC >>>>>>> # bring up the links >>>>>>> ip netns exec GEN ip link set dev veth1 up >>>>>>> ip netns exec NET ip link set dev veth2 up >>>>>>> ip netns exec NET ip link set dev veth3 up >>>>>>> ip netns exec REC ip link set dev veth4 up >>>>>>> # now assign the ip addresses >>>>>>> ip netns exec GEN ip addr add 20.0.0.1/24 dev veth1 >>>>>>> ip netns exec REC ip addr add 20.0.0.2/24 dev veth4 >>>>>>> # create the bridge >>>>>>> ip netns exec NET brctl addbr br-test >>>>>>> ip netns exec NET brctl stp br-test off >>>>>>> ip netns exec NET ip link set dev br-test up >>>>>>> # add int to bridge >>>>>>> ip netns exec NET brctl addif br-test veth2 >>>>>>> ip netns exec NET brctl addif br-test veth3 >>>>>>> # simulate delay >>>>>>> ip netns exec NET tc qdisc add dev veth2 root netem delay 1000ms >>>>>>> >>>>>>> ping works fine and I see expected delay >>>>>>> >>>>>>> root@parallels-Parallels-Virtual-Platform:~# ip netns exec GEN ping -c >>>>>>> 5 20.0.0.2 >>>>>>> PING 20.0.0.2 (20.0.0.2) 56(84) bytes of data. >>>>>>> 64 bytes from 20.0.0.2: icmp_req=1 ttl=64 time=1000 ms >>>>>>> 64 bytes from 20.0.0.2: icmp_req=2 ttl=64 time=1000 ms >>>>>>> 64 bytes from 20.0.0.2: icmp_req=3 ttl=64 time=1000 ms >>>>>>> 64 bytes from 20.0.0.2: icmp_req=4 ttl=64 time=1000 ms >>>>>>> 64 bytes from 20.0.0.2: icmp_req=5 ttl=64 time=1000 ms >>>>>>> >>>>>>> --- 20.0.0.2 ping statistics --- >>>>>>> 5 packets transmitted, 5 received, 0% packet loss, time 4000ms >>>>>>> rtt min/avg/max/mdev = 1000.048/1000.056/1000.067/1.095 ms >>>>>>> >>>>>>> tshark (sniffer) also shows delay >>>>>>> >>>>>>> root@parallels-Parallels-Virtual-Platform:~# ip netns exec GEN tshark >>>>>>> -i veth1tshark: Lua: Error during loading: >>>>>>> [string "/usr/share/wireshark/init.lua"]:45: dofile has been disabled >>>>>>> Running as user "root" and group "root". This could be dangerous. >>>>>>> Capturing on veth1 >>>>>>> 0.000000 20.0.0.1 -> 20.0.0.2 ICMP 98 Echo (ping) request id=0x0c10, >>>>>>> seq=1/256, ttl=64 >>>>>>> 1.000092 20.0.0.2 -> 20.0.0.1 ICMP 98 Echo (ping) reply id=0x0c10, >>>>>>> seq=1/256, ttl=64 >>>>>>> 1.000242 20.0.0.1 -> 20.0.0.2 ICMP 98 Echo (ping) request id=0x0c10, >>>>>>> seq=2/512, ttl=64 >>>>>>> 2.000299 20.0.0.2 -> 20.0.0.1 ICMP 98 Echo (ping) reply id=0x0c10, >>>>>>> seq=2/512, ttl=64 >>>>>>> 2.000375 20.0.0.1 -> 20.0.0.2 ICMP 98 Echo (ping) request id=0x0c10, >>>>>>> seq=3/768, ttl=64 >>>>>>> 3.000436 20.0.0.2 -> 20.0.0.1 ICMP 98 Echo (ping) reply id=0x0c10, >>>>>>> seq=3/768, ttl=64 >>>>>>> 3.000538 20.0.0.1 -> 20.0.0.2 ICMP 98 Echo (ping) request id=0x0c10, >>>>>>> seq=4/1024, ttl=64 >>>>>>> 4.000586 20.0.0.2 -> 20.0.0.1 ICMP 98 Echo (ping) reply id=0x0c10, >>>>>>> seq=4/1024, ttl=64 >>>>>>> 4.000685 20.0.0.1 -> 20.0.0.2 ICMP 98 Echo (ping) request id=0x0c10, >>>>>>> seq=5/1280, ttl=64 >>>>>>> 5.000727 20.0.0.2 -> 20.0.0.1 ICMP 98 Echo (ping) reply id=0x0c10, >>>>>>> seq=5/1280, ttl=64 >>>>>>> >>>>>>> But if I dump packets to disk using n2disk (ip netns exec GEN n2disk -i >>>>>>> veth1 -o /tmp) I see packets only in one direction - ICMP replies. >>>>>>> >>>>>>> Is there any caveats with using n2disk (pf_ring) in virtualized >>>>>>> environment? >>>>>>> >>>>>>> Thanks. >>>>>>> >>>>>>> >>>>>>> Mikhail >>>>>>> _______________________________________________ >>>>>>> Ntop-misc mailing list >>>>>>> [email protected] >>>>>>> http://listgateway.unipi.it/mailman/listinfo/ntop-misc >>>>>> >>>>> >>>>>_______________________________________________ >>>>>Ntop-misc mailing list >>>>>[email protected] >>>>>http://listgateway.unipi.it/mailman/listinfo/ntop-misc
_______________________________________________ Ntop-misc mailing list [email protected] http://listgateway.unipi.it/mailman/listinfo/ntop-misc
