|
Hello,
On Wed, 31 May 2017, Qiu Yu wrote:
> Hi,
>
> I'm wondering what is the best way to see / check / collect number of
> packets dropped by IPVS. There're several scenarios, I can think of, when
> packet drop can happen:
>
> - established connection + destination not available + expire_nodest_conn
> disabled
> - drop_packet defense being triggered
>
> Either case IPVS is returning NF_DROP verdict to Netfilter framework. But
> no metrics is being collected by IPVS. I'm wondering what is the best
> approach to gain some visibility to how many packets being dropped by IPVS
> (either for troubleshooting or monitoring purpose).
>
> Has anyone done this before? Any feedback is appreciated.
I'm not aware of any existing solutions. May be based on
other examples in kernel we can add per-CPU mib structure
in our struct netns_ipvs, shown in new file /proc/net/ip_vs_snmp ?
grep -r SNMP include/net/ net/
Regards
--
Julian Anastasov <ja@xxxxxx>
_______________________________________________
Please read the documentation before posting - it's available at:
http://www.linuxvirtualserver.org/
LinuxVirtualServer.org mailing list - lvs-users@xxxxxxxxxxxxxxxxxxxxxx
Send requests to lvs-users-request@xxxxxxxxxxxxxxxxxxxxxx
or go to http://lists.graemef.net/mailman/listinfo/lvs-users
|
