Commit Graph

42 Commits

Author SHA1 Message Date
dyoung
c2e43be1c5 Reduces the resources demanded by TCP sessions in TIME_WAIT-state using
methods called Vestigial Time-Wait (VTW) and Maximum Segment Lifetime
Truncation (MSLT).

MSLT and VTW were contributed by Coyote Point Systems, Inc.

Even after a TCP session enters the TIME_WAIT state, its corresponding
socket and protocol control blocks (PCBs) stick around until the TCP
Maximum Segment Lifetime (MSL) expires.  On a host whose workload
necessarily creates and closes down many TCP sockets, the sockets & PCBs
for TCP sessions in TIME_WAIT state amount to many megabytes of dead
weight in RAM.

Maximum Segment Lifetimes Truncation (MSLT) assigns each TCP session to
a class based on the nearness of the peer.  Corresponding to each class
is an MSL, and a session uses the MSL of its class.  The classes are
loopback (local host equals remote host), local (local host and remote
host are on the same link/subnet), and remote (local host and remote
host communicate via one or more gateways).  Classes corresponding to
nearer peers have lower MSLs by default: 2 seconds for loopback, 10
seconds for local, 60 seconds for remote.  Loopback and local sessions
expire more quickly when MSLT is used.

Vestigial Time-Wait (VTW) replaces a TIME_WAIT session's PCB/socket
dead weight with a compact representation of the session, called a
"vestigial PCB".  VTW data structures are designed to be very fast and
memory-efficient: for fast insertion and lookup of vestigial PCBs,
the PCBs are stored in a hash table that is designed to minimize the
number of cacheline visits per lookup/insertion.  The memory both
for vestigial PCBs and for elements of the PCB hashtable come from
fixed-size pools, and linked data structures exploit this to conserve
memory by representing references with a narrow index/offset from the
start of a pool instead of a pointer.  When space for new vestigial PCBs
runs out, VTW makes room by discarding old vestigial PCBs, oldest first.
VTW cooperates with MSLT.

It may help to think of VTW as a "FIN cache" by analogy to the SYN
cache.

A 2.8-GHz Pentium 4 running a test workload that creates TIME_WAIT
sessions as fast as it can is approximately 17% idle when VTW is active
versus 0% idle when VTW is inactive.  It has 103 megabytes more free RAM
when VTW is active (approximately 64k vestigial PCBs are created) than
when it is inactive.
2011-05-03 18:28:44 +00:00
kefren
a58bbf2771 Add -T flag, that shows tags in route output 2010-06-27 06:52:37 +00:00
pooka
bc1cf39b94 Add -h, which makes output of bytes counts "humanized" (e.g. -bih)
(netstat had -h some 15 years ago, but since then it has been just
a fancy way of calling usage())
2010-02-24 11:00:27 +00:00
degroote
2d48ac808c Import pfsync support from OpenBSD 4.2
Pfsync interface exposes change in the pf(4) over a pseudo-interface, and can
be used to synchronise different pf.

This work was part of my 2009 GSoC

No objection on tech-net@
2009-09-14 10:36:48 +00:00
elad
a363352277 Checkin work in progress to make netstat use sysctl rather than kvm(3).
This commit mostly adds code written by Claudio Jeker for OpenBSD to
support sysctl in the interface printing parts (-i, -I, -w). The port has
been ported to NetBSD with tiny adjustments -- of course all bugs etc.
are mine.

Also add and document a -X flag to force sysctl usage. The documentation
notes this flag may be removed at any time and its presence should not be
relied on.

Some misc. comments/#ifdef changes/code snippet moves as well.

Please note that no functionality should change as the routing and
interface printing code is still not fully supported.

Mailing list reference:

    http://mail-index.netbsd.org/tech-userlevel/2009/09/09/msg002604.html
2009-09-13 02:53:17 +00:00
lukem
d5a0caad3b Fix many WARNS=4 issues (-Wshadow -Wcast-qual -Wsign-compare).
Fix probable bug with numeric printing of anon ports when using sysctl.
2009-04-12 16:08:37 +00:00
ad
835572acdb - Define _KERNEL for sys/types.h in unix.c.
- caddr_t -> char * in a couple of places.
2008-02-27 16:36:54 +00:00
elad
5d7aa1a613 Make netstat use sysctl when dumping routing tables/stats.
Heavily based on similar code from Claudio Jeker (at OpenBSD).

While here, fix inet/inet6 sysctl stuff commited previously to
actually work, and some other nits to make netstat more sysctl
friendly.

One step closer to losing setgid kmem on this one...
2006-05-28 16:51:40 +00:00
rpaulo
f6e31a1aa2 Fix carp_stats() prototype location.
Noticed by Iain Hibbert.
2006-05-23 14:31:11 +00:00
liamjfoy
4876c304b1 Integrate Common Address Redundancy Procotol (CARP) from OpenBSD
'pseudo-device	carp'

Thanks to: joerg@ christos@ riz@ and others who tested
Ok: core@
2006-05-18 09:05:49 +00:00
rpaulo
d65009381e Request process information using sysctl(3) and not kvm(3) since bpf(4)
statistics and peers are only available using the former.
2005-09-02 22:23:13 +00:00
rpaulo
66daeed445 Implemented the userland part of the BPF statistics and BPF peers,
net.bpf.stats and net.bpf.peers sysctls respectively. netstat(1) now
has an additional syntax:
	netstat [-s] [-B] [-I Interface]

Only the super user can see a list of BPF peers with the following command:
# netstat -B
Active BPF peers
PID     Int     Recv     Drop     Capt     Flags  Bufsize  Comm
4941    lo0     0        0        0        I--S-  262144   tcpdump
252     ex0     19668    0        5        I-RS-  32768    dhclient

And every user can see the BPF statistics with:
$ netstat -s -B
bpf:
        19669 total packets received
        5 total packets captured
        0 total packets dropped

This idea came from FreeBSD (Christian S.J. Peron) but, currently, they
doen't have a userland utility in the base system to read the sysctls.

Reviewed by: christos@
2005-08-04 19:39:40 +00:00
manu
753bcaf581 IPv4 PIM support, from the submission of Pavlin Radoslavov on tech-net@ 2004-09-04 23:35:43 +00:00
jonathan
85b3ba5bf1 Redo net.inet.* sysctl subtree for fast-ipsec from scratch.
Attach FAST-IPSEC statistics with 64-bit counters to new sysctl MIB.
Rework netstat to show FAST_IPSEC statistics, via sysctl,  for
netstat -p ipsec.

New kernel files:
	sys/netipsec/Makefile		(new file; install *_var.h includes)
	sys/netipsec/ipsec_var.h	(new 64-bit mib counter struct)

Changed kernel files:
	sys/Makefile			(recurse into sys/netipsec/)
	sys/netinet/in.h		(fake IP_PROTO name for fast_ipsec
					sysctl subtree.)
	sys/netipsec/ipsec.h		(minimal userspace inclusion)
	sys/netipsec/ipsec_osdep.h	(minimal userspace inclusion)
	sys/netipsec/ipsec_netbsd.c	(redo sysctl subtree from scratch)
	sys/netipsec/key*.c		(fix broken net.key subtree)

	sys/netipsec/ah_var.h		(increase all counters to 64 bits)
	sys/netipsec/esp_var.h		(increase all counters to 64 bits)
	sys/netipsec/ipip_var.h		(increase all counters to 64 bits)
	sys/netipsec/ipcomp_var.h	(increase all counters to 64 bits)

	sys/netipsec/ipsec.c		(add #include netipsec/ipsec_var.h)
	sys/netipsec/ipsec_mbuf.c	(add #include netipsec/ipsec_var.h)
	sys/netipsec/ipsec_output.c	(add #include netipsec/ipsec_var.h)

	sys/netinet/raw_ip.c		(add #include netipsec/ipsec_var.h)
	sys/netinet/tcp_input.c		(add #include netipsec/ipsec_var.h)
	sys/netinet/udp_usrreq.c	(add #include netipsec/ipsec_var.h)

Changes to usr.bin/netstat to print the new fast-ipsec sysctl tree
for "netstat -s -p ipsec":

New file:
	usr.bin/netstat/fast_ipsec.c	(print fast-ipsec counters)

Changed files:
	usr.bin/netstat/Makefile	(add fast_ipsec.c)
	usr.bin/netstat/netstat.h	(declarations for fast_ipsec.c)
	usr.bin/netstat/main.c		(call KAME-vs-fast-ipsec dispatcher)
2004-05-07 00:55:14 +00:00
agc
89aaa1bb64 Move UCB-licensed code from 4-clause to 3-clause licence.
Patches provided by Joel Baker in PR 22365, verified by myself.
2003-08-07 11:13:06 +00:00
matt
65e5548a17 Add MBUFTRACE kernel option.
Do a little mbuf rework while here.  Change all uses of MGET*(*, M_WAIT, *)
to m_get*(M_WAIT, *).  These are not performance critical and making them
call m_get saves considerable space.  Add m_clget analogue of MCLGET and
make corresponding change for M_WAIT uses.
Modify netinet, gem, fxp, tulip, nfs to support MBUFTRACE.
Begin to change netstat to use sysctl.
2003-02-26 06:31:08 +00:00
thorpej
9abf2fa449 Update for callout changes, and show TCP timers in relative, rather
than absolute ticks.
2003-02-04 01:22:08 +00:00
enami
54a4e901f8 Introduce -q flag to print some information (like number of packets dropped
due to queue full) about software interrupt queues such as ipintrq.
2002-07-03 01:42:59 +00:00
lukem
a3bab9b7d7 clarification of vflag 2002-02-27 03:55:14 +00:00
itojun
c868e666a2 print rip6stat. sync with kame 2001-10-18 09:26:16 +00:00
assar
7aedc79d5e add `-s' that prints port numbers symbolically but addresses numerically 2001-05-28 04:22:55 +00:00
cgd
a8ec668ddf convert to use getprogname() 2001-02-19 23:03:42 +00:00
jhawk
b70721109d Add kernel counters for arp events, displayable with netstat -s -f arp 2000-08-15 20:24:57 +00:00
itojun
5872028b21 more stats. from kame 2000-07-06 12:40:19 +00:00
itojun
9da359bbec revise IPsec, pfkey, IPv6 multicast and IPv6 statistics. (sync with kame) 2000-02-26 09:55:24 +00:00
itojun
033763d6c9 per-interface statistics.
bring in and enable KAME scopeid hack.
lots of cleanups.
(sync with latest KAME)
1999-12-13 15:22:55 +00:00
itojun
22758aaba3 use old WID_{DST,GW} value (field width for netstat -rn) for non-INET6
address families (see tech-net discussion).
1999-11-22 14:13:53 +00:00
is
cef52aa203 Add -L option. netstat -r -L behaves like 4.3BSD netstat -r, that is, it
does not show route table entries pointing to link level addresses (ARP
entries or IPv6 neighbour discovery entries).
1999-09-15 20:12:18 +00:00
itojun
414ee1ddfb make netstat IPv6-ready. 1999-07-01 18:40:35 +00:00
sommerfe
b36297112e fix PR7057: division by zero if no mbufs allocated
fix PR7059 (partial): mbuf cluster counts were based on counters which
are no longer maintained.
(full fix will involve renaming the now-unused fields in mclstat in mbuf.h)
1999-02-27 17:37:24 +00:00
kml
783ac03fcf Added a verbose flag for route display that will show
the various route metrics.
1999-01-15 19:06:25 +00:00
mrg
a112081f50 #ifndef SMALL changes. saves 30k on the sparc 1999-01-11 12:31:53 +00:00
thorpej
66012e9fca Add an option to dump the contents of a PCB at the specified address, and
implement this for TCP.
1998-06-03 02:41:10 +00:00
kml
9433195784 Add support for a '-b' option to provide byte counts in and out,
instead of just packet counts.  On the byte screens, errors and
collisions are not shown, since they are more packet count related.
1998-03-19 02:42:57 +00:00
christos
c3a7122e73 - netatalk additions
- printf format fixes
- minor prototype cleanups
1997-04-03 04:46:44 +00:00
jonathan
f0f7e53290 Add compiled-in MCLBYTES and MSIZE to conf/param.c, as 'mclbytes" and "msize".
Add code to netstat to use libkvm to for kernel variables "mclbytes"
and "msize', and if found, use those for netstat -m rather than
compiled-in defaults.
1997-02-28 00:14:19 +00:00
thorpej
22afdc2c33 Update for the changes to struct ifnet. While I'm here, fix a couple
of long-standing bugs:

	- Actually deal with the fact that the kernel ifnet list is
	  a TAILQ; it just happened to work before.

	- Use kvm_openfiles() instead of kvm_open().  The code passed
	  arguments to kvm_open() as if it were kvm_openfiles(), but
	  apparently went unnoticed since the prototypes are the same.
	  Amusing bit: there were XXX's in the code which seemed to
	  apologize for a verbose libkvm, when it happened to be a
	  bug in netstat!
1996-05-07 02:55:00 +00:00
thorpej
67f6822225 New-style RCS ids. 1995-10-03 21:42:34 +00:00
mycroft
01c15f41a0 Byte-swap correctly. Make some types 64-bit safe. Use INADDR_ANY rather
than an explicit 0.
1995-07-03 03:25:19 +00:00
mycroft
81c2958581 Update to match kernel changes. 1995-06-12 03:03:07 +00:00
mycroft
d3877f2073 Clean up import. 1994-05-13 08:08:09 +00:00
mycroft
6ca69ffc0e Initial revision 1994-05-13 08:06:36 +00:00