From 01461878cdf93c9dff6ec80e05aa8f172daae557 Mon Sep 17 00:00:00 2001 From: bluhm Date: Wed, 20 Jul 2016 19:57:53 +0000 Subject: [PATCH] To tune the TCP SYN cache we need more information. Print the relevant counters with netstat -s -p tcp. OK henning@ --- sys/netinet/tcp_usrreq.c | 20 +++++++++++++++++++- sys/netinet/tcp_var.h | 9 ++++++++- usr.bin/netstat/inet.c | 28 ++++++++++++++++++++++------ usr.bin/netstat/main.c | 8 +++++++- usr.bin/netstat/netstat.h | 3 ++- 5 files changed, 58 insertions(+), 10 deletions(-) diff --git a/sys/netinet/tcp_usrreq.c b/sys/netinet/tcp_usrreq.c index 79e16cf1737..9fbcecf3f42 100644 --- a/sys/netinet/tcp_usrreq.c +++ b/sys/netinet/tcp_usrreq.c @@ -1,4 +1,4 @@ -/* $OpenBSD: tcp_usrreq.c,v 1.133 2016/07/20 09:15:28 bluhm Exp $ */ +/* $OpenBSD: tcp_usrreq.c,v 1.134 2016/07/20 19:57:53 bluhm Exp $ */ /* $NetBSD: tcp_usrreq.c,v 1.20 1996/02/13 23:44:16 christos Exp $ */ /* @@ -936,6 +936,24 @@ tcp_sysctl(name, namelen, oldp, oldlenp, newp, newlen) case TCPCTL_STATS: if (newp != NULL) return (EPERM); + { + struct syn_cache_set *set; + int i; + + set = &tcp_syn_cache[tcp_syn_cache_active]; + tcpstat.tcps_sc_hash_size = set->scs_size; + tcpstat.tcps_sc_entry_count = set->scs_count; + tcpstat.tcps_sc_entry_limit = tcp_syn_cache_limit; + tcpstat.tcps_sc_bucket_maxlen = 0; + for (i = 0; i < set->scs_size; i++) { + if (tcpstat.tcps_sc_bucket_maxlen < + set->scs_buckethead[i].sch_length) + tcpstat.tcps_sc_bucket_maxlen = + set->scs_buckethead[i].sch_length; + } + tcpstat.tcps_sc_bucket_limit = tcp_syn_bucket_limit; + tcpstat.tcps_sc_uses_left = set->scs_use; + } return (sysctl_struct(oldp, oldlenp, newp, newlen, &tcpstat, sizeof(tcpstat))); diff --git a/sys/netinet/tcp_var.h b/sys/netinet/tcp_var.h index 22619571321..ebf72fade0c 100644 --- a/sys/netinet/tcp_var.h +++ b/sys/netinet/tcp_var.h @@ -1,4 +1,4 @@ -/* $OpenBSD: tcp_var.h,v 1.114 2016/07/20 09:15:28 bluhm Exp $ */ +/* $OpenBSD: tcp_var.h,v 1.115 2016/07/20 19:57:53 bluhm Exp $ */ /* $NetBSD: tcp_var.h,v 1.17 1996/02/13 23:44:24 christos Exp $ */ /* @@ -454,6 +454,12 @@ struct tcpstat { u_int64_t tcps_sc_collisions; /* # of hash collisions */ u_int64_t tcps_sc_retransmitted;/* # of retransmissions */ u_int64_t tcps_sc_seedrandom; /* # of syn cache seeds with random */ + u_int64_t tcps_sc_hash_size; /* hash buckets in current syn cache */ + u_int64_t tcps_sc_entry_count; /* # of entries in current syn cache */ + u_int64_t tcps_sc_entry_limit; /* limit of syn cache entries */ + u_int64_t tcps_sc_bucket_maxlen;/* maximum # of entries in any bucket */ + u_int64_t tcps_sc_bucket_limit; /* limit of syn cache bucket list */ + u_int64_t tcps_sc_uses_left; /* use counter of current syn cache */ u_int64_t tcps_conndrained; /* # of connections drained */ @@ -584,6 +590,7 @@ extern int tcp_syn_cache_limit; /* max entries for compressed state engine */ extern int tcp_syn_bucket_limit;/* max entries per hash bucket */ extern int tcp_syn_use_limit; /* number of uses before reseeding hash */ extern struct syn_cache_set tcp_syn_cache[]; +extern int tcp_syn_cache_active; /* active syn cache, may be 0 or 1 */ int tcp_attach(struct socket *); void tcp_canceltimers(struct tcpcb *); diff --git a/usr.bin/netstat/inet.c b/usr.bin/netstat/inet.c index e9cf485c7f6..e59bc3ab7b3 100644 --- a/usr.bin/netstat/inet.c +++ b/usr.bin/netstat/inet.c @@ -1,4 +1,4 @@ -/* $OpenBSD: inet.c,v 1.146 2016/04/26 22:24:10 bluhm Exp $ */ +/* $OpenBSD: inet.c,v 1.147 2016/07/20 19:57:54 bluhm Exp $ */ /* $NetBSD: inet.c,v 1.14 1995/10/03 21:42:37 thorpej Exp $ */ /* @@ -367,8 +367,14 @@ tcp_stats(char *name) printf(m, tcpstat.f1, plural(tcpstat.f1), tcpstat.f2, plural(tcpstat.f2)) #define p2a(f1, f2, m) if (tcpstat.f1 || tcpstat.f2 || sflag <= 1) \ printf(m, tcpstat.f1, plural(tcpstat.f1), tcpstat.f2) -#define p3(f, m) if (tcpstat.f || sflag <= 1) \ +#define p2b(f1, f2, m) if (tcpstat.f1 || sflag <= 1) \ + printf(m, tcpstat.f1, tcpstat.f2) +#define p2bys(f1, f2, m) if (tcpstat.f1 || sflag <= 1) \ + printf(m, tcpstat.f1, pluralys(tcpstat.f1), tcpstat.f2) +#define pes(f, m) if (tcpstat.f || sflag <= 1) \ printf(m, tcpstat.f, plurales(tcpstat.f)) +#define pys(f, m) if (tcpstat.f || sflag <= 1) \ + printf(m, tcpstat.f, pluralys(tcpstat.f)) p(tcps_sndtotal, "\t%u packet%s sent\n"); p2(tcps_sndpack,tcps_sndbyte, @@ -427,7 +433,7 @@ tcp_stats(char *name) p(tcps_keepdrops, "\t\t%u connection%s dropped by keepalive\n"); p(tcps_predack, "\t%u correct ACK header prediction%s\n"); p(tcps_preddat, "\t%u correct data packet header prediction%s\n"); - p3(tcps_pcbhashmiss, "\t%u PCB cache miss%s\n"); + pes(tcps_pcbhashmiss, "\t%u PCB cache miss%s\n"); p1(tcps_noport, "\t%u dropped due to no socket\n"); p(tcps_ecn_accepts, "\t%u ECN connection%s accepted\n"); @@ -443,7 +449,7 @@ tcp_stats(char *name) p(tcps_badsyn, "\t%u bad connection attempt%s\n"); p(tcps_dropsyn, "\t%u SYN packet%s dropped due to queue or memory full\n"); - p1(tcps_sc_added, "\t%qd SYN cache entries added\n"); + pys(tcps_sc_added, "\t%qd SYN cache entr%s added\n"); p(tcps_sc_collisions, "\t\t%qd hash collision%s\n"); p1(tcps_sc_completed, "\t\t%qd completed\n"); p1(tcps_sc_aborted, "\t\t%qd aborted (no space to build PCB)\n"); @@ -454,9 +460,16 @@ tcp_stats(char *name) p1(tcps_sc_unreach, "\t\t%qd dropped due to ICMP unreachable\n"); p(tcps_sc_retransmitted, "\t%qd SYN,ACK%s retransmitted\n"); p(tcps_sc_dupesyn, "\t%qd duplicate SYN%s received for entries " - "already in the cache\n"); + "already in the cache\n"); p(tcps_sc_dropped, "\t%qd SYN%s dropped (no route or no space)\n"); p(tcps_sc_seedrandom, "\t%qd SYN cache seed%s with new random\n"); + p1(tcps_sc_hash_size, "\t%qd hash bucket array size in current " + "SYN cache\n"); + p2bys(tcps_sc_entry_count, tcps_sc_entry_limit, + "\t%qd entr%s in current SYN cache, limit is %qd\n"); + p2b(tcps_sc_bucket_maxlen, tcps_sc_bucket_limit, + "\t%qd longest bucket length in current SYN cache, limit is %qd\n"); + p(tcps_sc_uses_left, "\t%qd use%s of current SYN cache left\n"); p(tcps_sack_recovery_episode, "\t%qd SACK recovery episode%s\n"); p(tcps_sack_rexmits, @@ -471,7 +484,10 @@ tcp_stats(char *name) #undef p1 #undef p2 #undef p2a -#undef p3 +#undef p2b +#undef p2bys +#undef pes +#undef pys } /* diff --git a/usr.bin/netstat/main.c b/usr.bin/netstat/main.c index 418b1366f7b..8c7bbc9dd2f 100644 --- a/usr.bin/netstat/main.c +++ b/usr.bin/netstat/main.c @@ -1,4 +1,4 @@ -/* $OpenBSD: main.c,v 1.109 2016/01/01 17:38:45 mpi Exp $ */ +/* $OpenBSD: main.c,v 1.110 2016/07/20 19:57:54 bluhm Exp $ */ /* $NetBSD: main.c,v 1.9 1996/05/07 02:55:02 thorpej Exp $ */ /* @@ -388,6 +388,12 @@ plurales(u_int64_t n) return (n != 1 ? "es" : ""); } +char * +pluralys(u_int64_t n) +{ + return (n != 1 ? "ies" : "y"); +} + /* * Find the protox for the given "well-known" name. */ diff --git a/usr.bin/netstat/netstat.h b/usr.bin/netstat/netstat.h index 9eb26aa77e8..7d117013f2f 100644 --- a/usr.bin/netstat/netstat.h +++ b/usr.bin/netstat/netstat.h @@ -1,4 +1,4 @@ -/* $OpenBSD: netstat.h,v 1.69 2015/09/11 19:35:37 mpi Exp $ */ +/* $OpenBSD: netstat.h,v 1.70 2016/07/20 19:57:54 bluhm Exp $ */ /* $NetBSD: netstat.h,v 1.6 1996/05/07 02:55:05 thorpej Exp $ */ /* @@ -72,6 +72,7 @@ extern char *__progname; /* program name, from crt0.o */ int kread(u_long addr, void *buf, int size); char *plural(u_int64_t); char *plurales(u_int64_t); +char *pluralys(u_int64_t); void protopr(kvm_t *, u_long, u_int, int); -- 2.20.1