DTrace network providers

Mark Johnston markj at freebsd.org
Wed Aug 21 05:00:17 UTC 2013


Hello!

I've ported the ip, tcp and udp DTrace providers to FreeBSD, following
the Solaris documentation here:

https://wikis.oracle.com/display/DTrace/ip+Provider
https://wikis.oracle.com/display/DTrace/tcp+Provider
https://wikis.oracle.com/display/DTrace/udp+Provider

My implementation of these providers makes use of dynamic translators,
for which FreeBSD support was added in r254468; this patch won't compile
with earlier revisions. The use of dynamic translators means that
existing DTrace scripts which use these providers will just work when run
on FreeBSD - no modifications needed. In particular, all of the examples
in the links above will work properly on FreeBSD with my diff.

I've collected a bunch of example scripts for these providers and placed
them here:

http://people.freebsd.org/~markj/dtrace/network-providers/

To run one you just need to execute "dtrace -s <script>".

In general these providers make it trivial to monitor or count packets
and bytes on a per-host/port/protocol/interface basis. One can also do
neat things like watch TCP connection state transitions in real time
(tcpstate.d) and measure connection latency. All of the probes
correspond to logical events in their respective protocol
implementations; all of the providers have send and receive probes, and
the tcp provider has a few more.

I didn't have to make any major changes to add support for these
providers, but I've made a few small tweaks:

1. Add a little helper function for TCP state changes instead of
   sprinkling a bunch of SDT_PROBE calls throughout the code.
2. Set the IPv6 payload size in TCP and UDP before calling ip6_output().
   This is done for the send probes so that the ipinfo_t argument
   can be used to get the payload size. It's not quite correct since it
   doesn't include the length of IPv6 option headers (they aren't known
   yet), but I think that's ok for the purposes of these providers.
3. Set the IPv4 header version in udp_output(). This is already done for
   IPv6.

I'm hoping that none of this (or the rest of the diff) is controversial,
but I wanted to make sure, so any review would be really appreciated.

The patch is here:

http://people.freebsd.org/~markj/patches/network-providers/network-providers-1.diff

It depends on r254468. To use it, just recompile the kernel (assuming
that KDTRACE_HOOKS is enabled) and copy
$SRC/cddl/lib/libdtrace/{ip,tcp,udp}.d (added by the patch) to
/usr/lib/dtrace. Then the example scripts I linked above should just
work.

Thanks!
-Mark


More information about the freebsd-dtrace mailing list