第一个是 dropwatch
# dropwatch -lkas
Initializing kallsyms db
dropwatch> start
Enabling monitoring...
Kernel monitoring activated.
Issue Ctrl-C to stop monitoring
1 drops at icmp_rcv+11c (0xffffffff8193bb1c) [software]
1 drops at icmp_rcv+11c (0xffffffff8193bb1c) [software]
1 drops at icmp_rcv+11c (0xffffffff8193bb1c) [software]
1 drops at icmp_rcv+11c (0xffffffff8193bb1c) [software]
第二个是 perf 监视 kfree_skb 事件
shell> perf record -g -a -e skb:kfree_skb
shell> perf script
第三个是tcpdrop
Linux bcc/eBPF tcpdrop
第四个是systemtap脚本
/usr/share/doc/systemtap-1.6/examples/network/dropwatch.stp
#!/usr/bin/stap
############################################################
# Dropwatch.stp
# Author: Neil Horman <nhorman@redhat.com>
# An example script to mimic the behavior of the dropwatch utility
# http://fedorahosted.org/dropwatch
############################################################
# Array to hold the list of drop points we find
global locations
# Note when we turn the monitor on and off
probe begin { printf("Monitoring for dropped packets\n") }
probe end { printf("Stopping dropped packet monitor\n") }
# increment a drop counter for every location we drop at
probe kernel.trace("kfree_skb") { locations[$location] <<< 1 }
# Every 1 seconds report our drop locations
probe timer.sec(1)
{
printf("\n")
foreach (l in locations-) {
printf("%d packets dropped at %s\n",
@count(locations[l]), symname(l))
}
delete locations
}
五:tcpdump