Answer the question
In order to leave comments, you need to log in
L
L
LordDominator2022-01-09 13:03:47
LordDominator, 2022-01-09 13:03:47
What network problems are solved by low-level debugging?
Good day!
I’m thinking about the topic of the diploma, I came across interesting articles on eBPF (extended Berkley Packet Filter):
https://habr.com/ru/company/otus/blog/436528/
https://habr.com/ru/company/nixys/blog /580640/
The first one mentions an issue with Open vSwitch (incorrect TCP packet delivery order),
the second one monitors packets in complex networks of multiple virtual interfaces and network namespaces.
As far as I understand, the bottom line is that the BPF program allows you to access the sk_buff, net_device, iphdr fields and pull out the necessary information, or write your own values \u200b\u200bin some fields.
Tell me, what problems with the network are actually encountered in practice, which can be detected and solved in this way?
Maybe something can be emulated on virtual machines?
Thank you!
3 answer(s)
@LordDominator
The problems are many and varied.
Regarding the wrong order of delivery of TCP packets, this is possible when balancing the load on several channels that operate at different speeds.
Or, for example, when using encryption on a network, I saw this on Dionis DPS, due to the parallelization of decryption.
BPF doesn't solve anything, it only helps to discover. How much BPF makes it easier to diagnose is difficult to say.
What for? There is also tc, with the ability to emulate various network problems.
@vitaly_il1
@ProFfeSsoRr
A lot of useful things can be done this way, look at Cilium for example. Without iptables, without even a bunch of utilities, setting up complex rules at the kernel level is just fine! It turns out a network with low latency, with good security and at the same time on large clusters.
And the problems are all sorts of different, here everyone has their own practice. This is how a "complex network" is easily obtained even on a desktop, when you have containers, or virtual machines.
V
Vitsliputsli, 2022-01-09 @LordDominator
Tell me, what problems with the network are actually encountered in practice, which can be detected and solved in this way?
The problems are many and varied.
Regarding the wrong order of delivery of TCP packets, this is possible when balancing the load on several channels that operate at different speeds.
Or, for example, when using encryption on a network, I saw this on Dionis DPS, due to the parallelization of decryption.
BPF doesn't solve anything, it only helps to discover. How much BPF makes it easier to diagnose is difficult to say.
Maybe something can be emulated on virtual machines?
What for? There is also tc, with the ability to emulate various network problems.
V
Vitaly Karasik, 2022-01-09 @vitaly_il1
The most interesting thing is that eBPF allows you to see and understand a lot at the applicative level - https://newrelic.com/blog/nerd-life/pixie-develope...
V
Valentine, 2022-01-13 @ProFfeSsoRr
Tell me, what problems with the network are actually encountered in practice, which can be detected and solved in this way?
A lot of useful things can be done this way, look at Cilium for example. Without iptables, without even a bunch of utilities, setting up complex rules at the kernel level is just fine! It turns out a network with low latency, with good security and at the same time on large clusters.
And the problems are all sorts of different, here everyone has their own practice. This is how a "complex network" is easily obtained even on a desktop, when you have containers, or virtual machines.
Similar questions
R
E
M
A
V
Didn't find what you were looking for?
Ask your questionAsk a Question
731 491 924 answers to any question