Question about inet_set_socket_state trace point
|
Raga lahari
Hi everyone, I am using inet_set_socket_state trace point to get current establish connection count Here, incrementing counter value in BPF map when new state is TCP_ESTABLISHED and decrementing when old state is TCP_ESTABLISHED. But observed that the map count is having discrepancy with what netstat shows. When we start the probe, it looks all fine, but when we leave it running say for 2-3 days we see the difference. And this difference is building over time. Can someone please help me here if I am missing something? <code> TRACEPOINT_PROBE(sock, inet_sock_set_state) { if (args->newstate >= TCP_ESTABLISHED) __sync_fetch_and_add(val, 1); if (args->newstate >= TCP_ESTABLISHED) __sync_fetch_and_add(val, -1); } netstat -tanp | grep -i "EST" | wc -l |
|
|
|
Tristan Mayfield
Hi Ragalahari,
In your code you seem to not check for "old state" when you're heading to decrement. It looks like you are adding 1 and then immediately subtracting 1 in the same condition. That might be your problem? You never stated what the difference between it and netstat are so I can't be sure. Tristan |
|
|
|
Raga lahari
Hello, Correcting typo in code snippet <code> TRACEPOINT_PROBE(sock, inet_sock_set_state) { if (args->newstate == TCP_ESTABLISHED) __sync_fetch_and_add(val, 1); if (args->oldstate == TCP_ESTABLISHED) __sync_fetch_and_add(val, -1); } Thanks & Regards, On Wed, Oct 14, 2020 at 10:35 AM Raga lahari <ragalahari.potti@...> wrote:
|
|
|
|
Raga lahari
Hi,
if (args->newstate == TCP_ESTABLISHED) __sync_fetch_and_add(val, 1); if (args->oldstate == TCP_ESTABLISHED) __sync_fetch_and_add(val, -1);
} There was a typo in my first message.
|
|
|