Shulou(Shulou.com)06/01 Report--

This article mainly introduces how to use Packetdrill in linux. It is very detailed and has a certain reference value. Friends who are interested must finish it!

1. Packetdrill compilation and installation

Source code link https://github.com/google/packetdrill.git

Source code compilation comment netdev.c

/ * Set the offload flags to be like a typical ethernet device * / static void set_device_offload_flags (struct local_netdev * netdev) {# ifdef linux// const U32 offload = / / TUN_F_CSUM | TUN_F_TSO4 | TUN_F_TSO6 | TUN_F_TSO_ECN | TUN_F_UFO;// if (ioctl (netdev- > tun_fd, TUNSETOFFLOAD, offload)! = 0) / / die_perror ("TUNSETOFFLOAD"); # endif}

. / configure & & make

Usage

. / packetdrill test.pkt

Test.pkt is a test script written in Packetdrill syntax.

Success: no output, indicating that the script is correct and everything is as expected.

Failure: point out the error in the script and the reason.

2. Packetdrill executes its own test cases

Open tcpdump-i any tcp port 8080 to grab packets for analysis

Here test fast retransmission, test environment centos7.2.

Simple explanation

< 表示输入，packetdrill会构造一个真实的数据包。>

Represents a packet that is expected to respond by the protocol stack. (this packet is not constructed by packetdrill, but issued by the protocol stack. )

/ / Test fast retransmit with 4 packets outstanding, receiver sending SACKs.// In this variant the receiver supports SACK.// Establish a connection.0 socket (..., SOCK_STREAM, IPPROTO_TCP) = 3: 0 setsockopt (3, SOL_SOCKET, SO_REUSEADDR, [1], 4) = 0: 0 bind (3,...,...) = 0: 0 listen (3, 1) = 0 / 3-way handshake + 0

< S 0:0(0) win 32792 +0 >

S. 0:0 (0) ack 1 + .1

< . 1:1(0) ack 1 win 257+0 accept(3, ..., ...) = 4//系统调用，让协议栈发出100个字节// Send 1 data segment and get an ACK, so cwnd is now 4.+0 write(4, ..., 1000) = 1000//预期协议栈会发出psh,ack，实际上发出了ack1//+0 >

P. 1 ack 1001 (1000) 2G / inject ack+.1 into the protocol stack

< . 1:1(0) ack 1001 win 257// Write 4 data segments.//系统调用，让协议栈发出4000个字节+0 write(4, ..., 4000) = 4000//预期协议栈会发出psh，ack，实际上发出了seq 1001:2001, ack 1；seq 2001:3001, ack 1；seq 3001:4001, ack 1；[P.], seq 4001:5001, ack 1//+0 >

P. 1001 ack 5001 (4000) ack+.1 1 / Get 3 SACKs.// issues three consecutive ack+.1 to the protocol stack

< . 1:1(0) ack 1001 win 257 +0 < . 1:1(0) ack 1001 win 257 +0 < . 1:1(0) ack 1001 win 257 // We've received 3 duplicate ACKs, so we do a fast retransmit.//预期协议栈会发出一次快速重传 Seq 1001：2001，ack 1//+0 >

. 1001ack 2001 (1000) ack 1ax / Receiver ACKs all data.// responds to the ack of all messages to the protocol stack ack. + .1

< . 1:1(0) ack 6001 win 2574. 将fr-4pkt-sack-linux.pkt 中的修改如下。+0 >

P. 1 ack 1001 (1000) ack 1  + 0 > P. 1 ack 1001 (1000) ack 1  + 0 > P. 1001 ack 5001 (4000) + 0 >. 1001 2001 (1000) ack 1 >. 2001 3001 (1000) ack 1: 0 >. 3001 4001 (1000) ack 1 ack 1 > P. 4001purl 5001 (1000)

[note: if there is an error in executing the use case that comes with packetdrill, usually the packet issued by the protocol stack does not meet the expected packet, kill the expected > part first, then execute the test case, and then analyze the expected result by grabbing the packet. It is usually due to the limitation of the three-way handshake mss]

Execute:.. / packetdrill fr-4pkt-sack-linux.pkt, no errors.

If you grab the packet, you can see the result: if the ack is repeated three times, the fast retransmission will be implemented. Achieve the desired results.

/ / self-constructed package to achieve three repeats of ack 1001.07 ack 57 ack 36.469280 IP 192.0.2.1.36840 > TENCENT64.site.webcache: Flags [.], ack 1001, win 257, options [sack 1 {2001 TENCENT64.site.webcache 3001}, nop,nop], length 007VV 9836 IP 192.0.1.36840 > TENCENT64.site.webcache: Flags [.], ack 1001, win 257, options [sack 1 {2001 Flags 4001}, nop,nop] Length 007 ack 57 IP 36.470349 IP 192.0.2.1.36840 > TENCENT64.site.webcache: Flags [.], ack 1001, win 257, options [sack 1 {2001 TENCENT64.site.webcache 5001}, nop,nop], length 0max / protocol stack initiates a fast retransmission. IP TENCENT64.site.webcache > 192.0.2.1.36840: Flags [.], seq 1001 seq 2001 Flags 1, win 229, length 1000

3. Packetdrill interprets the self-contained test case description.

This paper mainly explains the basic syntax of packetdrill.

A script can contain four kinds of statements: packets, system calls, shell commands, and python statements.

Each statement must begin with a timestamp to indicate when it will be executed.

Packets

The packet is divided into input packet and output packet, and the format is similar to that of tcpdump.

Most of the options for TCP, UDP, ICMP, and TCP are supported.

Input packet (for output): packetdrill checks to see if the protocol stack is actually emitting such a packet.

+ 0 > udp (1472)

System Calls

The format of the system call is similar to strace.

For each system call, packetdrill executes at a specified time and checks to see if the return value is as expected. The system call is mainly applied to the scene construction, and the data is not sent and received by the test side.

Common examples of system calls:

System call

Connect (3,...,...) =-1 EINPROGRESS (Operation now in progress) / / client connection server getsockopt (3, SOL_SOCKET, SO_ERROR, [0], [4]) = 0 / / get scoketoptfcntl (3, F_SETFL, O_RDWR) = 0 / / Fcntl setting ioctl (4, SIOCINQ, [1000]) = 0 / / Ioctl setting read (3,..., 1024) = 785 / / read data write (3,. 57) = 57 / / write data close (3) = 0 / close connection socket (., SOCK_STREAM, IPPROTO_TCP) = 3 / / Tcp socketsetsockopt (3, SOL_SOCKET, SO_REUSEADDR, [1], 4) = 0 / set address multiplexing bind (3,...,...) = 0 / / bind port listen (3, 1) = 0 / / listening port accept (3,...) = 4 / accept connection

Shell script usage

The common usage is to set kernel parameters with shell scripts or to call the shell command to count tcp information. Set up

Example:

+ 0 `sysctl-Q net.ipv4.tcp_timestamps= 0` + 0 `ss-4-n state SYN-RECV | grep 192.168.0.1 ss 8080 > / dev/ null`

The usage of python script

The common use is to use python's assert to assert whether the information in tcp_info is as expected.

Example:

0.310 {assert tcpi_reordering = = 3assert tcpi_unacked = = 10assert tcpi_sacked = = 6assert tcpi_ca_state = = TCP_CA_Recovery}%

Time stamp

Each statement must begin with a timestamp to indicate when it is executed or when the event is expected to occur. It is possible that a problem with timing caused the test case to fail.

Timestamps can be in a variety of formats:

Absolute (absolute time): 0.75Relative (relative time): + 0.2Wildcard (any time): * Range (absolute time interval): 0.750~0.900Relative Range (relative time interval): + 0.1~+0.2Loose (allowable error):-- tolerance_usecs=800Blocking (blocking time interval): 0.750.. 0.900

If the corresponding event does not occur at the specified timestamp, an error will be reported and the actual time of occurrence of the event will be informed.

+ 1.0 > S.0:0 (0) ack 1

It is expected that TCP should send a SYNACK packet after 1s.

In practical use,-tolerance_usecs=405000 is generally specified, that is, the time error of 4ms is allowed.

4. Packetdrill implements basic scenario construction testing

The scene construction of the scene is either the client scenario or the server scenario. How the package is constructed depends on the test cases that come with packetdrill.

1. Server-side scenario

Construct a server-side scenario: the input end of the packet is the client. The output end of the packet is a system call that acts as a server.

/ / Establish a connection.0.000 socket (..., SOCK_STREAM, IPPROTO_TCP) = 30.000 setsockopt (3, SOL_SOCKET, SO_REUSEADDR, [1], 4) = 00.000 bind (3,...,...) = 00.000 listen (3,1) = 00.000.. 0.200 accept (3,...,...) = 40.100

< S 0:0(0) win 32792 0.100 >

S. 0:0 (0) ack 1 0.200

< . 1:1(0) ack 1 win 257//服务器端调用系统调用，预期发出2段数据包。0.300 write(4, ..., 2000) = 2000//0.300 >

P. 1 ack 2001 (2000) 2001 >. 1RU 1001 (1000) ack 10.300 > P. 1001RU 2001 (1000) ack 1

1. Client scene construction

Construct a server-side scenario: the input end of the packet is the server side. The output end of the packet is a system call that acts as a client.

/ / Create a socket and set it to non-blocking.0.000 socket (..., SOCK_STREAM, IPPROTO_TCP) = 30.000 fcntl (3, F_GETFL) = 0x2 (flags O_RDWR) 0.000 fcntl (3, F_SETFL, O_RDWR | O_NONBLOCK) = 0 EINPROGRESS / Establish connection and verify that there was no error.0.100 connect (3,...) =-1 EINPROGRESS (Operation now in progress) 0.100 > S 0:0 (0) 0.200

< S. 0:0(0) ack 1 win 5792 0.200 >

. 1:1 (0) ack 1 / / the client calls the system call and an http request is expected. / / Send the HTTP request.0.200 write (3,..., 57) = 570.200 > P. 1:58 (57) ack 1 0.300 <. 1:1 (0) ack 58 win 92 is all the content of this article "how to use Packetdrill in linux". Thank you for reading! Hope to share the content to help you, more related knowledge, welcome to follow the industry information channel!

Welcome to subscribe "Shulou Technology Information " to get latest news, interesting things and hot topics in the IT industry, and controls the hottest and latest Internet news, technology news and IT industry trends.