| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <1e41a3230807101405y437dff4er443185be3228caa5@mail.gmail.com> Date: Thu, 10 Jul 2008 14:05:20 -0700 From: "John Heffner" <johnwheffner@...il.com> To: "Dan Noé" <dnoe@...ebrokerage.com> Cc: "Rick Jones" <rick.jones2@...com>, netdev@...r.kernel.org Subject: Re: Detecting TCP loss on the receiving side? On Thu, Jul 10, 2008 at 1:19 PM, Dan Noé <dnoe@...ebrokerage.com> wrote: > Rick Jones wrote: >> >> If this is just for troubleshooting, why not just take a tcpdump trace? > > We're pushing a lot of data.. several Mbps pretty much all day long.. and > the (suspected) loss occurs sporadically. Ideally we'd like to be able to > easily correlate it with latency seen in our app. Looking for loss at the receiver is a bit tricky. It doesn't look like struct tcp_info has enough information to do this easily. If you are able to install a custom kernel on this machine, the Web100 patch would be able to gather enough information to figure it out. The basic idea would be to look for a difference between RcvNxt and RcvMax. On the other hand, several Mbps is not that much. It's probably not that hard to take tcpdumps split up every N minutes, and analyze these. One thing to look for would be sack blocks coming from the receiver (assuming sack is enabled.) -John -- To unsubscribe from this list: send the line "unsubscribe netdev" in the body of a message to majordomo@...r.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html
Powered by blists - more mailing lists