Chapter 5 Using Flow Accounting and Statistics Gathering (Tasks)
This chapter explains how to obtain accounting and statistical
information on traffic that is handled by an IPQoS system. The following topics
are discussed:
Setting Up Flow Accounting (Task Map)
The following table lists the generic tasks for
obtaining information about traffic flows by using the flowacct
module.
Table 5–1 Configuring Flow Accounting (Task Map)
Recording Information About Flows
You use the
IPQoS flowacct module to collect information about traffic
flows, such as the source and destination addresses, amount of packets in
a flow, and similar data. The process of accumulating and recording information
about flows is called flow accounting.
The results of flow accounting on traffic
of a particular class are recorded in a table of flow records.
Each flow record consists of a series of attributes. These attributes contain
data about traffic flows of a particular class over an interval of time. For
a list of the flowacct attributes, refer to Table 6–4.
Flow accounting
is particularly useful for billing clients as is defined in their service-level
agreements (SLAs). You can also use flow accounting to obtain flow statistics
for critical applications. This section contains tasks for using flowacct with the Solaris extended accounting facility to obtain
data on traffic flows.
The following information is contained in sources outside this chapter:
How to Create a File for Flow-Accounting Data
Before you add a flowacct action to the IPQoS configuration file, you must create
a file for flow records from the flowacct module. You use
the acctadm command for this purpose. acctadm can record either basic attributes or extended attributes in the
file. All flowacct attributes are listed in Table 6–4.
For detailed information about acctadm, refer to acctadm(1m).
-
Log in as superuser to the IPQoS-enabled system.
-
Create a basic flow-accounting file.
The following example shows how to create a basic flow-account file
for the premium web server that is configured in Example 3–1.
# /usr/sbin/acctadm -e basic -f /var/ipqos/goldweb/account.info flow
|
|
Statement
|
Definition
|
|
acctadm -e
|
Invokes acctadm with the -e option. The -e option enables the arguments
that follow.
|
|
basic
|
States
that only data for the eight basic flowacct attributes
are to be recorded in the file.
|
|
/var/ipqos/goldweb/account.info
|
Specifies the fully qualified path name of the file to hold the
flow records from flowacct.
|
|
flow
|
Tells acctadm to enable flow accounting.
|
-
View information about flow accounting on the IPQoS system by typing acctadm without arguments.
acctadm generates the following output:
Task accounting: inactive
Task accounting file: none
Tracked task resources: none
Untracked task resources: extended
Process accounting: inactive
Process accounting file: none
Tracked process resources: none
Untracked process resources: extended,host,mstate
Flow accounting: active
Flow accounting file: /var/ipqos/goldweb/account.info
Tracked flow resources: basic
Untracked flow resources: dsfield,ctime,lseen,projid,uid
All but the last four entries are for use with the Solaris 9 Resource
Manager feature. The next table explains the entries that are specific to
IPQoS.
|
Entry
|
Description
|
|
Flow accounting: active
|
Indicates that flow accounting is turned on
|
|
Flow accounting file: /var/ipqos/goldweb/account.info
|
Gives the name of the current flow-accounting
file
|
|
Tracked flow resources: basic
|
Indicates that only the basic flow attributes are tracked
|
|
Untracked flow resources: dsfield,ctime,lseen,projid,uid
|
Lists the flowacct
attributes that are not tracked in the file
|
-
(Optional) Add the extended attributes to the accounting
file as follows:
# acctadm -e extended -f /var/ipqos/goldweb/account.info flow
|
-
(Optional) Return to recording only the basic attributes in the accounting
file.
# acctadm -d extended -e basic -f /var/ipqos/goldweb/account.info
|
The -d option disables extended accounting.
Where to Go Next
How to Get Instructions for Viewing a Flow-Accounting File
You must create a script to display the contents of the flow-accounting
file that was created by acctadm. You can use as the basis
for your script a demonstration script for resource management tasks and processing
accounting. The following task shows how to get information about the demonstration
script.
Before you can use the next procedure, you must have created a file
to hold flow records, as described in How to Create a File for Flow-Accounting Data.
You also must have added a flowacct action and parameters
to the IPQoS configuration file so that traffic classes are tracked by flowacct.
The next task introduces the libexacct programmatic
interface and exdump utility to provide output for an acctadm file for viewing processes and tasks. For technical information,
refer to the libexacct(3LIB) man page.
-
Become superuser on the IPQoS system and access the directory /usr/demo/libexacct.
This directory contains a Makefile and the exdump.c
script.
-
Perform the instructions to build exdump as is explained
in the README.
-
View the data in the flow-accounting file, as is explained in the README.
Gathering Statistical Information
You
can use the kstat command to generate statistical information
from the IPQoS modules. Use the following syntax.
/bin/kstat -m ipqos-module-name
|
You can
specify any valid IPQoS module name, as shown in
Table 6–5.
For example, to view statistics that are generated by the
dscpmk marker, you use the following form of
kstat.
For technical details, refer to the
kstat(1M) man page.
Example—kstat Statistics for IPQoS
Here is an example of possible results from running kstat
to obtain statistics about the flowacct module.
# kstat -m flowacct
module: flowacct instance: 3
name: Flowacct statistics class: flacct
bytes_in_tbl 84
crtime 345728.504106363
epackets 0
flows_in_tbl 1
nbytes 84
npackets 1
snaptime 345774.031843301
usedmem 256
|
|
Entry
|
Description
|
| class: flacct |
Gives the name of the class to which the traffic flows belong, in this instance flacct.
|
|
bytes_in_tbl
|
Total number of bytes in the flow table, that is, the sum in
bytes of all the flow records that currently reside in the flow table. The
total number of bytes for this flow table is 84. If no flows are in the table,
the value for bytes_in_tbl is 0.
|
|
crtime
|
The last time this kstat was created.
|
|
epackets
|
Number of packets that resulted in an error during processing,
in this instance 0.
|
|
flows_in_tbl
|
Number of flow records in the flow table, which in this instance
is 1. When no records are in the table, the value for flows_in_tbl is 0.
|
|
nbytes
|
Total number of bytes that are seen by this flowacct action
instance, which is 84 in the example. The value includes bytes that are currently
in the flow table and bytes that have timed out—are no longer
in the flow table.
|
|
npackets
|
Total number of packets that are seen by this flowacct action instance, which is 1 in the example. npackets
includes packets that are currently in the flow table and those that have
timed out—are no longer in the flow table.
|
|
usedmem
|
Memory in bytes in use by the flow table that is maintained by
this flowacct instance. The usedmem
value is 256 in the example. The value for usedmem is 0
when the flow table does not have any flow records.
|
Scarica il manuale in formato PDF (656 KB)