1 .. contents:: Table of Contents
4 ==============================================================
6 ==============================================================
8 https://git.opendaylight.org/gerrit/#/q/element-counters
10 This feature depends on the Netvirt statistics feature.
12 This feature enables collecting statistics on filtered traffic passed from/to a network element. For example: traffic outgoing/incoming from a specific IP, tcp traffic, udp traffic, incoming/outgoing traffic only.
17 Collecting statistics on filtered traffic sent to/from a VM is currently not possible.
22 - Tracking East/West communication between local VMs.
23 - Tracking East/West communication between VMs that are located in different compute nodes.
24 - Tracking communication between a local VM and an IP located in an external network.
25 - Tracking TCP/UDP traffic sent from/to a VM.
26 - Tracking dropped packets between 2 VMs.
31 The Netvirt Statistics Plugin will receive requests regarding element filtered counters.
32 A new service will be implemented ("CounterService"), and will be associated with the relevant interfaces (either ingress side, egress sides or both of them).
34 * Ingress traffic: The service will be the first one in the pipeline after the Ingress ACL service.
35 * Egress traffic: The service will be the last one after the Egress ACL service.
36 * The input for counters request regarding VM A, and incoming and outgoing traffic from VM B, will be VM A interface uuid and VM B IP.
37 * The input can also include other filters like TCP only traffic, UDP only traffic, incoming/outgoing traffic.
38 * In order to track dropped traffic between VM A and VM B, the feature should be activated on both VMS (either in the same compute node or in different compute nodes). service binding will be done on both VMs relevant interfaces.
39 * If the counters request involves an external IP, service binding will be done only on the VM interface.
40 * Adding/Removing the "CounterService" should be dynamic and triggered by requesting element counters.
43 The Statistics Plugin will use OpenFlow flow statistic requests for these new rules,
44 allowing it to gather statistics regarding the traffic between the 2 elements.
45 It will be responsible to validate and filter the counters results.
50 Two new tables will be used: table 219 for outgoing traffic from the VM, and table 249 for incoming traffic from the VM.
51 In both ingress and egress pipelines, the counter service will be just after the appropriate ACL service.
52 The default rule will resubmit traffic to the appropriate dispatcher table.
54 Assuming we want statistics on VM A traffic, received or sent from VM B.
56 VM A Outgoing Traffic (vm interface)
57 ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
58 In table 219 traffic will be matched against dst-ip and lport tag.
60 | Ingress dispatcher table (17): ``match: lport-tag=vmA-interface, actions: go to table 219`` =>
61 | Ingress counters table (219): ``match: dst-ip=vmB-ip, lport-tag=vmA-interface, actions: resubmit to table 17`` =>
63 VM A Incoming Traffic (vm interface)
64 ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
65 In table 249 traffic will be matched against src-ip and lport tag.
67 | Egress dispatcher table (220): ``match: lport-tag=vmA-interface, actions: go to table 249`` =>
68 | Egress counters table (249): ``match: lport-tag=vmA-interface, src-ip=vmB-ip, actions: resubmit to table 220`` =>
70 Assuming we want statistics on VM A incoming TCP traffic.
72 VM A Outgoing Traffic (vm interface)
73 ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
75 | Egress dispatcher table (220): ``match: lport-tag=vmA-interface, actions: go to table 249`` =>
76 | Egress counters table (249): ``match: lport-tag=vmA-interface, tcp, actions: resubmit to table 220`` =>
78 Assuming we want statistics on VM A outgoing UDP traffic.
80 VM A Incoming traffic (vm interface)
81 ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
83 | Ingress dispatcher table (17): ``match: lport-tag=vmA-interface, actions: go to table 219`` =>
84 | Ingress counters table (219): ``match: lport-tag=vmA-interface, udp, actions: resubmit to table 17`` =>
86 Assuming we want statistics on all traffic sent to VM A port.
88 VM A Incoming traffic (vm interface)
89 ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
91 | Ingress dispatcher table (17): ``match: lport-tag=vmA-interface, actions: go to table 219`` =>
92 | Ingress counters table (219): ``match: lport-tag=vmA-interface, actions: resubmit to table 17`` =>
96 Netvirt Statistics module will be enhanced with the following RPC:
124 leaf-list groupFilters {
127 leaf-list counterFilter {
132 grouping elementRequestData {
134 container tcpFilter {
148 container udpFilter {
171 container elementCountersRequestConfig {
172 list counterRequests {
186 leaf trafficDirection {
189 uses elementRequestData;
193 rpc acquireElementCountersRequestHandler {
198 container incomingTraffic {
199 uses elementRequestData;
201 container outgoingTraffic {
202 uses elementRequestData;
207 leaf incomingTrafficHandler {
210 leaf outcoingTrafficHandler {
216 rpc releaseElementCountersRequestHandler {
226 rpc getElementCountersByHandler {
238 ---------------------
239 The described above YANG model will be saved in the data store.
241 Clustering considerations
242 -------------------------
245 Other Infra considerations
246 --------------------------
249 Security considerations
250 -----------------------
253 Scale and Performance Impact
254 ----------------------------
255 Since adding the new service is done by a request (as well as removing it), not all packets will be sent to the new tables described above.
268 * Create router, network, 2 VMS, VXLAN tunnel.
269 * Connect to each one of the VMs and send ping to the other VM.
270 * Use REST to get the statistics.
272 Run the following to get interface ids:
276 http://10.0.77.135:8181/restconf/operational/ietf-interfaces:interfaces-state/
278 Choose VM B interface and use the following REST in order to get the statistics:
279 Assuming VM A IP = 1.1.1.1, VM B IP = 2.2.2.2
281 Acquire counter request handler:
285 10.0.77.135:8181/restconf/operations/statistics-plugin:acquireElementCountersRequestHandler, {"input":{"portId":"4073b4fe-a3d5-47c0-b37d-4fb9db4be9b1", "incomingTraffic":{"filters":{"ipFilter":{"ip":"1.1.3.9"}}}}}, headers={Authorization=Basic YWRtaW46YWRtaW4=, Cache-Control=no-cache, Content-Type=application/json}]
291 10.0.77.135:8181/restconf/operations/statistics-plugin:releaseElementCountersRequestHandler, input={"input":{"handler":"1"}}, headers={Authorization=Basic YWRtaW46YWRtaW4=, Cache-Control=no-cache, Content-Type=application/json}]
297 10.0.77.135:8181/restconf/operations/statistics-plugin:getElementCountersByHandler, input={"input":{"handler":"1"}}, headers={Authorization=Basic YWRtaW46YWRtaW4=, Cache-Control=no-cache, Content-Type=application/json}]
299 Example counters output:
307 "id": "SOME UNIQUE ID",
313 "name": "durationNanoSecondCount",
317 "name": "durationSecondCount",
326 "name": "bytesTransmittedCount",
330 "name": "bytesReceivedCount",
339 "name": "packetsTransmittedCount",
343 "name": "packetsReceivedCount",
355 odl-netvirt-openstack
371 Guy Regev <guy.regev@hpe.com>
379 https://trello.com/c/88MnwGwb/129-element-to-element-counters
381 * Add new service in Genius.
382 * Implement new rules installation.
383 * Update Netvirt Statistics module to support the new counters request.
408 Netvirt statistics feature: https://git.opendaylight.org/gerrit/#/c/50164/8
Code Review / netvirt.git / blob