2 ==============================================================
4 https://git.opendaylight.org/gerrit/#/q/spec-for-element-to-element-counters
6 This feature depends on the Netvirt statistics feature.
8 This feature enables collecting statistics on filtered traffic passed from/to a network element. For example: traffic outgoing/incoming from a specific IP, tcp traffic, udp traffic, incoming/outgoing traffic only.
13 Collecting statistics on filtered traffic sent to/from a VM is currently not possible.
18 - Tracking East/West communication between local VMs.
19 - Tracking East/West communication between VMs that are located in different compute nodes.
20 - Tracking communication between a local VM and an IP located in an external network.
21 - Tracking TCP/UDP traffic sent from/to a VM.
22 - Tracking dropped packets between 2 VMs.
27 The Netvirt Statistics Plugin will receive requests regarding element filtered counters.
28 A new service will be implemented ("CounterService"), and will be associated with the relevant interfaces (either ingress side, egress sides or both of them).
30 * Ingress traffic: The service will be the first one in the pipeline after the Ingress ACL service.
31 * Egress traffic: The service will be the last one after the Egress ACL service.
32 * The input for counters request regarding VM A, and incoming and outgoing traffic from VM B, will be VM A interface uuid and VM B IP.
33 * The input can also include other filters like TCP only traffic, UDP only traffic, incoming/outgoing traffic.
34 * In order to track dropped traffic between VM A and VM B, the feature should be activated on both VMS (either in the same compute node or in different compute nodes). service binding will be done on both VMs relevant interfaces.
35 * If the counters request involves an external IP, service binding will be done only on the VM interface.
36 * Adding/Removing the "CounterService" should be dynamic and triggered by requesting element counters.
39 The Statistics Plugin will use OpenFlow flow statistic requests for these new rules,
40 allowing it to gather statistics regarding the traffic between the 2 elements.
41 It will be responsible to validate and filter the counters results.
46 Two new tables will be used: table 219 for outgoing traffic from the VM, and table 249 for incoming traffic from the VM.
47 In both ingress and egress pipelines, the counter service will be just after the appropriate ACL service.
48 The default rule will resubmit traffic to the appropriate dispatcher table.
50 Assuming we want statistics on VM A traffic, received or sent from VM B.
52 VM A Outgoing Traffic (vm interface)
53 ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
54 In table 219 traffic will be matched against dst-ip and lport tag.
56 | Ingress dispatcher table (17): ``match: lport-tag=vmA-interface, actions: go to table 219`` =>
57 | Ingress counters table (219): ``match: dst-ip=vmB-ip, lport-tag=vmA-interface, actions: resubmit to table 17`` =>
59 VM A Incoming Traffic (vm interface)
60 ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
61 In table 249 traffic will be matched against src-ip and lport tag.
63 | Egress dispatcher table (220): ``match: lport-tag=vmA-interface, actions: go to table 249`` =>
64 | Egress counters table (249): ``match: lport-tag=vmA-interface, src-ip=vmB-ip, actions: resubmit to table 220`` =>
66 Assuming we want statistics on VM A incoming TCP traffic.
68 VM A Outgoing Traffic (vm interface)
69 ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
71 | Egress dispatcher table (220): ``match: lport-tag=vmA-interface, actions: go to table 249`` =>
72 | Egress counters table (249): ``match: lport-tag=vmA-interface, tcp, actions: resubmit to table 220`` =>
74 Assuming we want statistics on VM A outgoing UDP traffic.
76 VM A Incoming traffic (vm interface)
77 ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
79 | Ingress dispatcher table (17): ``match: lport-tag=vmA-interface, actions: go to table 219`` =>
80 | Ingress counters table (219): ``match: lport-tag=vmA-interface, udp, actions: resubmit to table 17`` =>
82 Assuming we want statistics on all traffic sent to VM A port.
84 VM A Incoming traffic (vm interface)
85 ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
87 | Ingress dispatcher table (17): ``match: lport-tag=vmA-interface, actions: go to table 219`` =>
88 | Ingress counters table (219): ``match: lport-tag=vmA-interface, actions: resubmit to table 17`` =>
92 Netvirt Statistics module will be enhanced with the following RPC:
120 leaf-list groupFilters {
123 leaf-list counterFilter {
128 grouping elementRequestData {
130 container tcpFilter {
144 container udpFilter {
167 container elementCountersRequestConfig {
168 list counterRequests {
182 leaf trafficDirection {
185 uses elementRequestData;
189 rpc acquireElementCountersRequestHandler {
194 container incomingTraffic {
195 uses elementRequestData;
197 container outgoingTraffic {
198 uses elementRequestData;
203 leaf incomingTrafficHandler {
206 leaf outcoingTrafficHandler {
212 rpc releaseElementCountersRequestHandler {
222 rpc getElementCountersByHandler {
234 ---------------------
235 The described above YANG model will be saved in the data store.
237 Clustering considerations
238 -------------------------
241 Other Infra considerations
242 --------------------------
245 Security considerations
246 -----------------------
249 Scale and Performance Impact
250 ----------------------------
251 Since adding the new service is done by a request (as well as removing it), not all packets will be sent to the new tables described above.
264 * Create router, network, 2 VMS, VXLAN tunnel.
265 * Connect to each one of the VMs and send ping to the other VM.
266 * Use REST to get the statistics.
268 Run the following to get interface ids:
272 http://10.0.77.135:8181/restconf/operational/ietf-interfaces:interfaces-state/
274 Choose VM B interface and use the following REST in order to get the statistics:
275 Assuming VM A IP = 1.1.1.1, VM B IP = 2.2.2.2
277 Acquire counter request handler:
281 10.0.77.135:8181/restconf/operations/statistics-plugin:acquireElementCountersRequestHandler, {"input":{"portId":"4073b4fe-a3d5-47c0-b37d-4fb9db4be9b1", "incomingTraffic":{"filters":{"ipFilter":{"ip":"1.1.3.9"}}}}}, headers={Authorization=Basic YWRtaW46YWRtaW4=, Cache-Control=no-cache, Content-Type=application/json}]
287 10.0.77.135:8181/restconf/operations/statistics-plugin:releaseElementCountersRequestHandler, input={"input":{"handler":"1"}}, headers={Authorization=Basic YWRtaW46YWRtaW4=, Cache-Control=no-cache, Content-Type=application/json}]
293 10.0.77.135:8181/restconf/operations/statistics-plugin:getElementCountersByHandler, input={"input":{"handler":"1"}}, headers={Authorization=Basic YWRtaW46YWRtaW4=, Cache-Control=no-cache, Content-Type=application/json}]
295 Example counters output:
303 "id": "SOME UNIQUE ID",
309 "name": "durationNanoSecondCount",
313 "name": "durationSecondCount",
322 "name": "bytesTransmittedCount",
326 "name": "bytesReceivedCount",
335 "name": "packetsTransmittedCount",
339 "name": "packetsReceivedCount",
351 odl-netvirt-openstack
367 Guy Regev <guy.regev@hpe.com>
375 https://trello.com/c/88MnwGwb/129-element-to-element-counters
377 * Add new service in Genius.
378 * Implement new rules installation.
379 * Update Netvirt Statistics module to support the new counters request.
404 Netvirt statistics feature: https://git.opendaylight.org/gerrit/#/c/50164/8
Code Review / netvirt.git / blob