Check out the new USENIX Web site. next up previous
Next: Event Loss Up: MAGNeT in Kernel Space Previous: Instrumentation Record

Instrumented Events

MAGNeT is designed to be extensible with respect to the specific events that are monitored. The current distribution instruments the general socket-handling code, the TCP layer, and the IP layer. Other protocols can be easily instrumented by adding new MAGNeT event codes to the enum definition in magnet.h and placing calls to magnet_add() at appropriate places in the protocol stack. Thus, the mechanisms provided by MAGNeT (that is, capturing application-level traces as well as intercepting protocol stack events) are available to all existing and future Linux networking protocols.

Our current MAGNeT distribution records events when the socket-handling code receives data from an application, when the TCP layer receives data from the socket-handling code, when the IP layer receives data from TCP, and, finally, when IP hands the data off to the network device driver. MAGNeT records a similar set of events for the receive pathway.

Without the optionally-compiled data field, MAGNeT records only the timestamp and associated data size for each transition between network-stack layers. With the data field compiled in, MAGNeT records more extensive data about the instantaneous state of the protocol being monitored. This data typically contains all protocol-header information as well as run-time, protocol-state variables, which are not usually available outside of experimental situations. As an example of the kind of information stored within the data field, Figure 3 shows the union members for TCP and IP events.

Figure 3: MAGNeT Extended Data for TCP and IP 
struct magnet_tcp { 
  /* data from "struct tcp_opt" in 
     include/net/sock.h */

  unsigned short  source;      
  /* TCP source port */
  unsigned short  dest;        
  /* TCP destination port */

  unsigned long	snd_wnd;     
  /* Expected receiver window */

  unsigned long	srtt;        
  /* smothed round trip time << 3 */
  unsigned long	rto;         
  /* retransmit timeout */

  unsigned long	packets_out; 
  /* Packets which are "in flight" */
  unsigned long	retrans_out; 
  /* Retransmitted packets out */

  unsigned long	snd_ssthresh;
  /* Slow start size threshold */
  unsigned long	snd_cwnd;    
  /* Sending congestion window */

  unsigned long	rcv_wnd;     
  /* Current receiver window */
  unsigned long	write_seq;   
  /* Tail+1 of data in send buffer */
  unsigned long	copied_seq;  
  /* Head of yet unread data */

  /* TCP flags*/
  unsigned short  fin:1,syn:1,rst:1,
      psh:1,ack:1,urg:1,ece:1,cwr:1; 
}; /* struct magnet_tcp */

struct magnet_ip {
  unsigned char  version;
  unsigned char  tos;
  unsigned short id;
  unsigned short frag_off;
  unsigned char  ttl;
  unsigned char	 protocol;
}; /* struct magnet_ip */

next up previous
Next: Event Loss Up: MAGNeT in Kernel Space Previous: Instrumentation Record
Jeffrey R. Hay 2001-09-12