-
Notifications
You must be signed in to change notification settings - Fork 0
/
tcpconnlat_example.txt
61 lines (48 loc) · 2.55 KB
/
tcpconnlat_example.txt
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
Demonstrations of tcpconnlat, the Linux eBPF/bcc version.
This tool traces the kernel function performing active TCP connections
(eg, via a connect() syscall), and shows the latency (time) for the connection
as measured locally: the time from SYN sent to the response packet.
For example:
# ./tcpconnlat
PID COMM IP SADDR DADDR DPORT LAT(ms)
1201 wget 4 10.153.223.157 23.23.100.231 80 1.65
1201 wget 4 10.153.223.157 23.23.100.231 443 1.60
1433 curl 4 10.153.223.157 104.20.25.153 80 0.75
1690 wget 4 10.153.223.157 66.220.156.68 80 1.10
1690 wget 4 10.153.223.157 66.220.156.68 443 0.95
1690 wget 4 10.153.223.157 66.220.156.68 443 0.99
2852 curl 4 10.153.223.157 23.101.17.61 80 250.86
20337 python2.7 6 1234:ab12:2040:5020:2299:0:5:0 1234:ab12:20:9f1d:2299:dde9:0:f5 7001 62.20
21588 nc 6 ::1 ::1 80 0.05
[...]
The first line shows a connection from the "wget" process to the IPv4
destination address 23.23.100.231, port 80. This took 1.65 milliseconds: the
time from the SYN to the response.
TCP connection latency is a useful performance measure showing the time taken
to establish a connection. This typically involves kernel TCP/IP processing
and the network round trip time, and not application runtime.
tcpconnlat measures the time from any connection to the response packet, even
if the response is a RST (port closed).
USAGE message:
# ./tcpconnlat -h
usage: tcpconnlat [-h] [-t] [-p PID] [-L] [-4 | -6] [-v] [duration_ms]
Trace TCP connects and show connection latency
positional arguments:
duration_ms minimum duration to trace (ms)
optional arguments:
-h, --help show this help message and exit
-t, --timestamp include timestamp on output
-p PID, --pid PID trace this PID only
-L, --lport include LPORT on output
-4, --ipv4 trace IPv4 family only
-6 --ipv6 trace IPv6 family only
-v, --verbose print the BPF program for debugging purposes
examples:
./tcpconnlat # trace all TCP connect()s
./tcpconnlat 1 # trace connection latency slower than 1 ms
./tcpconnlat 0.1 # trace connection latency slower than 100 us
./tcpconnlat -t # include timestamps
./tcpconnlat -p 181 # only trace PID 181
./tcpconnlat -L # include LPORT while printing outputs
./tcpconnlat -4 # trace IPv4 family only
./tcpconnlat -6 # trace IPv6 family only