Date: Fri, 25 May 2007 09:59:30 +0200 From: Andre Oppermann <andre@freebsd.org> To: Robert Watson <rwatson@FreeBSD.org> Cc: cvs-src@FreeBSD.org, Gleb Smirnoff <glebius@FreeBSD.org>, cvs-all@FreeBSD.org, src-committers@FreeBSD.org Subject: Re: cvs commit: src/sys/netinet tcp_syncache.c Message-ID: <46569762.6090801@freebsd.org> In-Reply-To: <20070525084450.H53865@fledge.watson.org> References: <200705182113.l4ILD2qb044650@repoman.freebsd.org> <20070521073544.GP89017@FreeBSD.org> <4654D011.5040309@freebsd.org> <20070524092643.GC89017@FreeBSD.org> <20070525084450.H53865@fledge.watson.org>
next in thread | previous in thread | raw e-mail | index | archive | help
Robert Watson wrote: > > On Thu, 24 May 2007, Gleb Smirnoff wrote: > >> A> W/o logging we have no way of really knowing. Before we were >> possibly >> A> accepting stuff we shouldn't have (spoofing and attacks). Now we may >> A> drop stuff we perhaps should accept anyway. W/o logging diagnosing a >> A> TCP problem was very difficult and would need a lot cooperation with >> A> the PR submitter, if it was submitted at all. We normally only got a >> A> report of TCP 'not working'. Figuring out what went wrong was pretty >> A> much doing iterative shots into the dark and see if something >> squeaks. >> A> >> A> With logging I want to make things much more obvious and simpler to >> A> diagnose. Plus we get information in cases (from admins reading the >> A> logs) that were totally lost in the noise or not even attempted to >> A> be debugged. >> A> >> A> For our TCP maintainers (mostly I at the moment) and also 3rd parties >> A> this makes TCP trouble diagnosis much more accessible. Based on a >> A> log report and the OS name/version of the remote end we can pretty >> A> much tell right away what went wrong. This saves an order of a >> A> magnitude in debugging and fault analysis time. From many hours and >> A> email round trips to mere minutes and one or two information >> requests. >> >> I completely understand that this logging is very important in the >> process of refactoring the TCP code. I just think that the performance >> impact should be measured before merging this logging to RELENG_6. > > Kernel-sourced log messages result in an fsync() of log files the > message is written to, as syslogd feels that kernel messages are very > important and should go to disk as quickly and reliably as possible. As > a result, it's very desirable to rate limit (ideally no more than 1pps) > packet-generated log messages. I've been thinking of adding a spp > function to match ppsprint for things like kernel warnings about the > audit trail storage partition filling up, as one message a second is > still a lot. kern.debug should not be automatically written and fsync()ed to disk. All these TCP messages are sourced as kern.debug (except for the log_ in_vain variety with kern.info but that's something the user has to explicitly enable). -- Andre
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?46569762.6090801>