From abc47f5ce4a50ab2d3b23505914e9c65f856262b Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Ayd=C4=B1n=20Mercan?= Date: Tue, 2 Jan 2024 16:28:46 +0300 Subject: [PATCH 1/2] Expose the TCP client count in statistics channel The statistics channel does not expose the current number of TCP clients connected, only the highwater. Therefore, users did not have an easy means to collect statistics about TCP clients served over time. This information could only be measured as a seperate mechanism via rndc by looking at the TCP quota filled. In order to expose the exact current count of connected TCP clients (tracked by the "tcp-clients" quota) as a statistics counter, an extra, dedicated Network Manager callback would need to be implemented for that purpose (a counterpart of ns__client_tcpconn() that would be run when a TCP connection is torn down), which is inefficient. Instead, track the number of currently-connected TCP clients separately for IPv4 and IPv6, as Network Manager statistics. (cherry picked from commit 2690dc48d357c85c59f0d72063d7a799e9d03bc0) --- bin/named/statschannel.c | 5 +++++ lib/isc/include/isc/stats.h | 5 ++++- lib/isc/netmgr/netmgr-int.h | 3 ++- lib/isc/netmgr/netmgr.c | 10 ++++++---- lib/isc/netmgr/tcpdns.c | 4 ++++ lib/isc/netmgr/tlsdns.c | 4 ++++ 6 files changed, 25 insertions(+), 6 deletions(-) diff --git a/bin/named/statschannel.c b/bin/named/statschannel.c index 2c4760ca20..0cb56b2e65 100644 --- a/bin/named/statschannel.c +++ b/bin/named/statschannel.c @@ -626,6 +626,11 @@ init_desc(void) { SET_SOCKSTATDESC(unixactive, "Unix domain sockets active", "UnixActive"); SET_SOCKSTATDESC(rawactive, "Raw sockets active", "RawActive"); + SET_SOCKSTATDESC(tcp4clients, "TCP/IPv4 clients currently connected", + "TCP4Clients"); + SET_SOCKSTATDESC(tcp6clients, "TCP/IPv6 clients currently connected", + "TCP6Clients"); + INSIST(i == isc_sockstatscounter_max); /* Initialize DNSSEC statistics */ diff --git a/lib/isc/include/isc/stats.h b/lib/isc/include/isc/stats.h index 5bed7d5285..187a1795df 100644 --- a/lib/isc/include/isc/stats.h +++ b/lib/isc/include/isc/stats.h @@ -100,7 +100,10 @@ enum { isc_sockstatscounter_rawrecvfail = 60, isc_sockstatscounter_rawactive = 61, - isc_sockstatscounter_max = 62 + isc_sockstatscounter_tcp4clients = 62, + isc_sockstatscounter_tcp6clients = 63, + + isc_sockstatscounter_max = 64 }; ISC_LANG_BEGINDECLS diff --git a/lib/isc/netmgr/netmgr-int.h b/lib/isc/netmgr/netmgr-int.h index 6aca9ab92c..da9e8c3a59 100644 --- a/lib/isc/netmgr/netmgr-int.h +++ b/lib/isc/netmgr/netmgr-int.h @@ -856,7 +856,8 @@ typedef enum { STATID_SENDFAIL = 8, STATID_RECVFAIL = 9, STATID_ACTIVE = 10, - STATID_MAX = 11, + STATID_CLIENTS = 11, + STATID_MAX = 12, } isc__nm_statid_t; #if HAVE_LIBNGHTTP2 diff --git a/lib/isc/netmgr/netmgr.c b/lib/isc/netmgr/netmgr.c index 2310b4b904..44ef28e360 100644 --- a/lib/isc/netmgr/netmgr.c +++ b/lib/isc/netmgr/netmgr.c @@ -67,7 +67,8 @@ static const isc_statscounter_t udp4statsindex[] = { -1, isc_sockstatscounter_udp4sendfail, isc_sockstatscounter_udp4recvfail, - isc_sockstatscounter_udp4active + isc_sockstatscounter_udp4active, + -1, }; static const isc_statscounter_t udp6statsindex[] = { @@ -81,7 +82,8 @@ static const isc_statscounter_t udp6statsindex[] = { -1, isc_sockstatscounter_udp6sendfail, isc_sockstatscounter_udp6recvfail, - isc_sockstatscounter_udp6active + isc_sockstatscounter_udp6active, + -1, }; static const isc_statscounter_t tcp4statsindex[] = { @@ -90,7 +92,7 @@ static const isc_statscounter_t tcp4statsindex[] = { isc_sockstatscounter_tcp4connectfail, isc_sockstatscounter_tcp4connect, isc_sockstatscounter_tcp4acceptfail, isc_sockstatscounter_tcp4accept, isc_sockstatscounter_tcp4sendfail, isc_sockstatscounter_tcp4recvfail, - isc_sockstatscounter_tcp4active + isc_sockstatscounter_tcp4active, isc_sockstatscounter_tcp4clients, }; static const isc_statscounter_t tcp6statsindex[] = { @@ -99,7 +101,7 @@ static const isc_statscounter_t tcp6statsindex[] = { isc_sockstatscounter_tcp6connectfail, isc_sockstatscounter_tcp6connect, isc_sockstatscounter_tcp6acceptfail, isc_sockstatscounter_tcp6accept, isc_sockstatscounter_tcp6sendfail, isc_sockstatscounter_tcp6recvfail, - isc_sockstatscounter_tcp6active + isc_sockstatscounter_tcp6active, isc_sockstatscounter_tcp6clients, }; #if 0 diff --git a/lib/isc/netmgr/tcpdns.c b/lib/isc/netmgr/tcpdns.c index b2a0b1016d..1864a45aba 100644 --- a/lib/isc/netmgr/tcpdns.c +++ b/lib/isc/netmgr/tcpdns.c @@ -689,6 +689,7 @@ destroy: * chance to be executed. */ if (sock->quota != NULL) { + isc__nm_decstats(sock, STATID_CLIENTS); isc_quota_detach(&sock->quota); } } @@ -1004,6 +1005,8 @@ accept_connection(isc_nmsocket_t *ssock, isc_quota_t *quota) { UV_RUNTIME_CHECK(uv_timer_init, r); uv_handle_set_data((uv_handle_t *)&csock->read_timer, csock); + isc__nm_incstats(csock, STATID_CLIENTS); + r = uv_accept(&ssock->uv_handle.stream, &csock->uv_handle.stream); if (r != 0) { result = isc__nm_uverr2result(r); @@ -1366,6 +1369,7 @@ tcpdns_close_direct(isc_nmsocket_t *sock) { REQUIRE(atomic_load(&sock->closing)); if (sock->quota != NULL) { + isc__nm_decstats(sock, STATID_CLIENTS); isc_quota_detach(&sock->quota); } diff --git a/lib/isc/netmgr/tlsdns.c b/lib/isc/netmgr/tlsdns.c index feeb1a8d7d..7a005db9b9 100644 --- a/lib/isc/netmgr/tlsdns.c +++ b/lib/isc/netmgr/tlsdns.c @@ -895,6 +895,7 @@ destroy: * had a chance to be executed. */ if (sock->quota != NULL) { + isc__nm_decstats(sock, STATID_CLIENTS); isc_quota_detach(&sock->quota); } } @@ -1628,6 +1629,8 @@ accept_connection(isc_nmsocket_t *ssock, isc_quota_t *quota) { UV_RUNTIME_CHECK(uv_timer_init, r); uv_handle_set_data((uv_handle_t *)&csock->read_timer, csock); + isc__nm_incstats(csock, STATID_CLIENTS); + r = uv_accept(&ssock->uv_handle.stream, &csock->uv_handle.stream); if (r != 0) { result = isc__nm_uverr2result(r); @@ -2109,6 +2112,7 @@ tlsdns_close_direct(isc_nmsocket_t *sock) { REQUIRE(sock->tls.pending_req == NULL); if (sock->quota != NULL) { + isc__nm_decstats(sock, STATID_CLIENTS); isc_quota_detach(&sock->quota); } From 2cfb92439b672a2e257001df9bcf8ccb78355a96 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Ayd=C4=B1n=20Mercan?= Date: Tue, 16 Jan 2024 14:38:21 +0300 Subject: [PATCH 2/2] Add CHANGES and release note for [GL #4425] (cherry picked from commit cc2713700a5d0eebc5e3d6d0ee53fb4da7e67caf) --- CHANGES | 3 +++ doc/notes/notes-current.rst | 3 ++- 2 files changed, 5 insertions(+), 1 deletion(-) diff --git a/CHANGES b/CHANGES index 9991626b63..6bca7cc194 100644 --- a/CHANGES +++ b/CHANGES @@ -33,6 +33,9 @@ listener transport type. Thanks to Thomas Amgarten. [GL #4518] [GL #4528] +6325. [func] Expose the TCP client count in statistics channel. + [GL #4425] + 6324. [bug] Fix a possible crash in 'dig +nssearch +nofail' and 'host -C' commands when one of the name servers returns SERVFAIL. [GL #4508] diff --git a/doc/notes/notes-current.rst b/doc/notes/notes-current.rst index d0ebd19623..325eced5b3 100644 --- a/doc/notes/notes-current.rst +++ b/doc/notes/notes-current.rst @@ -20,7 +20,8 @@ Security Fixes New Features ~~~~~~~~~~~~ -- None. +- The statistics channel now includes counters that indicate the number + of currently connected TCP IPv4/IPv6 clients. :gl:`#4425` Removed Features ~~~~~~~~~~~~~~~~