From jb@green.syndicate.net  Tue Apr 30 10:43:30 2002
Return-Path: <jb@green.syndicate.net>
Received: from green.syndicate.net (green.syndicate.net [64.71.130.50])
	by hub.freebsd.org (Postfix) with ESMTP id 489E637B41C
	for <FreeBSD-gnats-submit@freebsd.org>; Tue, 30 Apr 2002 10:43:29 -0700 (PDT)
Received: (from jb@localhost)
	by green.syndicate.net (8.11.6/8.11.6) id g3UHhT726309;
	Tue, 30 Apr 2002 10:43:29 -0700 (PDT)
	(envelope-from jb)
Message-Id: <200204301743.g3UHhT726309@green.syndicate.net>
Date: Tue, 30 Apr 2002 10:43:29 -0700 (PDT)
From: james brown <jbsd@syndicate.net>
Reply-To: james brown <jbsd@syndicate.net>
To: FreeBSD-gnats-submit@freebsd.org
Cc:
Subject: netstat -i -b does not count outgoing packets for ip aliases
X-Send-Pr-Version: 3.113
X-GNATS-Notify:

>Number:         37602
>Category:       bin
>Synopsis:       netstat -i -b does not count outgoing packets for ip aliases
>Confidential:   no
>Severity:       non-critical
>Priority:       medium
>Responsible:    freebsd-bugs
>State:          closed
>Quarter:        
>Keywords:       
>Date-Required:  
>Class:          sw-bug
>Submitter-Id:   current-users
>Arrival-Date:   Tue Apr 30 10:50:01 PDT 2002
>Closed-Date:    Thu May 16 00:11:44 PDT 2002
>Last-Modified:  Thu May 16 00:11:44 PDT 2002
>Originator:     james brown
>Release:        FreeBSD 4.4-STABLE i386
>Organization:
>Environment:
System: FreeBSD green.syndicate.net 4.4-STABLE FreeBSD 4.4-STABLE #4: Mon Jan 7 23:25:53 PST 2002 jb@green.syndicate.net:/usr/src/sys/compile/GREEN i386


	
>Description:

netstat -i -b does not count outgoing packets on ip aliases.  ipfw counts packets on ip aliases just fine.

>How-To-Repeat:

execute netstat -i -b on a system with ip aliases which have traffic.  the results can be checked against ipfw show

>Fix:

	
>Release-Note:
>Audit-Trail:

From: "Crist J. Clark" <cjc@FreeBSD.ORG>
To: james brown <jbsd@syndicate.net>
Cc: FreeBSD-gnats-submit@FreeBSD.ORG
Subject: Re: bin/37602: netstat -i -b does not count outgoing packets for ip aliases
Date: Sun, 12 May 2002 01:26:49 -0700

 On Tue, Apr 30, 2002 at 10:43:29AM -0700, james brown wrote:
 [snip]
 
 > netstat -i -b does not count outgoing packets on ip aliases.  ipfw counts packets on ip aliases just fine.
 
 It doesn't make a lot of sense to track outgoing packets by source IP
 address on an interface. The destination IP address determines which
 interface a packet leaves. If you have two interfaces, if0 and if1,
 and you are sending a packet with source IP address, ip0, an address
 associated with if0, the destination IP determines which interface the
 packet leaves. You can have packets with source address of ip0 leaving
 interface if1.
 
 If you are playing with ipfw(8) accounting, you can see this by adding
 rules like,
 
   # ipfw count ip from ip0 to any out via if0
   # ipfw count ip from ip0 to any out via if1
   # ipfw count ip from ip0 to any out
 
 -- 
 Crist J. Clark                     |     cjclark@alum.mit.edu
                                    |     cjclark@jhu.edu
 http://people.freebsd.org/~cjc/    |     cjc@freebsd.org

From: "james brown" <jbsd@syndicate.net>
To: "Crist J. Clark" <cjc@FreeBSD.ORG>,
	FreeBSD-gnats-submit@FreeBSD.ORG
Cc:  
Subject: Re: bin/37602: netstat -i -b does not count outgoing packets for ip aliases
Date: Mon, 13 May 2002 16:45:04 -0700 (PDT)

 > It doesn't make a lot of sense to track outgoing packets by source IP
 > address on an interface. The destination IP address determines which
 
 i think in our situation it does make sense.  here is our setup:
 
 - a single network interface.
 
 - multiple ip address aliases on that interface.
 
 - multiple http and ftp daemons bound to those ip addresses.
 
 we want to measure the network traffic for each ip address using 
 netstat -i -b in order to get statistics on how much traffic is moving 
 in and out of these daemons.
 
 > If you are playing with ipfw(8) accounting, you can see this by adding
 > rules like,
 
 i am aware that we can count bytes using ipfw accounting but this only 
 produces the total in/out combined.  we were hoping to use netstat 
 because it displays in and out separately.
 
 the bottom line is netstat -i -b does not appear to be working properly 
 for ip aliases, this is why i submitted the gnats report.
 
 thank you,
 james
 

From: "Crist J. Clark" <crist.clark@attbi.com>
To: james brown <jbsd@syndicate.net>
Cc: FreeBSD-gnats-submit@FreeBSD.ORG
Subject: Re: bin/37602: netstat -i -b does not count outgoing packets for ip aliases
Date: Tue, 14 May 2002 15:48:25 -0700

 On Mon, May 13, 2002 at 04:45:04PM -0700, james brown wrote:
 > 
 > > It doesn't make a lot of sense to track outgoing packets by source IP
 > > address on an interface. The destination IP address determines which
 > 
 > i think in our situation it does make sense.  here is our setup:
 > 
 > - a single network interface.
 > 
 > - multiple ip address aliases on that interface.
 > 
 > - multiple http and ftp daemons bound to those ip addresses.
 > 
 > we want to measure the network traffic for each ip address using 
 > netstat -i -b in order to get statistics on how much traffic is moving 
 > in and out of these daemons.
 
 But as you've found, you're not going to get it with netstat(1). That
 information simply isn't tracked. Figuring out what alias address a
 packet might be "leaving" simply isn't required in the IP output code,
 so it is not convenient to track it (since it is a bunch of extra code
 to run for every packet). And as I mentioned, in the case where you
 have multiple interfaces, trying to track it would be confusing.
 
 > > If you are playing with ipfw(8) accounting, you can see this by adding
 > > rules like,
 > 
 > i am aware that we can count bytes using ipfw accounting but this only 
 > produces the total in/out combined.  we were hoping to use netstat 
 > because it displays in and out separately.
 
 You can make ipfw(8) track in and out separately. In fact, I really
 don't see how you could get it to track in and out combined,
 
   pass ip from <alias> to any out
   pass ip from any to <alias> in
 
 > the bottom line is netstat -i -b does not appear to be working properly 
 > for ip aliases, this is why i submitted the gnats report.
 
 The netstat(1) utility is working fine. It's just dumping the
 counters in various in-kernel data structures. The fact is, the data
 you desire is simply not and never has been tracked in the BSD stack.
 
 Feel free to take a look in sys/netinet/ip_output.c and see if you can
 find a place to do the accounting without creating too much additional
 overhead.
 -- 
 Crist J. Clark                     |     cjclark@alum.mit.edu
                                    |     cjclark@jhu.edu
 http://people.freebsd.org/~cjc/    |     cjc@freebsd.org

From: "james brown" <jbsd@syndicate.net>
To: cjclark@alum.mit.edu, FreeBSD-gnats-submit@FreeBSD.ORG
Cc:  
Subject: Re: bin/37602: netstat -i -b does not count outgoing packets for ip aliases
Date: Wed, 15 May 2002 10:56:34 -0700 (PDT)

 > But as you've found, you're not going to get it with netstat(1). That
 > information simply isn't tracked. Figuring out what alias address a
 
 thanks, that answered my question.
 
 > You can make ipfw(8) track in and out separately. In fact, I really
 > don't see how you could get it to track in and out combined,
 
 yes, i was wrong about that.
 
 > Feel free to take a look in sys/netinet/ip_output.c and see if you can
 > find a place to do the accounting without creating too much additional
 > overhead.
 
 if i learn network programming maybe i'll get around to that some day.
 
 thank you for the reply and helping me with this.
 
 james
 
State-Changed-From-To: open->closed 
State-Changed-By: cjc 
State-Changed-When: Thu May 16 00:09:49 PDT 2002 
State-Changed-Why:  
The kernel simply doesn't track the information the submitter 
wants. The submitter seems satisfied with the explanation. 

http://www.freebsd.org/cgi/query-pr.cgi?pr=37602 
>Unformatted:
