Subject: Re: CVS commit: src/sbin/ifconfig
To: NetBSD Miscellaneous Technical Discussion List <tech-misc@NetBSD.ORG>
From: Greg A. Woods <woods@weird.com>
List: tech-misc
Date: 04/13/2003 17:23:51
[ On Sunday, April 13, 2003 at 16:16:29 (-0400), John Hawkinson wrote: ]
> Subject: Re: CVS commit: src/sbin/ifconfig
>
> It's hihghly unlikely that anyone is going to run more than one
> SNMP agent on a given CPU that might look at the same set of kernel
> counters.
Perhaps you'd be surprised then... (think of just how many different
SNMP variants there are now, for starters, never mind just how many
sub-systems have their own built-in SNMP agents, agents which are just
as likely to go beyond their own sub-systems as not)
More importantly though there's nothing preventing it, nor indeed
nothing preventing someone having an SNMP agent and some other kind of
management agent, both accessing the same kernel counters, accesses that
I'm sure the average admin will always want to return identical results.
> This is not to say that it is not a case to think about, but it is
> hardly the common case.
I have seen as many as five SNMP agents running on the same server
(Solaris, not NetBSD, but regardless), three of which, IIRC, could
access the same interfaces MIB, i.e. the very same counters we're
talking about here. This was all due to commonly used commercial
software (web servers, mailers, and such). I suspect the reason was
simply that the software vendors were using third-part SNMP code and
were thus able to provide the additional functionality "for free".
In any case, tools for assising in the visualization of kernel counter
deltas are not something that can ever realistically be put into the
kernel in any elegant or efficient or scalable or generically applicable
way.
Let's try to be parsimonious, apply K.I.S.S. and Occam's Razor, and keep
only simple monotonic counters in the kernel, drop SIOCZIFDATA (which,
BTW, has never been part of the first *BSD to have implemented
SIOCIFDATA, i.e. which is 100% unique to only NetBSD-current) and do
_all_ the delta munging in userland where it can be done in any way any
user wishes without affecting anyone else.
If anyone really REALLY wants to pretend they can zero the counters then
they can simulate doing that with new options to netstat, ifconfig, et
al which store "start" values in some data file in their home directory.
That way they can even pretend to zero their countes without having root
privileges! :-)
There's one other critical point to keep in mind too: As we've already
discussed, counters can wrap. This means anyone expecting a counter
value since it hs been zeroed to be correct after any arbitrary time
period could be in for big surprises. From the world of SNMP we can
learn that safe monitoring of any counter requires predictable periodic
sampling with intervals less than the theoretical minimum wrap time so
that wrap events can be caught and dealt with; and also that for such
monitoring to work properly there can be no unpredictable resets of
those counters, no matter how short the sample interval.
--
Greg A. Woods
+1 416 218-0098; <g.a.woods@ieee.org>; <woods@robohack.ca>
Planix, Inc. <woods@planix.com>; VE3TCP; Secrets of the Weird <woods@weird.com>