From nobody Wed Oct 25 09:16:02 2023 X-Original-To: freebsd-current@mlmmj.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mlmmj.nyi.freebsd.org (Postfix) with ESMTP id 4SFjwC3Tvpz4yFhF for ; Wed, 25 Oct 2023 09:16:11 +0000 (UTC) (envelope-from SRS0=lkkf=GH=klop.ws=ronald-lists@realworks.nl) Received: from smtp-relay-int.realworks.nl (smtp-relay-int.realworks.nl [194.109.157.24]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id 4SFjwB41XWz3Lq6 for ; Wed, 25 Oct 2023 09:16:10 +0000 (UTC) (envelope-from SRS0=lkkf=GH=klop.ws=ronald-lists@realworks.nl) Authentication-Results: mx1.freebsd.org; dkim=pass header.d=klop.ws header.s=rw2 header.b=p8Jzg4Dj; spf=pass (mx1.freebsd.org: domain of "SRS0=lkkf=GH=klop.ws=ronald-lists@realworks.nl" designates 194.109.157.24 as permitted sender) smtp.mailfrom="SRS0=lkkf=GH=klop.ws=ronald-lists@realworks.nl"; dmarc=pass (policy=quarantine) header.from=klop.ws Date: Wed, 25 Oct 2023 11:16:02 +0200 (CEST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=klop.ws; s=rw2; t=1698225362; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:cc:mime-version:mime-version:content-type:content-type: in-reply-to:in-reply-to:references:references; bh=M5g5y7mOVdze6TTTpHuqTHgQOBTiJCNgNTYoNNMLKjs=; b=p8Jzg4DjQWYtTxgzR30sjiANFYuKLS/KhasdxVFV8vTJQ+DUIrXIouVxKL9SxRRm3AfM0U A5TpxUw1K+Rq+aY8Y/e7GqPCXRhdXzxGDs/g0ADtX5r2DeY+he3DFKssFVA9Hvr8NzNXdR eob6hcbC+pzPiQ6Kzs3Ni0dU7v3kJVAogOBYmcl+k9J7nDYNI2H8aiSDfpMPsymV86dSew 6sZBIVHfy20Zttgohq4+99tuorC4TUcUBDffXljJPMWPMLY1FSsGLvrhryqi4iRdZL8999 jNJ/221x/PGazefVP4CAZylXVTQzcCSe0O/QFd+z5kBGHxKCzgiiCMRqSfrq/g== From: Ronald Klop To: Rick Macklem Cc: FreeBSD CURRENT , Garrett Wollman Message-ID: <1929903544.3585.1698225362526@localhost> In-Reply-To: References: Subject: Re: RFC: NFS over TLS stats List-Id: Discussions about the use of FreeBSD-current List-Archive: https://lists.freebsd.org/archives/freebsd-current List-Help: List-Post: List-Subscribe: List-Unsubscribe: Sender: owner-freebsd-current@freebsd.org MIME-Version: 1.0 Content-Type: multipart/alternative; boundary="----=_Part_3584_957532270.1698225362524" X-Mailer: Realworks (676.5) Importance: Normal X-Priority: 3 (Normal) X-Spamd-Bar: --- X-Spamd-Result: default: False [-3.18 / 15.00]; NEURAL_HAM_LONG(-1.00)[-1.000]; NEURAL_HAM_MEDIUM(-1.00)[-1.000]; NEURAL_HAM_SHORT(-0.98)[-0.982]; MID_RHS_NOT_FQDN(0.50)[]; DMARC_POLICY_ALLOW(-0.50)[klop.ws,quarantine]; FORGED_SENDER(0.30)[ronald-lists@klop.ws,SRS0=lkkf=GH=klop.ws=ronald-lists@realworks.nl]; R_DKIM_ALLOW(-0.20)[klop.ws:s=rw2]; R_SPF_ALLOW(-0.20)[+ip4:194.109.157.0/24]; MIME_GOOD(-0.10)[multipart/alternative,text/plain]; MLMMJ_DEST(0.00)[freebsd-current@freebsd.org]; FREEMAIL_TO(0.00)[gmail.com]; ARC_NA(0.00)[]; MIME_TRACE(0.00)[0:+,1:+,2:~]; RCVD_COUNT_ZERO(0.00)[0]; HAS_X_PRIO_THREE(0.00)[3]; TO_DN_ALL(0.00)[]; ASN(0.00)[asn:3265, ipnet:194.109.0.0/16, country:NL]; FROM_HAS_DN(0.00)[]; DKIM_TRACE(0.00)[klop.ws:+]; RCPT_COUNT_THREE(0.00)[3]; TO_MATCH_ENVRCPT_SOME(0.00)[]; TAGGED_RCPT(0.00)[]; FROM_NEQ_ENVFROM(0.00)[ronald-lists@klop.ws,SRS0=lkkf=GH=klop.ws=ronald-lists@realworks.nl] X-Rspamd-Queue-Id: 4SFjwB41XWz3Lq6 ------=_Part_3584_957532270.1698225362524 Content-Type: text/plain; charset=us-ascii; format=flowed Content-Transfer-Encoding: 7bit Maybe tracking of errors can be useful. Great work on this! Regards, Ronald. Van: Rick Macklem Datum: woensdag, 25 oktober 2023 04:50 Aan: FreeBSD CURRENT , Garrett Wollman Onderwerp: RFC: NFS over TLS stats > > Garrett Wollman asked me via email how a server > admin could tell what usage NFS over TLS was > happening. > > I admitted that there was nothing. I have come up > with a patch that generates the following: > kern.rpctls.snd_tls_msgbytes: 21508 > kern.rpctls.snd_msgbytes: 20828 > kern.rpctls.snd_tls_msgcnt: 57 > kern.rpctls.snd_msgcnt: 58 > kern.rpctls.rcv_tls_msgbytes: 12336 > kern.rpctls.rcv_msgbytes: 12072 > kern.rpctls.rcv_tls_msgcnt: 57 > kern.rpctls.rcv_msgcnt: 58 > > Basically counts of number of RPC messages > and total number of bytes those messages > result in. (Both with/without TLS.) > > Does this seem reasonable or are there better > statistics that could be generated? Obviously > any other suggestion might or might not be > practical to implement. > > Thanks, rick > > > > ------=_Part_3584_957532270.1698225362524 Content-Type: text/html; charset=us-ascii Content-Transfer-Encoding: 7bit Maybe tracking of errors can be useful.

Great work on this!

Regards,
Ronald.

 

Van: Rick Macklem <rick.macklem@gmail.com>
Datum: woensdag, 25 oktober 2023 04:50
Aan: FreeBSD CURRENT <freebsd-current@freebsd.org>, Garrett Wollman <wollman@bimajority.org>
Onderwerp: RFC: NFS over TLS stats

Garrett Wollman asked me via email how a server
admin could tell what usage NFS over TLS was
happening.

I admitted that there was nothing. I have come up
with a patch that generates the following:
kern.rpctls.snd_tls_msgbytes: 21508
kern.rpctls.snd_msgbytes: 20828
kern.rpctls.snd_tls_msgcnt: 57
kern.rpctls.snd_msgcnt: 58
kern.rpctls.rcv_tls_msgbytes: 12336
kern.rpctls.rcv_msgbytes: 12072
kern.rpctls.rcv_tls_msgcnt: 57
kern.rpctls.rcv_msgcnt: 58

Basically counts of number of RPC messages
and total number of bytes those messages
result in. (Both with/without TLS.)

Does this seem reasonable or are there better
statistics that could be generated?  Obviously
any other suggestion might or might not be
practical to implement.

Thanks, rick
 

  ------=_Part_3584_957532270.1698225362524--