OpenConnect folks, Created issue and merge request to track this.
Background: When deploying OpenConnect server in an environment that supports automatic scaling, there is a need to quantify the health of a server instance to determine when to add or remove nodes. A key health metric is the latency that the instance is introducing to the client connection, with latency being defined as the elapsed time from when the NIC receives the packet until the packet is transmitted. Ideally we would want to use Linux's RX and TX timestamping functionality to directly measure this for both client -> server and server -> client path. Unfortunately, Linux doesn't yet support reporting timestamps for packets received or sent via a tunnel adapter, but only via the socket interface. But, given that the processing model of ocserv is essentially symmetric, we can estimate outbound latency using inbound latency. This MR adds two measurements: RX timestamps to capture the time when the NIC receives the incoming UPD packet and software timestamp when the write returns on the tunnel adapter. It then aggregates this data across all tunnels and reports it out via occtl and the logs. A management agent could then capture this data to determine server instance health and use this as part of a health model to determine when to add or remove additional ocserv instances. Issue: https://gitlab.com/openconnect/ocserv/issues/258 Merge request: https://gitlab.com/openconnect/ocserv/-/merge_requests/145 Offering this up incase folks believe this would be more broadly useful outside of our environment. _______________________________________________ openconnect-devel mailing list [email protected] http://lists.infradead.org/mailman/listinfo/openconnect-devel
