Install using Tcpcopy on Linux servers to get user access traffic

Source: Internet
Author: User
Tags apache access log iptables

Tcpcopy can be used as a stress testing tool, but also to gain real user access traffic to simulate a real-world operating environment, as Tcpcopy's developers introduce it: Tcpcopy is a request-replication (all TCP-based packets) tool with a wide range of applications, Using the Tcpcopy program, you can copy the system traffic that accesses memcached to the membase system. For membase, this traffic is to visit the membase, with direct online

Membase effect, you can do a variety of experiments to view the various characteristics of membase.

Mainly has the following functions

1 Distributed pressure testing tools, the use of online data, you can test the system can withstand the pressure size, you can find some early bugs

2 The ordinary on-line test, can discover the new system to be stable, discovers in advance the on-line process will appear many problems, makes way

The sender has the confidence to be on-line

3 comparison test, the same request, for different or different version of the program, you can do performance comparisons and other tests

4 Flow amplification function, can use a variety of means to construct unlimited online pressure to meet the pressure test requirements of small and medium websites

5 The use of tcpcopy forwarding of traditional pressure test tools issued by the request, can increase network latency, so that the pressure test more realistic

6) Hot Backup

7 Actual combat exercise (architect required)

Installation:

The code is as follows:

TAR-ZXVF tcpcopy-0.9.0. tar.gz

CD tcpcopy-0.9.0./configure

Make

Make install

Note: tcpcopy and intercept versions, configuration parameters to be consistent

Now the code has been placed on the GitHub (https://github.com/session-replay-tools/tcpcopy), more than 1.0 of the version, tcpcopy and intercept package has been separated, need to download the installation separately, Note that if the Intercept is installed./configure error checking for pcap.h ... not found, can be resolved through yum install Libpcap-devel.

Tcpcopy is divided into tcpcopy client and tcpcopy server. Where the Tcpcopy client runs on the online server to capture the online request packet, Tcpcopy server (listening port 36524) runs on the test machine and intercepts the test server before the test server's response packet is discarded

Response package and delivers TCP and IP header information from the response packet to the Tcpcopy client through the TCP connection between the Tcpcopy client and Tcpcopy server to complete the TCP interaction.

Use the following methods:

Tcpcopy Server (root user execution)

1 Boot kernel module ip_queue (modprobe ip_queue)

2) Set the port to intercept, and set the output intercept

The code is as follows:

Iptables-i output-p TCP--sport port-j QUEUE

3) interception

Tcpcopy Client (root user execution)

Tcpcopy Local IP address 1[: Local IP Address 2: ...] Local port remote IP address remote port

Trial:

Simulate fetching Apache's access traffic. Empty the Apache access log before you try. Online machine: 10.1.6.205, Offline Machine: 10.1.6.206.

Operation CLIENT-VM2

The code is as follows:

Modprobe Ip_queue

Iptables-i output-p TCP--sport 80-j QUEUE

Interception

Operation CLIENT-VM1

The code is as follows:

Tcpcopy 10.1.6.205 80 10.1.6.206 80

The author confessed to some points of attention:

1 Linux platform, kernel 2.6+, need to support netlink mechanism

2) Tcpcopy and interception programs in Tcpcopy require root permissions

3 interception on the same machine only need to run an instance, multiple instances are not supported

4 Tcpcopy client needs to connect to the test server 36524 ports, so to open up 36524 ports

5) Tcpcopy due to the grasping package function, when the pressure is large, the GRASP function itself is not reliable, so will lose the packet,

And then lose the request.

6 because the interception program is closely related to the IP queue kernel module, so when the pressure is very high, request

Loss rate is very high, need to optimize SYSCTL system parameters to achieve good results (through Cat/proc/net/ip_queue,

View the IP queue run, and if the number of queue dropped is increasing, you need to modify the Ip_queue_maxlen parameter.

such as echo 4096 >/proc/sys/net/ipv4/ip_queue_maxlen;

If the value of the NetLink Droppedde is increasing, modify the Net.core.rmem_max and Net.core.wmem_max parameters,

such as Sysctl-w net.core.rmem_max=16777216 and Sysctl-w net.core.wmem_max=16777216)

7 Copy the request between the same machine process, also that is, the local Requests, please set the Lo MTU no more than 1500,

And do not set the 127.0.0.1 address in the configuration file to set up intranet or extranet addresses

8 TCP Segmentation offloading related issues (pay attention to the Nic Tso and Gro to close)

If the packet size of the tcpcopy is larger than the MTU, then because of the raw socket output, you need

Change online settings, such as: Ethtool-k Eth1 tso off; Ethtool-k eth1 Gro off

9 Tcpcopy server, that is, the interception program may become a performance bottleneck, especially for large data response to this situation

10 The best test environment and online environment, such as the connection is kept keepalive

Tcpcopy only related to IP, TCP layer data, if the request verification is related to the protocol above the TCP layer, the system will not function correctly.

For example: The MySQL Connection Agreement, because the authorization and the TCP layer above the MySQL protocol, so the request to copy the past will be the target

The standard test server thinks the illegal request, this time needs to be specific to the MySQL protocol to deal with specifically, the TCPCOPY program can run normally

12 Multilayer architecture environment, the test system must be independent, and the online system does not have business relationship, or it will affect the online

13 loss request rate is related to the network situation, the best in the network replication request

14 The system does not support domain names, only support IP address

15 for long requests (such as uploading files), the system is not very support, it is expected that the 0.5 version will support

16 Client IP Address for intranet IP address, under normal circumstances its application request can not be copied to the external network test machine.

17 in order to avoid unnecessary trouble, close the tcpcopy first, and then close the interception

Contact Us

The content source of this page is from Internet, which doesn't represent Alibaba Cloud's opinion; products and services mentioned on that page don't have any relationship with Alibaba Cloud. If the content of the page makes you feel confusing, please write us an email, we will handle the problem within 5 days after receiving your email.

If you find any instances of plagiarism from the community, please send an email to: info-contact@alibabacloud.com and provide relevant evidence. A staff member will contact you within 5 working days.

A Free Trial That Lets You Build Big!

Start building with 50+ products and up to 12 months usage for Elastic Compute Service

  • Sales Support

    1 on 1 presale consultation

  • After-Sales Support

    24/7 Technical Support 6 Free Tickets per Quarter Faster Response

  • Alibaba Cloud offers highly flexible support services tailored to meet your exact needs.