Tcpcopy1.0 Series Use method

New and old architecture in detail:

http://blog.csdn.net/wangbin579/article/details/8949315

Tcpcopy operation needs intercept support, Tcpcopy is responsible for grasping the package and the contract work, and intercept is responsible for intercepting the answer package

Tcpcopy Code Download Address:

git clone http://github.com/session-replay-tools/tcpcopy

Configure

./configure (Default raw socket method grab package)

Or

./configure--pcap-capture (pcap way grab bag, in some scenarios, the packet loss rate will be higher than the raw socket method grab bag, this time need similar pf_ring support)

For intercept:

Code Download Address:

git clone http://github.com/session-replay-tools/intercept

Configure way:

./configure

The running method references the following specific example (Tcpcopy is compiled with configure):

This is an intranet application example, our goal is to copy the AdServer Application server's request to the test system in the following figure.

Online AdServer has 2 units, mainly for nginx calls, so the client IP address from the Nginx of the machine's IP address, are the same network segment IP address.
We assume that the online AdServer machine is where the 10.100.10.1,10.100.10.2,nginx machine IP address is: 10.100.10.11,10.100.10.12,10.100.10.13,
Test server has 10.100.10.31,10.100.10.32 (secondary server)
Among them, 10.100.10.31 is running a similar online AdServer application with a port of 11511, while the online application port is 11311
We add the following route to the 10.100.10.31:
Route add-host 10.100.10.11 GW 10.100.10.32
Route add-host 10.100.10.12 GW 10.100.10.32
Route add-host 10.100.10.13 GW 10.100.10.32

Here's what it means, In the test server 10.100.10.31 return to the client 10.100.10.11~13 the default gateway 10.100.10.32, but the 10.100.10.32 machine does not actually open the routing mode, so these responses packets to the 10.100.10.32 machine, will be dro in the IP layer P dropped, leaving us with the opportunity to catch these response packs at the 10.100.10.32 Data link layer.

We run the Intercept on the 10.100.10.32 machine (the secondary server) to capture the response pack, which commands the following:
Execute intercept command (requires root permission):
./intercept-i eth0-f ' TCP and SRC port 11511 '-D


We run Tcpcopy on the online machine (root privileges):
./tcpcopy-x 11311-10.100.10.31:11511-s 10.100.10.32-d

The meaning here tcpcopy is to copy the online 11311-Port packet to the 11511 port above 10.100.10.31, and-S to specify the IP address of the machine where intercept is running.
The request was passed and the test results were as follows:
[Root@hz12-26 logs]# grep ' Thu 10:30 ' access_0516_10.log-c
99415
[root@hz12-25 logs]# grep ' Thu 10:30 ' access_0516_10.log-c
99414
[root@bgp176-148 logs]# grep ' Thu 10:30 ' access_0516_10.log-c
198693

Finally, you need to be aware of several details of the new architecture:
1 The client that initiates the request is the machine that cannot run the corresponding intercept at the same time, because the TCP layer of this machine sends the reset packet to the test server when the response packet is routed back, which interferes with the test.
2 online service and testing service don't be on a machine
If the destination IP address of the online service response is the same as the destination IP address of the test service response, routing settings are not able to differentiate between online responses and test responses

3 for extranet applications, because the client IP address is from all over the world, the routing strategy is as follows:

A) with two network cards, an external network card, an intranet network card, so that the external network requests are routed to the second test server above, for example, change the default route on the test server:
Route del default GW real gateway IP address

Route add default GW secondary server IP address

b using the Tcpcopy-c parameter, modify the client source IP address, so as to facilitate the setting of routing

For example:./tcpcopy-x 11311-10.100.10.31:11511-s 10.100.10.32-c 192.168.100.x

Appropriate routing settings:

Route add-net 192.168.100.0 netmask 255.255.255.0 GW 10.100.10.32

4 if it is in the same network segment using the external network address access, in machine B above set to machine a response, go to machine C, then set the default extranet network card route will not take effect, you need to explicitly specify, such as:

Route Add-host Machine A's extranet IP address GW machine C's extranet IP address

5 If it is intranet application, because the client IP address is few, the proposal uses as follows:
Route add-host Intranet Client IP address GW secondary server IP address
Or
If the client IP address is from another network segment
Route add-net xxx.xxx.xxx.0 netmask 255.255.255.0 The IP address of the GW secondary server

Do not take the default gateway way

6 If Tcpcopy encounters a large number of "Unsend:too many packets" alarm, please use raw socket method to catch request packets

7 If the client is from the same network segment, then the response package may be returned directly through the MAC address to the client, causing the routing settings to not work, the response package will not be intercepted by intercept, resulting in replication failure

There are two resolution strategies:

1 detects if there is a conflict in the routing command, causing the response package to be returned directly to the client
2) Tcpcopy when running through the-c parameter to change the IP address of the client to different network segment IP address, you can solve this problem.

8 If both intranet access and extranet access, should be for the external network application and intranet application, set the corresponding route

9 Run intercept secondary server, for the convenience of routing settings, it is best to and test server in the same network segment, and do not set Ip_forward

10 This document update time is 2014.8.25