TCP Stack Metrics in OpenSSH

rapier rapier at psc.edu
Tue Dec 21 02:36:56 AEDT 2021


All,

Before I post a patch I thought I'd see if there was any interest.

As part of some work I'm doing I have implemented a method to have an 
SSH client report on both the local and remote TCP instrument metrics 
via the TCP_INFO struct. The goal is to provide network engineers and 
knowledgeable users a means to profile and diagnose their SSH connections.

Currently I have this working under Linux, FreeBSD, and NetBSD. OpenBSD 
doesn't seem to have the tcp_info struct (if I'm mistaken please let me 
know). Apple is just being annoying and redefined that struct in their 
own very special way that doesn't correspond that well.

Quick run down of the method. Every N seconds (default of 5) the client 
sends a SSH2_MSG_GLOBAL_REQUEST to the server with a custom type. If the 
server supports it then it dumps the TCP_INFO for the SSH TCP socket 
into a serialized object. The client receives this, extracts the 
information, and writes it to a file (default of 
ssh_stack_metrics.remote). The client then queries the socket on it's 
end and extracts the same information and write that to a different file 
(default of ssh_stack_metrics.local).

It handles different versions of the TCP_INFO struct, cases where the 
server doesn't understand the message request, and where TCP_INFO isn't 
available.

Upside: More information for diagnostics and performance metrics. 
Doesn't impact performance when not being used. Doesn't seem to impact 
performance when in use.

Downside: 1) The serialization is handled by the binn object 
serialization library from https://github.com/liteserver/binn. It's not 
an external dependency but it is code that needs to be included in the 
repo. 2) The timer is in main loop of client_loop in clientloop.c. In an 
interactive session where it's waiting for input the timer doesn't 
necessarily fire every N seconds as the loop pauses waiting for input. 
In most cases where people would use this that won't be a problem.

Anyway, if people want to see the patch, have any interest, or questions 
please let me know.

Chris


More information about the openssh-unix-dev mailing list