Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Potential BUG in capturing on different interfaces:: #28

Open
eranra opened this issue May 12, 2022 · 0 comments
Open

Potential BUG in capturing on different interfaces:: #28

eranra opened this issue May 12, 2022 · 0 comments
Assignees
@mariomac
Labels
bug Something isn't working

Comments

@eranra
Copy link
Collaborator

eranra commented May 12, 2022

I do not see data from other interfaces just from eth0

I am working on my local laptop inside wsl2

In console #1 I am running::
-==-=-=-=-=-=-=-=-=-=-

$ route
Kernel IP routing table
Destination     Gateway         Genmask         Flags Metric Ref    Use Iface
default         _gateway        0.0.0.0         UG    0      0        0 eth0
172.17.0.0      0.0.0.0         255.255.0.0     U     0      0        0 docker0
172.19.0.0      0.0.0.0         255.255.240.0   U     0      0        0 eth0
172.20.0.0      0.0.0.0         255.255.0.0     U     0      0        0 br-a7ad3335e9d5
192.168.50.0    0.0.0.0         255.255.255.0   U     0      0        0 eth0

$ ping 172.17.0.1
PING 172.17.0.1 (172.17.0.1) 56(84) bytes of data.
64 bytes from 172.17.0.1: icmp_seq=1 ttl=64 time=0.231 ms
64 bytes from 172.17.0.1: icmp_seq=2 ttl=64 time=0.076 ms
64 bytes from 172.17.0.1: icmp_seq=3 ttl=64 time=0.077 ms
64 bytes from 172.17.0.1: icmp_seq=4 ttl=64 time=0.078 ms
64 bytes from 172.17.0.1: icmp_seq=5 ttl=64 time=0.070 ms
64 bytes from 172.17.0.1: icmp_seq=6 ttl=64 time=0.074 ms
64 bytes from 172.17.0.1: icmp_seq=7 ttl=64 time=0.091 ms
64 bytes from 172.17.0.1: icmp_seq=8 ttl=64 time=0.086 ms
64 bytes from 172.17.0.1: icmp_seq=9 ttl=64 time=0.132 ms
64 bytes from 172.17.0.1: icmp_seq=10 ttl=64 time=0.101 ms
64 bytes from 172.17.0.1: icmp_seq=11 ttl=64 time=0.139 ms
64 bytes from 172.17.0.1: icmp_seq=12 ttl=64 time=0.124 ms
64 bytes from 172.17.0.1: icmp_seq=13 ttl=64 time=0.069 ms
64 bytes from 172.17.0.1: icmp_seq=14 ttl=64 time=0.102 ms
64 bytes from 172.17.0.1: icmp_seq=15 ttl=64 time=0.103 ms
64 bytes from 172.17.0.1: icmp_seq=16 ttl=64 time=0.135 ms
64 bytes from 172.17.0.1: icmp_seq=17 ttl=64 time=0.084 ms
64 bytes from 172.17.0.1: icmp_seq=18 ttl=64 time=0.079 ms
64 bytes from 172.17.0.1: icmp_seq=19 ttl=64 time=0.096 ms
64 bytes from 172.17.0.1: icmp_seq=20 ttl=64 time=0.141 ms
64 bytes from 172.17.0.1: icmp_seq=21 ttl=64 time=0.077 ms
64 bytes from 172.17.0.1: icmp_seq=22 ttl=64 time=0.111 ms
64 bytes from 172.17.0.1: icmp_seq=23 ttl=64 time=0.079 ms
64 bytes from 172.17.0.1: icmp_seq=24 ttl=64 time=0.108 ms
64 bytes from 172.17.0.1: icmp_seq=25 ttl=64 time=0.106 ms
64 bytes from 172.17.0.1: icmp_seq=26 ttl=64 time=0.089 ms
64 bytes from 172.17.0.1: icmp_seq=27 ttl=64 time=0.166 ms
64 bytes from 172.17.0.1: icmp_seq=28 ttl=64 time=0.100 ms
64 bytes from 172.17.0.1: icmp_seq=29 ttl=64 time=0.084 ms
64 bytes from 172.17.0.1: icmp_seq=30 ttl=64 time=0.086 ms
64 bytes from 172.17.0.1: icmp_seq=31 ttl=64 time=0.070 ms

In console #2 I am running::
-==-=-=-=-=-=-=-=-=-=-

$ sudo FLOWS_TARGET_HOST=127.0.0.1 FLOWS_TARGET_PORT=9999 ./bin/netobserv-ebpf-agent
INFO[0000] starting NetObserv eBPF Agent
INFO[0000] initializing Flows agent                      component=agent.Flows
INFO[0000] push CTRL+C or send SIGTERM to interrupt execution
INFO[0000] starting Flows agent                          component=agent.Flows
INFO[0000] Flows agent successfully started              component=agent.Flows
INFO[0000] interface detected. Registering flow tracer   component=agent.Flows name=bond0
INFO[0000] interface detected. Registering flow tracer   component=agent.Flows name=dummy0
INFO[0000] interface detected. Registering flow tracer   component=agent.Flows name=eth0
INFO[0000] interface detected. Registering flow tracer   component=agent.Flows name=tunl0
INFO[0000] interface detected. Registering flow tracer   component=agent.Flows name=sit0
INFO[0000] interface detected. Registering flow tracer   component=agent.Flows name=br-a7ad3335e9d5
INFO[0000] interface detected. Registering flow tracer   component=agent.Flows name=docker0
ERRO[0005] couldn't send flow records to collector       collector="127.0.0.1:9999" component=exporter/GRPCProto error="rpc error: code = Unavailable desc = connection error: desc = \"transport: Error while dialing dial tcp 127.0.0.1:9999: connect: connection refused\""
ERRO[0010] couldn't send flow records to collector       collector="127.0.0.1:9999" component=exporter/GRPCProto error="rpc error: code = Unavailable desc = connection error: desc = \"transport: Error while dialing dial tcp 127.0.0.1:9999: connect: connection refused\""
ERRO[0015] couldn't send flow records to collector       collector="127.0.0.1:9999" component=exporter/GRPCProto error="rpc error: code = Unavailable desc = connection error: desc = \"transport: Error while dialing dial tcp 127.0.0.1:9999: connect: connection refused\""
ERRO[0020] couldn't send flow records to collector       collector="127.0.0.1:9999" component=exporter/GRPCProto error="rpc error: code = Unavailable desc = connection error: desc = \"transport: Error while dialing dial tcp 127.0.0.1:9999: connect: connection refused\""
ERRO[0025] couldn't send flow records to collector       collector="127.0.0.1:9999" component=exporter/GRPCProto error="rpc error: code = Unavailable desc = connection error: desc = \"transport: Error while dialing dial tcp 127.0.0.1:9999: connect: connection refused\""

In console #3 I see::
-==-=-=-=-=-=-=-=-=-=-

.
.
.
16:10:11.421569 eth0 IP 0.0.0.0:0 > 0.0.0.0:0: protocol: dir:0 bytes:1272 packets:6 ends: 16:10:14.431095
16:10:09.787783 eth0 IP 192.168.50.16:2221 > 192.168.50.88:59478: protocol:tcp dir:1 bytes:980 packets:10 ends: 16:10:14.295339
16:10:09.784408 eth0 IP 192.168.50.88:57549 > 192.168.50.16:2221: protocol:tcp dir:0 bytes:108 packets:2 ends: 16:10:09.828893
16:10:14.783970 eth0 IP 192.168.50.16:2221 > 192.168.50.88:57549: protocol:tcp dir:1 bytes:332 packets:2 ends: 16:10:14.784315
16:10:15.606434 eth0 IP 192.168.50.16:2221 > 192.168.50.88:63110: protocol:tcp dir:1 bytes:450 packets:5 ends: 16:10:19.766466
16:10:14.796195 eth0 IP 192.168.50.16:2221 > 192.168.50.88:59478: protocol:tcp dir:1 bytes:1088 packets:12 ends: 16:10:19.371479
16:10:14.784487 eth0 IP 192.168.50.88:57549 > 192.168.50.16:2221: protocol:tcp dir:0 bytes:54 packets:1 ends: 16:10:14.784487
16:10:18.443349 eth0 IP 0.0.0.0:0 > 0.0.0.0:0: protocol: dir:0 bytes:424 packets:2 ends: 16:10:18.444552
16:10:18.442786 eth0 IP 192.168.50.88:5353 > 224.0.0.251:5353: protocol:udp dir:0 bytes:384 packets:2 ends: 16:10:18.443906
16:10:15.648172 eth0 IP 192.168.50.88:63110 > 192.168.50.16:2221: protocol:tcp dir:0 bytes:216 packets:4 ends: 16:10:18.772084
16:10:14.851205 eth0 IP 192.168.50.88:59478 > 192.168.50.16:2221: protocol:tcp dir:0 bytes:736 packets:12 ends: 16:10:19.371424
16:10:20.806308 eth0 IP 192.168.50.16:2221 > 192.168.50.88:63110: protocol:tcp dir:1 bytes:360 packets:4 ends: 16:10:23.926596
16:10:19.804403 eth0 IP 192.168.50.16:2221 > 192.168.50.88:59478: protocol:tcp dir:1 bytes:1034 packets:11 ends: 16:10:24.312186
16:10:19.854728 eth0 IP 192.168.50.88:59478 > 192.168.50.16:2221: protocol:tcp dir:0 bytes:584 packets:10 ends: 16:10:24.355046
16:10:19.809596 eth0 IP 192.168.50.88:63110 > 192.168.50.16:2221: protocol:tcp dir:0 bytes:270 packets:5 ends: 16:10:23.977869
16:10:19.779707 eth0 IP 192.168.50.16:2221 > 192.168.50.88:57549: protocol:tcp dir:1 bytes:440 packets:4 ends: 16:10:20.298783
16:10:19.824768 eth0 IP 192.168.50.88:57549 > 192.168.50.16:2221: protocol:tcp dir:0 bytes:288 packets:4 ends: 16:10:20.354720
16:10:24.866107 eth0 IP 192.168.50.88:59478 > 192.168.50.16:2221: protocol:tcp dir:0 bytes:540 packets:10 ends: 16:10:29.372393
16:10:26.429391 eth0 IP 0.0.0.0:0 > 0.0.0.0:0: protocol: dir:0 bytes:1272 packets:6 ends: 16:10:29.449782
16:10:24.836071 eth0 IP 192.168.50.88:57549 > 192.168.50.16:2221: protocol:tcp dir:0 bytes:54 packets:1 ends: 16:10:24.836071
16:10:25.016215 eth0 IP 192.168.50.88:63110 > 192.168.50.16:2221: protocol:tcp dir:0 bytes:270 packets:5 ends: 16:10:29.177212
16:10:24.966451 eth0 IP 192.168.50.16:2221 > 192.168.50.88:63110: protocol:tcp dir:1 bytes:450 packets:5 ends: 16:10:29.126457
16:10:24.812920 eth0 IP 192.168.50.16:2221 > 192.168.50.88:59478: protocol:tcp dir:1 bytes:980 packets:10 ends: 16:10:29.320577
16:10:24.784189 eth0 IP 192.168.50.16:2221 > 192.168.50.88:57549: protocol:tcp dir:1 bytes:218 packets:1 ends: 16:10:24.784189
16:10:26.427953 eth0 IP 192.168.50.88:5353 > 224.0.0.251:5353: protocol:udp dir:0 bytes:1152 packets:6 ends: 16:10:29.449278

.
.
.
@eranra eranra added the bug Something isn't working label May 12, 2022
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@mariomac mariomac

Labels
bug Something isn't working
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@mariomac @eranra