PSARC Questions Version 1.22 Approved Oct. 2008 (PSARC/2008/625) 1. What is the proposal being presented for review? * Give an overview of the project and its phase(s). We propose to provide new commands to monitor dynamic network traffic statistics viz. dlstat(1M) and flowstat(1M). This is part of the effort to gain better visibility into network traffic in the light of Crossbow (/PSARC/2006/357) features like virtual NICs, interrupt vs. polling modes etc. This would greatly assist network performance analysis. It is also aimed at segregating link/flow configuration interface from the interface for querying for dynamic network statistics. * Describe the exposure (OpenSolaris), scope and type of review desired (overview, full case, etc.) Full case * Indicate the release binding requested by the project team. minor * What are the project's deliverables? dlstat(1M), flowstat(1M), dlstat(1M) man page, flowstat(1M) man page, updated dladm(1M) man page, updated flowadm(1M) man page. * How does this project align with existing or proposed ARC cases? Crossbow (/PSARC/2006/357) [Refer project overview above for details]. 2. Describe user interactions. * Are new user interfaces being proposed, or existing interfaces being changed? New interfaces: dlstat(1M), flowstat(1M). Old interfaces: Currently, dladm(1M) and flowadm(1M) provide limited support to query network traffic statistics. In short term, we intend to leave dladm/flowadm untouched but mark their dynamic traffic querying suboptions as obsolete in the corresponding manpages. In long term, this functionality will be removed from dladm and flowadm. * Explain the similarities in proposed interfaces with existing OS user interfaces (Solaris, Linux, Windows, etc.). N/A * Are there any install time changes? None 3. What are the exported (defined by your project) and imported (defined by another project that your project then references) interfaces or protocols and their respective stability levels? Exported Interfaces Interface Name Classification Comments --------------------- -------------------- -------------------------- /usr/sbin/dlstat Committed SUNWcsu /usr/sbin/flowstat Committed SUNWcnetr Imported Interfaces Interface Name Classification Comments --------------------- -------------------- -------------------------- libdladm.h Project Private /usr/lib/libdladm.so.1 libdlstat.h Project Private /usr/lib/libdladm.so.1 * Is there a versioning scheme in place? No * Has the team secured interface contracts where necessary? Not necessary 4. Describe any dependencies on hardware (e.g. SPARC exclusive), and on other projects within Solaris. None 5. Projects need to be aware of the overall security of the system and how their components affect it. Which parts of this project are critical to the security of the system to avoid such unintended consequences such as unauthorized system entry, unauthorized access to or modification of data, elevation of privilege, denial of service, violation of labeled security, ...? Does this project require elevated privilege? No A number of specific policies and practices address various aspects of the security of the system. They are found in appendix 1. Which of these are applicable to this project, and how are they addressed? None applicable 6. Describe means of observing project functionality and performance, by an end user or by a system administrator. Generate known amounts of traffic matching the links and flows being observed and confirm the proper behavior using dlstat and flowstat. 7. How does the project deal with faults and interruptions? Initialization and restarting? N/A. 8. How does the project interact with Solaris virtualization technologies (xVM, LDOMs, zones, Branded zones, SunCluster, etc.)? With this project we gain better visibility into traffic flowing in and out of hardware lanes (device level) and software lanes (MAC level). In the context of virtualization, one or more of hardware/software lanes could be mapped to a guest OS instance. Thus, we now have access to finer grain statistics while monitoring and/or tuning network traffic through these guest OS instances. 9. Does this project require administration (i.e., configuration or management)? If so, No * How is the project administered, and what sort of review process has this user interface undergone? N/A * Is there a means of aggregating management and/or configuration with other related projects? N/A. * Does this project deliver its own administration along with the other components, or is this project an administration interface for other projects? This project provides network traffic monitoring interface for features introduced by Crossbow (/PSARC/2006/357). * Are there any external (to Solaris) management interfaces to consider, or being consumed? N/A. Projects that require or deliver administrative interfaces are often by their nature security components of the system and should likely address the security question (#5 above, with attention to RBAC and Audit). (See also appendix 2). 10. Have you reviewed the Policies and Best Practices? Are there any exceptions this project needs? No exceptions.