Need to differentiate between cached dns response vs incomplete ones …

…[BP] (#401) * Need to differentiate between cached dns response vs incomplete ones Signed-off-by: Mohamed Mahmoud <[email protected]> (cherry picked from commit 073d72c) * Need to differentiate between cached dns response vs incomplete ones Signed-off-by: Mohamed Mahmoud <[email protected]> (cherry picked from commit 588d36a) * Need to differentiate between cached dns response vs incomplete ones Signed-off-by: Mohamed Mahmoud <[email protected]> (cherry picked from commit e708721) * Need to differentiate between cached dns response vs incomplete ones Signed-off-by: Mohamed Mahmoud <[email protected]> (cherry picked from commit 7d352f9)
netobserv · Sep 3, 2024 · 00b0d22 · 00b0d22
1 parent 72b6619
commit 00b0d22
Show file tree

Hide file tree

Showing 8 changed files with 11 additions and 12 deletions.
diff --git a/bpf/dns_tracker.h b/bpf/dns_tracker.h
@@ -10,6 +10,7 @@
 #define UDP_MAXMSG 512
 #define EINVAL 22
 #define DNS_DEFAULT_PORT 53
+#define ENOENT 2
 
 struct dns_header {
     u16 id;
@@ -67,6 +68,7 @@ static __always_inline u8 calc_dns_header_offset(pkt_info *pkt, void *data_end)
 
 static __always_inline int track_dns_packet(struct __sk_buff *skb, pkt_info *pkt) {
     void *data_end = (void *)(long)skb->data_end;
+    int ret = 0;
     if (pkt->id->dst_port == dns_port || pkt->id->src_port == dns_port ||
         pkt->id->dst_port == DNS_DEFAULT_PORT || pkt->id->src_port == DNS_DEFAULT_PORT) {
         dns_flow_id dns_req;
@@ -77,7 +79,6 @@ static __always_inline int track_dns_packet(struct __sk_buff *skb, pkt_info *pkt
         }
 
         struct dns_header dns;
-        int ret;
         u32 dns_offset = (long)pkt->l4_hdr - (long)skb->data + len;
 
         if ((ret = bpf_skb_load_bytes(skb, dns_offset, &dns, sizeof(dns))) < 0) {
@@ -99,12 +100,14 @@ static __always_inline int track_dns_packet(struct __sk_buff *skb, pkt_info *pkt
             if (value != NULL) {
                 pkt->dns_latency = ts - *value;
                 bpf_map_delete_elem(&dns_flows, &dns_req);
+            } else {
+                ret = ENOENT;
             }
             pkt->dns_id = dns_id;
             pkt->dns_flags = flags;
         } // end of dns response
     }
-    return 0;
+    return ret;
 }
 
 #endif // __DNS_TRACKER_H__
diff --git a/pkg/decode/decode_protobuf.go b/pkg/decode/decode_protobuf.go
@@ -117,11 +117,7 @@ func RecordToMap(fr *flow.Record) config.GenericMap {
 			out["DnsId"] = dnsID
 			out["DnsFlags"] = fr.Metrics.DnsRecord.Flags
 			out["DnsFlagsResponseCode"] = DNSRcodeToStr(uint32(fr.Metrics.DnsRecord.Flags) & 0xF)
-			if fr.Metrics.DnsRecord.Latency != 0 {
-				out["DnsLatencyMs"] = fr.DNSLatency.Milliseconds()
-			}
-			// Not sure about the logic here, why erasing errno?
-			out["DnsErrno"] = uint32(0)
+			out["DnsLatencyMs"] = fr.DNSLatency.Milliseconds()
 		}
 	}
 

diff --git a/pkg/decode/decode_protobuf_test.go b/pkg/decode/decode_protobuf_test.go
@@ -101,7 +101,7 @@ func TestPBFlowToMap(t *testing.T) {
 		"DnsId":                  uint16(1),
 		"DnsFlags":               uint16(0x80),
 		"DnsFlagsResponseCode":   "NoError",
-		"DnsErrno":               uint32(0),
+		"DnsErrno":               uint8(0),
 		"TimeFlowRttNs":          someDuration.Nanoseconds(),
 	}, out)
 

diff --git a/pkg/ebpf/bpf_arm64_bpfel.o b/pkg/ebpf/bpf_arm64_bpfel.o
diff --git a/pkg/ebpf/bpf_powerpc_bpfel.o b/pkg/ebpf/bpf_powerpc_bpfel.o
diff --git a/pkg/ebpf/bpf_s390_bpfeb.o b/pkg/ebpf/bpf_s390_bpfeb.o
diff --git a/pkg/ebpf/bpf_x86_bpfel.o b/pkg/ebpf/bpf_x86_bpfel.o
diff --git a/pkg/flow/record.go b/pkg/flow/record.go
@@ -105,6 +105,10 @@ func Accumulate(r *ebpf.BpfFlowMetrics, src *ebpf.BpfFlowMetrics) {
 	r.DnsRecord.Flags |= src.DnsRecord.Flags
 	if src.DnsRecord.Id != 0 {
 		r.DnsRecord.Id = src.DnsRecord.Id
+		r.DnsRecord.Errno = src.DnsRecord.Errno
+	}
+	if r.DnsRecord.Errno != src.DnsRecord.Errno {
+		r.DnsRecord.Errno = src.DnsRecord.Errno
 	}
 	if r.DnsRecord.Latency < src.DnsRecord.Latency {
 		r.DnsRecord.Latency = src.DnsRecord.Latency
@@ -117,10 +121,6 @@ func Accumulate(r *ebpf.BpfFlowMetrics, src *ebpf.BpfFlowMetrics) {
 	if src.Dscp != 0 {
 		r.Dscp = src.Dscp
 	}
-	// Accumulate DNSErrno
-	if src.DnsRecord.Errno != 0 {
-		r.DnsRecord.Errno = src.DnsRecord.Errno
-	}
 }
 
 // IP returns the net.IP equivalent object