5.02021-11-21T21:58:56ZTemplatesNetwork Performance ConntrackNetwork Performance Conntrack## Overview
Template for collecting Linux conntrack metrics.
Usefull for monitoring systems doing NAT, for example - Docker/Kubernetes nodes, Linux-based gateways.
Uses system.run but may be altered with userparameter if remote commands are forbidden. Ubuntu Xenial< and Debian Stretch< tested, but may also work on other distro.
Some of the features:
* Single request.
* Minimum host dependencies - lnstat (part of iproute2 package) used.
* No host scripts, only system.run and dependent items.
## Author
Oleg Morozov aka zigmund
TemplatesConntrack- Conntrack delete per secondDEPENDENTconntrack_stats[delete]07d90dFLOATopsNumber of conntrack entries which were removed.ConntrackJSONPATH$.deleteCHANGE_PER_SECONDDISCARD_UNCHANGED_HEARTBEAT10msystem.run["lnstat -jc1 -f nf_conntrack | sed 's/{{/{/g' | sed 's/}}/}/g'"]
- Conntrack delete_list per secondDEPENDENTconntrack_stats[delete_list]07d90dFLOATopsNumber of conntrack entries which were put to dying list.ConntrackJSONPATH$.delete_listCHANGE_PER_SECONDDISCARD_UNCHANGED_HEARTBEAT10msystem.run["lnstat -jc1 -f nf_conntrack | sed 's/{{/{/g' | sed 's/}}/}/g'"]
- Conntrack drop per secondDEPENDENTconntrack_stats[drop]07d90dFLOATopsNumber of packets dropped due to conntrack failure. Either new conntrack entry allocation failed, or protocol helper dropped the packet.ConntrackJSONPATH$.dropCHANGE_PER_SECONDDISCARD_UNCHANGED_HEARTBEAT10msystem.run["lnstat -jc1 -f nf_conntrack | sed 's/{{/{/g' | sed 's/}}/}/g'"]
- Conntrack early_drop per secondDEPENDENTconntrack_stats[early_drop]07d90dFLOATopsNumber of dropped conntrack entries to make room for new ones, if maximum table size was reached.ConntrackJSONPATH$.early_dropCHANGE_PER_SECONDDISCARD_UNCHANGED_HEARTBEAT10msystem.run["lnstat -jc1 -f nf_conntrack | sed 's/{{/{/g' | sed 's/}}/}/g'"]
- Conntrack entriesDEPENDENTconntrack_stats[entries]07d90dNumber of entries in conntrack table.ConntrackJSONPATH$.entriesDISCARD_UNCHANGED_HEARTBEAT10msystem.run["lnstat -jc1 -f nf_conntrack | sed 's/{{/{/g' | sed 's/}}/}/g'"]
- Conntrack expect_create per secondDEPENDENTconntrack_stats[expect_create]07d90dFLOATopsNumber of expectations added.ConntrackJSONPATH$.expect_createCHANGE_PER_SECONDDISCARD_UNCHANGED_HEARTBEAT10msystem.run["lnstat -jc1 -f nf_conntrack | sed 's/{{/{/g' | sed 's/}}/}/g'"]
- Conntrack expect_delete per secondDEPENDENTconntrack_stats[expect_delete]07d90dFLOATopsNumber of expectations deleted.ConntrackJSONPATH$.expect_deleteCHANGE_PER_SECONDDISCARD_UNCHANGED_HEARTBEAT10msystem.run["lnstat -jc1 -f nf_conntrack | sed 's/{{/{/g' | sed 's/}}/}/g'"]
- Conntrack expect_new per secondDEPENDENTconntrack_stats[expect_new]07d90dFLOATopsNumber of conntrack entries added after an expectation for them was already present.ConntrackJSONPATH$.expect_newCHANGE_PER_SECONDDISCARD_UNCHANGED_HEARTBEAT10msystem.run["lnstat -jc1 -f nf_conntrack | sed 's/{{/{/g' | sed 's/}}/}/g'"]
- Conntrack found per secondDEPENDENTconntrack_stats[found]07d90dFLOATopsNumber of searched entries which were successful.ConntrackJSONPATH$.foundCHANGE_PER_SECONDDISCARD_UNCHANGED_HEARTBEAT10msystem.run["lnstat -jc1 -f nf_conntrack | sed 's/{{/{/g' | sed 's/}}/}/g'"]
- Conntrack icmp_error per secondDEPENDENTconntrack_stats[icmp_error]07d90dFLOATopsNumber of packets which could not be tracked due to error situation. This is a subset of invalid.ConntrackJSONPATH$.icmp_errorCHANGE_PER_SECONDDISCARD_UNCHANGED_HEARTBEAT10msystem.run["lnstat -jc1 -f nf_conntrack | sed 's/{{/{/g' | sed 's/}}/}/g'"]
- Conntrack ignore per secondDEPENDENTconntrack_stats[ignore]07d90dFLOATopsNumber of packets seen which are already connected to a conntrack entry.ConntrackJSONPATH$.ignoreCHANGE_PER_SECONDDISCARD_UNCHANGED_HEARTBEAT10msystem.run["lnstat -jc1 -f nf_conntrack | sed 's/{{/{/g' | sed 's/}}/}/g'"]
- Conntrack insert per secondDEPENDENTconntrack_stats[insert]07d90dFLOATopsNumber of entries inserted into the list.ConntrackJSONPATH$.insertCHANGE_PER_SECONDDISCARD_UNCHANGED_HEARTBEAT10msystem.run["lnstat -jc1 -f nf_conntrack | sed 's/{{/{/g' | sed 's/}}/}/g'"]
- Conntrack insert_failed per secondDEPENDENTconntrack_stats[insert_failed]07d90dFLOATopsNumber of entries for which list insertion was attempted but failed (happens if the same entry is already present).ConntrackJSONPATH$.insert_failedCHANGE_PER_SECONDDISCARD_UNCHANGED_HEARTBEAT10msystem.run["lnstat -jc1 -f nf_conntrack | sed 's/{{/{/g' | sed 's/}}/}/g'"]
- Conntrack invalid per secondDEPENDENTconntrack_stats[invalid]07d90dFLOATopsNumber of packets seen which can not be tracked.ConntrackJSONPATH$.invalidCHANGE_PER_SECONDDISCARD_UNCHANGED_HEARTBEAT10msystem.run["lnstat -jc1 -f nf_conntrack | sed 's/{{/{/g' | sed 's/}}/}/g'"]
- Conntrack new per secondDEPENDENTconntrack_stats[new]07d90dFLOATopsNumber of conntrack entries added which were not expected before.ConntrackJSONPATH$.newCHANGE_PER_SECONDDISCARD_UNCHANGED_HEARTBEAT10msystem.run["lnstat -jc1 -f nf_conntrack | sed 's/{{/{/g' | sed 's/}}/}/g'"]
- Conntrack searched per secondDEPENDENTconntrack_stats[searched]07d90dFLOATopsNumber of conntrack table lookups performed.ConntrackJSONPATH$.searchedCHANGE_PER_SECONDDISCARD_UNCHANGED_HEARTBEAT10msystem.run["lnstat -jc1 -f nf_conntrack | sed 's/{{/{/g' | sed 's/}}/}/g'"]
- Conntrack search_restart per secondDEPENDENTconntrack_stats[search_restart]07d90dFLOATopsNumber of conntrack table lookups which had to be restarted due to hashtable resizes.ConntrackJSONPATH$.search_restartCHANGE_PER_SECONDDISCARD_UNCHANGED_HEARTBEAT10msystem.run["lnstat -jc1 -f nf_conntrack | sed 's/{{/{/g' | sed 's/}}/}/g'"]
- Conntrack maxZABBIX_ACTIVEsystem.run["/sbin/sysctl -n net.netfilter.nf_conntrack_max"]1h1d90dMaximum conntrack entries limit configured.Conntrack
- Conntrack statsZABBIX_ACTIVEsystem.run["lnstat -jc1 -f nf_conntrack | sed 's/{{/{/g' | sed 's/}}/}/g'"]00CHARConntrack
{Network Performance Conntrack:conntrack_stats[entries].last()} > {Network Performance Conntrack:system.run["/sbin/sysctl -n net.netfilter.nf_conntrack_max"].last()} * 0.7Conntrack table utilization over 70%AVERAGEConntrack table utilization over 80%{Network Performance Conntrack:conntrack_stats[entries].last()} > {Network Performance Conntrack:system.run["/sbin/sysctl -n net.netfilter.nf_conntrack_max"].last()} * 0.8Conntrack table utilization over 90%{Network Performance Conntrack:conntrack_stats[entries].last()} > {Network Performance Conntrack:system.run["/sbin/sysctl -n net.netfilter.nf_conntrack_max"].last()} * 0.9{Network Performance Conntrack:conntrack_stats[entries].last()} > {Network Performance Conntrack:system.run["/sbin/sysctl -n net.netfilter.nf_conntrack_max"].last()} * 0.8Conntrack table utilization over 80%HIGHConntrack table utilization over 90%{Network Performance Conntrack:conntrack_stats[entries].last()} > {Network Performance Conntrack:system.run["/sbin/sysctl -n net.netfilter.nf_conntrack_max"].last()} * 0.9{Network Performance Conntrack:conntrack_stats[entries].last()} > {Network Performance Conntrack:system.run["/sbin/sysctl -n net.netfilter.nf_conntrack_max"].last()} * 0.9Conntrack table utilization over 90%DISASTER