1. Introduction to tcpcopy tool
tcpcopy is a distributed online stress testing tool, which can copy online traffic to the test machine, simulate the online environment in real time, and achieve the effect of taking online traffic in real time when the program is not online, find bugs as soon as possible, and increase online confidence. .
The advantage of tcpcopy lies in its timeliness and authenticity. Except for a small amount of packet loss, it completely copies the online traffic to the test machine, and simulates the change law of online traffic.
Second, the principle of tcpcopy
Architecture diagram of the new version of tcpcopy
tcpcopy consists of three parts: online server, assistant server, target server
The steps for tcpcopy to copy a traffic access are as follows
1、一个访问请求到达线上内核后端机;
2、socket 包在 IP 层被拷贝了一份传给tcpcopy 进程;
3、tcpcopy 修改包的目的及源地址,发给测试内核后端机;
4、拷贝的包到达测试内核后端机;
5、测试内核后端机的推荐内核处理访问,并返回结果;
6、返回结果在 IP 层被截获、丢弃,由 intercept 拷贝返回结果的 IP header 返回;
7、IP header 被发送给线上内核后端机的 tcpcopy 进程。
Three, tcpcopy construction
3.1 Server Planning
Role | CPU name | mysql port |
online server | test00 | 3308(5.6) |
assistant server | offline01 | |
target server | offline02 | 3318(5.7) |
3.2 tcpcopy installation and configuration
Install dependencies
# yum -y install libpcap-devel
intercept installation
# git clone git://github.com/session-replay-tools/intercept.git
# cd intercept
# ./configure
# make && make install
tcpcopy installation
# git clone git://github.com/session-replay-tools/tcpcopy.git
# cd tcpcopy
# ./configure
# make && make install
Fourth, open tcpcopy traffic replication
4.1 Operation on target server:
# route add -net 10.0.0.8 netmask 255.255.252.0 gw 10.0.0.0
After success you can see
# ss -an |head
State Recv-Q Send-Q Local Address:Port Peer Address:Port
LISTEN 0 0 127.0.0.1:199 *:*
LISTEN 512 0 *:80 *:*
ESTAB 0 0 192.168.0.230:80 10.10.10.1:62602
ESTAB 0 0 192.168.0.230:80 10.10.10.4:54595
ESTAB 0 0 192.168.0.230:80 10.10.10.3:53566
ESTAB 0 0 192.168.0.230:80 10.10.10.6:49260
ESTAB 0 0 192.168.0.230:80 10.10.10.8:57598
ESTAB 0 0 192.168.0.230:80 10.10.10.7:64454
4.2 Operation on assistant server (root privilege):
# cd /usr/local/intercept/sbin/
# ./intercept -i bond1 -F 'tcp and src port 3318' -d
After success you can see
# ss -an |grep 36524
LISTEN 0 5 *:36524 *:*
ESTAB 0 66 192.168.0.219:36524 192.168.0.8:49034
ESTAB 0 0 192.168.0.219:36524 192.168.0.8:49035
ESTAB 0 66 192.168.0.219:36524 192.168.0.8:49032
ESTAB 0 0 192.168.0.219:36524 192.168.0.8:49033
4.3 Operation on the online source server (root privilege):
# cd /usr/local/tcpcopy/sbin/
# ./tcpcopy -x 3308-10.0.0.1:3318 -s 10.0.0.2 -c 10.0.0.8 -d
After success you can see
#ss -an|grep 192.168.0.219
ESTAB 0 0 192.168.0.8:49034 192.168.0.219:36524
ESTAB 0 0 192.168.0.8:49035 192.168.0.219:36524
ESTAB 0 0 192.168.0.8:49032 192.168.0.219:36524
ESTAB 0 0 192.168.0.8:49033 192.168.0.219:36524
Five, the pit encountered by tcpcopy
1. The tcpcopy log log prompts many connections cant established
Replace the -c camouflage client ip specified by tcpcopy with the same network segment that can be pinged.
2. Most cloud environments have security restrictions. One network card cannot be bound to 2 IPs, so the online server will refuse to send duplicate packets, and the online packet capture will display the
# tcpdump -i eth0 -nn port 3306 and host 1.1.1.4
11:53:58.573735 IP 10.0.0.1.https > 10.0.0.2.37121: Flags [R.], seq 0, ack 2906947315, win 0, length 0
11:53:58.573774 IP 10.0.0.2.37121 > 10.0.0.1.http: Flags [.], ack 2906947314, win 1024, length 0
11:53:58.573812 IP 10.0.0.1.http > 10.0.0.2.37121: Flags [R], seq 2906947314, win 0, length 0
refer to:
https://mfcheer.github.io/20170228-index.html
http://ju.outofmemory.cn/entry/106907
http://www.itts-union.com/2814.html
http://www.361way.com/tcpcopy-online-offline/3510.html
https://github.com/session-replay-tools/tcpcopy
In order to facilitate everyone to communicate, I have opened a WeChat public account and a QQ group, QQ group: 291519319, let’s communicate with those who like technology