Re: [Xen-users] Monitor Network Traffic per Domain


I was wondering if theres any way I can monitor total bytes sent and recieved by a single Domain without installing anything on the guestos itself. I´ve been trying out a few different options but none seem to be working out. I´m using bridged networking, each domain has a unique public IP.

You can see the totals per guest vif using either ifconfig or cat /proc/net/dev


This works partially, but I need a way to monitor total usage over time. So any script that relies on statistics from each vif will get thrown off if I ever restart a domain or start them in a different order.

yes - I had the same problem. So I came up with the following solution:

I installed the ifrename tool (ifrename package in debian) and I changed the /etc/xen/scripts/vif-brige script in a way that it renames the vif before adding it to the bridge with a name based on the last byte of the mac address assigned to the virtual interface. My changes look like this (unified diff):

v-server:/etc/xen/scripts# diff -U 3 vif-bridge,vanilla vif-bridge
--- vif-bridge,vanilla  2005-05-10 12:53:40.000000000 +0200
+++ vif-bridge  2005-05-10 13:06:03.000000000 +0200
@@ -34,7 +34,7 @@
 # Exit if anything goes wrong
 set -e

-echo "vif-bridge $*"
+echo "vif-bridge $*" | /usr/bin/tee -a /var/log/vif-bridge.log

 # Operation name.
@@ -74,18 +74,25 @@

+export nvif=vif-mac-`echo ${mac} | /usr/bin/awk -F ':' '{ print $6 }'`
+if [ "$OP" == "up" ]; then
+ echo "request interface name ${nvif} instead of ${vif}" | /usr/bin/tee -a /var/log/vif-bridge.log
+    /sbin/ifrename -i ${vif} -n ${nvif}
 # Add/remove vif to/from bridge.
-brctl ${brcmd} ${bridge} ${vif}
-ifconfig ${vif} $OP
+brctl ${brcmd} ${bridge} ${nvif}
+ifconfig ${nvif} $OP

 if [ ${ip} ] ; then

# If we've been given a list of IP networks, allow pkts with these src addrs.
     for addr in ${ip} ; do
- iptables ${iptcmd} FORWARD -m physdev --physdev-in ${vif} -s ${addr} -j ACCEPT + iptables ${iptcmd} FORWARD -m physdev --physdev-in ${nvif} -s ${addr} -j ACCEPT

     # Always allow us to talk to a DHCP server anyhow.
- iptables ${iptcmd} FORWARD -m physdev --physdev-in ${vif} -p udp --sport 68 --dport 67 -j ACCEPT + iptables ${iptcmd} FORWARD -m physdev --physdev-in ${nvif} -p udp --sport 68 --dport 67 -j ACCEPT

All you have to do is to assign mac addresses in the domains that differ by last byte, and voila, you will get the same interface name every time the domain is started.

But take care if you use tools that will try to compansate for counter overflows, because if you stop and start a domain, the counters will get reset.

I then use a snmpd running in Domain-0, so that my traffic collector can collect traffic data the same way it does from our routers.

Best regards,

