search

tempesta-tech / tempesta

All-in-one solution for high performance web content delivery and advanced protection against DDoS and web attacks
https://tempesta-tech.com/
GNU General Public License v2.0
616 stars 103 forks source link

tfw_lib.sh incorrectly handles veth interfaces (and /sys/class/net path) #1990

Closed mbabitski-t closed 3 months ago

mbabitski-t commented 11 months ago

Scope

  1. tempesta.sh script calls tfw_lib.sh
  2. tfw_lib.sh sees veth8d3e29bb@if4 interface, tries to access /sys/class/net//veth8d3e29bb@if4/queues/rx-*/rps_cpus
  3. but only /sys/class/net/veth8d3e29bb exists.
$ ip link
5: veth8d3e29bb@if4: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue master lxdbr0 state UP mode DEFAULT group default qlen 1000
    link/ether fe:fb:8b:08:aa:1a brd ff:ff:ff:ff:ff:ff link-netnsid 0
$ ls /sys/class/net/
veth8d3e29bb
$ sudo -E ./scripts/tempesta.sh --start
Starting Tempesta...
...enable RPS on veth8d3e29bb@if4
./scripts/tfw_lib.sh: line 178: /sys/class/net//veth8d3e29bb@if4/queues/rx-*/rps_cpus: No such file or directory
...load Tempesta modules
Loading Tempesta kernel modules...
Loading module tempesta_lib 
Loading module tempesta_tls 
Loading module tempesta_db 
Loading module tempesta_fw tfw_cfg_path=/home/user/tempesta/etc/tempesta_tmp.conf
...compile html templates for JS challenge
...start Tempesta FW
done

Possible fix

Remove everything after the @ in the interface name when accessing /sys.

krizhanovsky commented 11 months ago

I'm wondering which virtual machine do you use and how do you initialize the network interface?

mbabitski-t commented 11 months ago

@krizhanovsky VM is Ubuntu 22.04.3 LTS (GNU/Linux 5.10.35.tfw-4c9ba16 x86_64) QEMU libvirtd.

Network interface is initialized by LXD every time a container with the following config is started, and LXD removes the interface after container is stopped.

devices:
  eth0:
    name: eth0
    nictype: bridged
    parent: lxdbr0
    type: nic
krizhanovsky commented 11 months ago

Do you run Tempesta FW inside the container, is this container just runs inside the VM with Tempesta FW?

mbabitski-t commented 11 months ago

Container just runs inside VM with Tempesta FW.

voodam commented 11 months ago

I catched this error on ff0f02145172b92794ef3cd086a12af737caa793 Tempesta commit, but after rebuilding on master and returning back to the commit it was gone. No LXD, just my usual VM on Proxmox.

mbabitski-t commented 10 months ago

@voodam the error is caused by a buggy tfw_lib.sh shell script and should not be tied to a specific TempestaFW version. Maybe network interfaces on your VM have been reconfigured between builds/reboots.

EvgeniiMekhanik commented 6 months ago

I think this will be fixed by https://github.com/tempesta-tech/tempesta/pull/2076

krizhanovsky commented 6 months ago

So I move it to 0.9 as #2075

EvgeniiMekhanik commented 3 months ago

Closed by (https://github.com/tempesta-tech/tempesta/pull/2076