reorder sflow processing for performance and clarity

inex · Nov 1, 2023 · 1e8908e · 1e8908e
1 parent b5d596c
commit 1e8908e
Show file tree

Hide file tree

Showing 2 changed files with 28 additions and 32 deletions.
diff --git a/tools/runtime/sflow/sflow-detect-ixp-bgp-sessions b/tools/runtime/sflow/sflow-detect-ixp-bgp-sessions
@@ -104,13 +104,16 @@ while (<SFLOWTOOL>) {
 
 	$insanedebug && print STDERR "DEBUG: $_\n";
 
-	# parse and split out all the data.  most of this is unused at the
-	# moment, but it's useful to collect it anyway
-	# FLOW,193.242.111.152,2,21,0013136f2fc0,0010a52f261f,0x0800,10,10,94.1.115.114,80.1.2.222,6,0x00,124,1863,750,0x18,179,165,1024
-	my @sample = split (/,/);			# don't use regexp here for performance reasons
-	my (undef, $agent, $srcswport, $dstswport, $srcmac, $dstmac, $ethertype, $vlan, undef, 
-		$srcip, $dstip, $protocol, $tos, $ttl,
-		$srcport, $dstport, $tcpflags, $pktsize, $payloadsize, $samplerate) = @sample;
+	# FLOW,193.242.111.152,2,21,0013136faaaa,0010a52fbbbb,0x0800,10,10,192.168.1.1,172.16.12.255,6,0x00,124,1863,750,0x18,179,165,1024
+	# don't use regexp here for performance reasons
+	my ($sampletype, $protocol, $srcport, $dstport) = (split (/,/))[0,11,14,15];
+
+	next unless ($sampletype eq 'FLOW');
+
+	# BGP data is protocol 6 (tcp) and one port == 179, i.e. ignore everything except BGP traffic
+	next unless ($protocol == 6 && ($srcport == 179 || $dstport == 179));
+
+	my ($agent, $ethertype, $vlan, $srcip, $dstip, $tcpflags) = (split (/,/))[1,6,7,9,10,16];
 
 	if ($ethertype eq '0x0800') {
 		$ipprotocol = 4;
@@ -122,29 +125,26 @@ while (<SFLOWTOOL>) {
 		next;
 	}
 
-	# BGP data is protocol 6 (tcp) and one port == 179
-	if ($protocol == 6 && ($srcport == 179 || $dstport == 179)) {
-		use NetPacket::TCP;
+	use NetPacket::TCP;
 
-		$tcpflags = hex($tcpflags);
+	$tcpflags = hex($tcpflags);
 
-		# we're only interested in established sessions
-		if (($tcpflags & ACK) && !(($tcpflags & SYN) || ($tcpflags & RST) ||($tcpflags & FIN))) {
-			if ($debug) {
-				print STDERR "DEBUG: [$srcip]:$srcport - [$dstip]:$dstport ".debug_tcpflags($tcpflags).".";
-			}
+	# we're only interested in established sessions
+	if (($tcpflags & ACK) && !(($tcpflags & SYN) || ($tcpflags & RST) ||($tcpflags & FIN))) {
+		if ($debug) {
+			print STDERR "DEBUG: [$srcip]:$srcport - [$dstip]:$dstport ".debug_tcpflags($tcpflags).".";
+		}
 
-			# we're also only interested in ip addresses that have a database match
-			if ($ipmappings->{$ipprotocol}->{$srcip} && $ipmappings->{$ipprotocol}->{$dstip}) {
-				print STDERR " database updated" if ($debug);
-				if (!$sth->execute($ipmappings->{$ipprotocol}->{$srcip}, $ipmappings->{$ipprotocol}->{$dstip}, $ipprotocol, $vlan, $agent)) {
-					print STDERR " unsuccessfully" if ($debug);
-				}
-			} else {
-				print STDERR " ignored - no address match in database" if ($debug);
+		# we're also only interested in ip addresses that have a database match
+		if ($ipmappings->{$ipprotocol}->{$srcip} && $ipmappings->{$ipprotocol}->{$dstip}) {
+			print STDERR " database updated" if ($debug);
+			if (!$sth->execute($ipmappings->{$ipprotocol}->{$srcip}, $ipmappings->{$ipprotocol}->{$dstip}, $ipprotocol, $vlan, $agent)) {
+				print STDERR " unsuccessfully" if ($debug);
 			}
-			print STDERR ".\n" if ($debug);
+		} else {
+			print STDERR " ignored - no address match in database" if ($debug);
 		}
+		print STDERR ".\n" if ($debug);
 	}
 
 	if ($execute_periodic) {

diff --git a/tools/runtime/sflow/sflow-to-rrd-handler b/tools/runtime/sflow/sflow-to-rrd-handler
@@ -138,13 +138,9 @@ while (<SFLOWTOOL>) {
 
 	$insanedebug && print STDERR "DEBUG: $_\n";
 
-	# parse and split out all the data.  most of this is unused at the
-	# moment, but it's useful to collect it anyway
-	# FLOW,193.242.111.152,2,21,0013136f2fc0,0010a52f261f,0x0800,10,10,94.1.115.114,80.1.2.222,6,0x00,124,1863,750,0x18,179,165,1024
-	my @sample = split (/,/);			# don't use regexp here for performance reasons
-	my ($sampletype, $agent, $srcswport, $dstswport, $srcmac, $dstmac, $ethertype, $vlan, undef,
-		$srcip, $dstip, $protocol, $tos, $ttl,
-		$srcport, $dstport, $tcpflags, $pktsize, $payloadsize, $samplerate) = @sample;
+	# FLOW,193.242.111.152,2,21,0013136faaaa,0010a52fbbbb,0x0800,10,10,192.168.1.1,172.16.12.255,6,0x00,124,1863,750,0x18,179,165,1024
+	# don't use regexp here for performance reasons
+	my ($sampletype, $agent, $srcmac, $dstmac, $ethertype, $vlan, $pktsize, $samplerate) = (split (/,/))[0,1,4,5,6,7,17,19];
 
 	next unless ($sampletype eq 'FLOW');