Search code examples
traceportforwardinglttng

LTTng live view with port forwarding / tunneling

I have a PC A where LTTng tracing is running with live view

lttng create trace-session --live

# Traces will be output to tcp4://127.0.0.1:5342/ [data: 5343]

Another PC B is directly connected with A with a Ethernet cable. At the same time, B is connected to a local network.

Now how can I view the live trace events from a third PC C, which is in the same local network as B, for example with

babeltrace2 "net://${B_IP}/host/${B_HOSTNAME}/trace-session"

I ran the following command on PC C, to make a tunnel to PC *A.

ssh -L 5342:${A_IP}:5342 -N user_name@${B_IP}

However, it seems not to have worked. I would like to ask:

  • What have I done wrong here?
  • What is the standard way to "forward" LTTng live tracing events to be viewed by babeltrace2?
Solution

  • Babeltrace2 connects to lttng-relayd using the live port of the lttng-relayd process not the data and control ports.

    When the command line report the following:

    # Traces will be output to tcp4://127.0.0.1:5342/ [data: 5343]

    It means that the lttng-sessiond and lttng-consumerd process will communicate with a lttng-relayd process listening on the 127.0.0.1:5342 for control message and 127.0.0.1:5343 for trace data exchange. A viewer, in this case Babeltrace2 can connect to the live port of a lttng-relayd process to stream live session. You can take a deeper look at the component graph here.

    The default live port is 5344 and the default behavior for the lttng-relayd process is to bind on all interfaces to listen. Naturally Babeltrace2 also default on using that port if none is specified to communicate with the lttng-relayd process.

    See the man page of lttng-relayd for more details.

    What have I done wrong here?

    In your scenario you need to tunnel the 5344 port. Note that I'm not versed in ssh tunneling so I cannot validate the ssh approach here.

    ssh -L 5344:${A_IP}:5344 -N user_name@${B_IP}

    What is the standard way to "forward" LTTng live tracing events to be viewed by babeltrace2?

    Babeltrace2 and lttng-relayd use TCP for communication. Hence, all TCP "forwarding" methods are acceptable here. As you probably noticed, LTTng does not encrypt communication and trace data in any way. I would say that using a ssh tunnel is appropriate here if you need to move data across non-trusted network.