I use this script to check for any throttling issues for EKS or Kubernetes running on AWS. Feel free to customize it depending on your needs.
- Capture packets on ENIs associated with EC2 and exlcude "eth*" and "lo" interfaces. The list of interfaces can be obtained by running the command:
ls -1 /sys/class/net
- If you'd like to capture packets on all interfaces, replace "[[ $i = eni* ]] && tcpdump_func $i &" with "tcpdump_func $i &"
- Iterates through all the ENIs associated with the worker nodes and captures packets for 60 seconds
- I used this as a reference to come up with this script
tcpdump_func(){
tcpdump -i $1 -G 60 -W 1 -w /var/tmp/$(curl -s http://169.254.169.254/latest/meta-data/instance-id).$(date +%Y-%m-%d:%H:%M:%S)-$1.pcap
}
declare -a network_interfaces
mapfile -t network_interfaces < <( ls -1 /sys/class/net )
for i in "${network_interfaces[@]}"; do
[[ $i = eni* ]] && tcpdump_func $i &
done
wait
echo "tcp dump done"
This will output files to /var/tmp/ and you can use the below command to determine the number of DNS queries sent.
tcpdump -r <file_name.pcap> -nn dst port 53 | awk -F " " '{ print $1 }' | cut -d"." -f1 | uniq -c