Session

Network observability has a long history that can be traced back to the last century — tcpdump is a classic example. Nowadays, there is a clear trend toward relying on stronger observability capabilities distributed across different layers of the stack, enabling engineers to trace down to the root cause after an issue is reported. BPF-based tools such as bcc and bpftrace provide a general-purpose and transparent framework that helps administrators analyze a wide variety of issues without modifying the kernel or applications.

The scope of network observability spans latency measurement, throughput analysis, skb drop monitoring, protocol-specific diagnostics, reference count tracking, and more. This BoF, introduced for the first time, aims to provide an overview of existing techniques and foster discussions on emerging topics.

Apart from that, known sub-topics will be discussed:

1. BPF timestamping 2.0: a finer-grained, extremely low-overhead framework applicable to a broader range of scenarios
2. IETF TCP reset diagnostic payload: replace the existing reasons and implement the common APIs and communication.

P.S. As AI is evolving drastically, the future shape of network observability would be adjusted accordingly. Any related topics that cover this scenario are greatly welcome.