Collect network performance metrics - Amazon CloudWatch
Services or capabilities described in Amazon Web Services documentation might vary by Region. To see the differences applicable to the China Regions, see Getting Started with Amazon Web Services in China (PDF).

Collect network performance metrics

EC2 instances running on Linux that use the Elastic Network Adapter (ENA) publish network performance metrics. Version 1.246396.0 and later of the CloudWatch agent enable you to import these network performance metrics into CloudWatch. When you import these network performance metrics into CloudWatch, they are charged as CloudWatch custom metrics.

For more information about the ENA driver, see Enabling enhanced networking with the Elastic Network Adapter (ENA) on Linux instances and Enabling enhanced networking with the Elastic Network Adapter (ENA) on Windows instances.

How you set up the collection of network performance metrics differs on Linux servers and Windows servers.

The following table lists these network performance metrics enabled by the ENA adapter. When the CloudWatch agent imports these metrics into CloudWatch from Linux instances, it prepends ethtool_ at the beginning of each of these metric names.

Metric Description

Name on Linux servers: bw_in_allowance_exceeded

Name on Windows servers: Aggregate inbound BW allowance exceeded

The number of packets queued and/or dropped because the inbound aggregate bandwidth exceeded the maximum for the instance.

This metric is collected only if you have listed it in the ethtool subsection of the metrics_collected section of the CloudWatch agent configuration file. For more information, see Collect network performance metrics

Unit: None

Name on Linux servers: bw_out_allowance_exceeded

Name on Windows servers: Aggregate outbound BW allowance exceeded

The number of packets queued and/or dropped because the outbound aggregate bandwidth exceeded the maximum for the instance.

This metric is collected only if you have listed it in the ethtool subsection of the metrics_collected section of the CloudWatch agent configuration file. For more information, see Collect network performance metrics

Unit: None

Name on Linux servers:conntrack_allowance_available

Name on Windows servers: Available connection tracking allowance

Reports the number of tracked connections that can be established by the instance before hitting the Connections Tracked allowance of that instance type. This metric is available only on Nitro-based EC2 instances using the Linux driver for Elastic Network Adapter (ENA) starting from version 2.8.1, and on computers using the Windows driver for Elastic Network Adapter (ENA) starting from version 2.6.0.

This metric is collected only if you have listed it in the ethtool subsection of the metrics_collected section of the CloudWatch agent configuration file. For more information, see Collect network performance metrics

Unit: None

Name on Linux servers:ena_srd_mode

Name on Windows servers: ena srd mode

Describes which ENA Express features are enabled. For more information about ENA Express, see Improve network performance with ENA Express on Linux instances Values are as follows:

  • 0 = ENA Express off, UDP off

  • 1 = ENA Express on, UDP off

  • 2 = ENA Express off, UDP on

    Note

    This happens only when ENA Express was originally enabled, and UDP was configured to use it. The prior value is retained for UDP traffic.

  • 3 = ENA Express on, UDP on

Name on Linux servers:ena_srd_eligible_tx_pkts

Name on Windows servers: ena srd eligible tx pkts

The number of network packets sent within a given time period that meet Amazon Scalable Reliable Datagram (SRD) requirements for eligibility, as follows:

  • Both sending and receiving instance types are supported.

  • Both sending and receiving instances must have ENA Express configured.

  • The sending and receiving instances must be on the same subnet.

  • The network path between the instances must not include middleware boxes. ENA Express doesn't currently support middleware boxes.

Name on Linux servers:ena_srd_tx_pkts

Name on Windows servers: ena srd tx pkts

The number of SRD packets transmitted within a given time period.

Name on Linux servers:ena_srd_rx_pkts

Name on Windows servers: ena srd rx pkts

The number of SRD packets received within a given time period.

Name on Linux servers:ena_srd_resource_utilization

Name on Windows servers: ena srd resource utilization

The percentage of the maximum allowed memory utilization for concurrent SRD connections that the instance has consumed.

Name on Linux servers: linklocal_allowance_exceeded

Name on Windows servers: Link local packet rate allowance exceeded

The number of packets dropped because the PPS of the traffic to local proxy services exceeded the maximum for the network interface. This impacts traffic to the DNS service, the Instance Metadata Service, and the Amazon Time Sync Service.

This metric is collected only if you have listed it in the ethtool subsection of the metrics_collected section of the CloudWatch agent configuration file. For more information, see Collect network performance metrics

Unit: None

Name on Linux servers: pps_allowance_exceeded

Name on Windows servers: PPS allowance exceeded

The number of packets queued and/or dropped because the bidirectional PPS exceeded the maximum for the instance.

This metric is collected only if you have listed it in the ethtool subsection of the metrics_collected section of the CloudWatch agent configuration file. For more information, see Collect network performance metrics

Unit: None

Linux setup

On Linux servers, the ethtool plugin enables you to import the network performance metrics into CloudWatch.

ethtool is a standard Linux utility that can collect statistics about Ethernet devices on Linux servers. The statistics it collects depend on the network device and driver. Examples of these statistics include tx_cnt, rx_bytes, tx_errors, and align_errors. When you use the ethtool plugin with the CloudWatch agent, you can also import these statistics into CloudWatch, along with the EC2 network performance metrics listed earlier in this section.

Tip

To find the statistics available on our operating system and network device, use the ethtool –S command.

When the CloudWatch agent imports metrics into CloudWatch, it adds an ethtool_ prefix to the names of all imported metrics. So the standard ethtool statistic rx_bytes is called ethtool_rx_bytes in CloudWatch, and the EC2 network performance metric bw_in_allowance_exceeded is called ethtool_bw_in_allowance_exceeded in CloudWatch.

On Linux servers, to import ethtool metrics, add an ethtool section to the metrics_collected section of the CloudWatch agent configuration file. The ethtool section can include the following subsections:

  • interface_include— Including this section causes the agent to collect metrics from only the interfaces that have names listed in this section. If you omit this section, metrics are collected from all Ethernet interfaces that aren't listed in interface_exclude.

    The default ethernet interface is eth0.

  • interface_exclude— If you include this section, list the Ethernet interfaces that you don't want to collect metrics from.

    The ethtool plugin always ignores loopback interfaces.

  • metrics_include— This section lists the metrics to import into CloudWatch. It can include both standard statistics collected by ethtool and Amazon EC2 high-resolution network metrics.

The following example displays part of the CloudWatch agent configuration file. This configuration collects the standard ethtool metrics rx_packets and tx_packets, and the Amazon EC2 network performance metrics from only the eth1 interface.

For more information about the CloudWatch agent configuration file, see Manually create or edit the CloudWatch agent configuration file.

"metrics": { "append_dimensions": { "InstanceId": "${aws:InstanceId}" }, "metrics_collected": { "ethtool": { "interface_include": [ "eth1" ], "metrics_include": [ "rx_packets", "tx_packets", "bw_in_allowance_exceeded", "bw_out_allowance_exceeded", "conntrack_allowance_exceeded", "linklocal_allowance_exceeded", "pps_allowance_exceeded" ] } } }

Windows setup

On Windows servers, the network performance metrics are available through Windows Performance Counters, which the CloudWatch agent already collects metrics from. So you do not need a plugin to collect these metrics from Windows servers.

The following is a sample configuration file to collect network performance metrics from Windows. For more information about editing the CloudWatch agent configuration file, see Manually create or edit the CloudWatch agent configuration file.

{ "metrics": { "append_dimensions": { "InstanceId": "${aws:InstanceId}" }, "metrics_collected": { "ENA Packets Shaping": { "measurement": [ "Aggregate inbound BW allowance exceeded", "Aggregate outbound BW allowance exceeded", "Connection tracking allowance exceeded", "Link local packet rate allowance exceeded", "PPS allowance exceeded" ], "metrics_collection_interval": 60, "resources": [ "*" ] } } } }

Viewing network performance metrics

After importing network performance metrics into CloudWatch, you can view these metrics as time series graphs, and create alarms that can watch these metrics and notify you if they breach a threshold that you specify. The following procedure shows how to view ethtool metrics as a time series graph. For more information about setting alarms, see Using Amazon CloudWatch alarms.

Because all of these metrics are aggregate counters, you can use CloudWatch metric math functions such as RATE(METRICS()) to calculate the rate for these metrics in graphs or use them to set alarms. For more information about metric math functions, see Using math expressions with CloudWatch metrics.

To view network performance metrics in the CloudWatch console
  1. Open the CloudWatch console at https://console.amazonaws.cn/cloudwatch/.

  2. In the navigation pane, choose Metrics.

  3. Choose the namespace for the metrics collected by the agent. By default, this is CWAgent, but you may have specified a different namespace in the CloudWatch agent configuration file.

  4. Choose a metric dimension (for example, Per-Instance Metrics).

  5. The All metrics tab displays all metrics for that dimension in the namespace. You can do the following:

    1. To graph a metric, select the check box next to the metric. To select all metrics, select the check box in the heading row of the table.

    2. To sort the table, use the column heading.

    3. To filter by resource, choose the resource ID, and then choose Add to search.

    4. To filter by metric, choose the metric name, and then choose Add to search.

  6. (Optional) To add this graph to a CloudWatch dashboard, choose Actions, and then choose Add to dashboard.