Kernel dropped packet analysis

Found a simple method to check for all the packets dropped by kernel.

First you need to install dropwatch with

dnf install dropwatch

and details of the package

Name        : dropwatch
Arch        : x86_64
Epoch       : 0
Version     : 1.4
Release     : 13.fc24
Size        : 27 k
Repo        : fedora
Summary     : Kernel dropped packet monitor
URL         :
License     : GPLv2+
Description : dropwatch is an utility to interface to the kernel to monitor for dropped
: network packets.


Once that is done, you will see the kernel address. How do you map those to kernel functions, refer Get kernel function name from kernel address.

journalctl command to see kernel messages

Sometimes, there are just too many messages in journalctl output and it becomes a mystery game to search for the messages you are looking for. But luckily you do not need to use grep to find the right message. Here is example of what I had to do when I was looking for kernel messages.

journalctl _TRANSPORT=kernel
# To see all the fields, you can use the verbose mode
journalctl _TRANSPORT=kernel -o verbose

# And the filter on priority if needed to get the messages you need
journalctl _TRANSPORT=kernel PRIORITY=4

# and follow
journalctl _TRANSPORT=kernel PRIORITY=4 -f -l

ansible with docker dynamic inventory

So, I have a few dockers. Every now and then I want to run some command on all of them. Doing ‘docker exec’ is tiresome. I found this neat solution with ansible that I thought I should share with you.

To get started, you need to have the “” script. This script will be used as python script inventory for ansible. So, use the following command and get the script:

curl '' -o docker.p

Once done, check that all is well, with :


You should not get any errors or warnings and see a list of dockers running on your host. If you get error for docker-py then you can install the same with :

pip install docker-py

And now is the good time to open the script to check the documentation. It adds all the docker hosts as entry in itself. But cool  thing I liked is the fact that it creates a group for all running dockers – which is very very useful.


Now, if I want to set the Timezone (TZ) on all the running dockers in one go, I can do this:

ansible -i -m shell -a 'rm -f /etc/localtime; ln -s /usr/share/zoneinfo/Asia/Kolkata /etc/localtime' running

And just in case, the above does not work for you and you have a common username/password on all the machines, then another thing you would love is following:

# Export the docker host. If that is localhost, then you do not need this.
export DOCKER_HOST=tcp://
# This is GOOD to set option. This is the default IP address for docker
# and setting this to first IP address of the docker network is good idea
# that would ensure that ansible can login to each docker.
# And note - you need to have ssh running on all the dockers for the commands to work
ansible -i -m setup -u root  -a 'filter=ansible_eth[0-2]'  all