From eb18aedb923bc4040bf53be2d3e8099a45530674 Mon Sep 17 00:00:00 2001 From: Rishu Singh Date: Mon, 3 Feb 2025 16:22:50 +0530 Subject: [PATCH 01/13] Changes for Duplicate IP detection script. Contains PS1 script and YAML file. --- .../DetectDuplicateIpAddress.yaml | 31 +++++++++++++++++++ .../DetectDuplicateIpAddrs.ps1 | 18 +++++++++++ scripts/duplicateIpDetection/README.md | 7 +++++ 3 files changed, 56 insertions(+) create mode 100644 scripts/duplicateIpDetection/DetectDuplicateIpAddress.yaml create mode 100644 scripts/duplicateIpDetection/DetectDuplicateIpAddrs.ps1 create mode 100644 scripts/duplicateIpDetection/README.md diff --git a/scripts/duplicateIpDetection/DetectDuplicateIpAddress.yaml b/scripts/duplicateIpDetection/DetectDuplicateIpAddress.yaml new file mode 100644 index 0000000..59cb474 --- /dev/null +++ b/scripts/duplicateIpDetection/DetectDuplicateIpAddress.yaml @@ -0,0 +1,31 @@ +apiVersion: apps/v1 +kind: DaemonSet +metadata: + name: detect-dup-ip + labels: + app: detect-dup-ip +spec: + selector: + matchLabels: + name: detect-dup-ip + template: + metadata: + labels: + name: detect-dup-ip + spec: + securityContext: + windowsOptions: + hostProcess: true + runAsUserName: "NT AUTHORITY\\SYSTEM" + hostNetwork: true + containers: + - name: detect-dup-ip + image: mcr.microsoft.com/dotnet/framework/samples:aspnetapp + command: + - powershell.exe + - -command + - "& 'C:\\k\\debug\\DetectDuplicateIpAddrs.ps1'" + securityContext: + privileged: true + nodeSelector: + kubernetes.azure.com/os-sku: Windows2022 \ No newline at end of file diff --git a/scripts/duplicateIpDetection/DetectDuplicateIpAddrs.ps1 b/scripts/duplicateIpDetection/DetectDuplicateIpAddrs.ps1 new file mode 100644 index 0000000..c028afb --- /dev/null +++ b/scripts/duplicateIpDetection/DetectDuplicateIpAddrs.ps1 @@ -0,0 +1,18 @@ +Write-Host "Detecting duplicate IP addresses on the host..." + +$BaseDir = "c:\k\debug" +ipmo $BaseDir\hns.v2.psm1 -Force + +while($true){ + $ipAddresses = Get-HnsEndpoint.IpAddress + $duplicateIpAddr = $ipAddresses | Group-Object | Where-Object { $_.Count -gt 1 } + + if($duplicateIpAddr.Count -gt 0){ + break + } + + Start-Sleep -Seconds 300 +} + +Write-Host "Duplicate IP addresses found on the host, collecting windows logs..." +& "$BaseDir\collect-windows-logs.ps1" \ No newline at end of file diff --git a/scripts/duplicateIpDetection/README.md b/scripts/duplicateIpDetection/README.md new file mode 100644 index 0000000..9190b4e --- /dev/null +++ b/scripts/duplicateIpDetection/README.md @@ -0,0 +1,7 @@ +The script uses the Get-HnsEndpoint cmdlet to retrieve all IP addresses associated with the endpoints on the host. It then groups the IP addresses by value and filters the groups to include only those with more than one IP address. + + To run the script, open a PowerShell window and run the following command: + PS> .\DetectDuplicateIpAddrs.ps1 + +Once a duplicate IP address is detected, it breaks out of the while loop and then collects Windows logs on the node. + \ No newline at end of file From c2d13ca19b50148e7ba34eab97fd5bd652a48cc0 Mon Sep 17 00:00:00 2001 From: Rishu Singh Date: Tue, 11 Feb 2025 17:54:00 +0530 Subject: [PATCH 02/13] Addressing review comments. removed .ps1 script and embedded the script into YAML file. --- .../DetectDuplicateIpAddress.yaml | 20 ++++++++++++++++++- .../DetectDuplicateIpAddrs.ps1 | 18 ----------------- 2 files changed, 19 insertions(+), 19 deletions(-) delete mode 100644 scripts/duplicateIpDetection/DetectDuplicateIpAddrs.ps1 diff --git a/scripts/duplicateIpDetection/DetectDuplicateIpAddress.yaml b/scripts/duplicateIpDetection/DetectDuplicateIpAddress.yaml index 59cb474..01a3175 100644 --- a/scripts/duplicateIpDetection/DetectDuplicateIpAddress.yaml +++ b/scripts/duplicateIpDetection/DetectDuplicateIpAddress.yaml @@ -24,7 +24,25 @@ spec: command: - powershell.exe - -command - - "& 'C:\\k\\debug\\DetectDuplicateIpAddrs.ps1'" + - | + Write-Host "Detecting duplicate IP addresses on the host..." + + $BaseDir = "c:\k\debug" + ipmo $BaseDir\hns.v2.psm1 -Force + + while($true){ + $ipAddresses = ((Get-HnsEndpoint).IpConfigurations).IpAddress + $duplicateIpAddr = $ipAddresses | Group-Object | Where-Object { $_.Count -gt 1 } + + if($duplicateIpAddr.Count -gt 0){ + break + } + + Start-Sleep -Seconds 300 + } + + Write-Host "Duplicate IP addresses found on the host, collecting windows logs..." + & "$BaseDir\collect-windows-logs.ps1" securityContext: privileged: true nodeSelector: diff --git a/scripts/duplicateIpDetection/DetectDuplicateIpAddrs.ps1 b/scripts/duplicateIpDetection/DetectDuplicateIpAddrs.ps1 deleted file mode 100644 index c028afb..0000000 --- a/scripts/duplicateIpDetection/DetectDuplicateIpAddrs.ps1 +++ /dev/null @@ -1,18 +0,0 @@ -Write-Host "Detecting duplicate IP addresses on the host..." - -$BaseDir = "c:\k\debug" -ipmo $BaseDir\hns.v2.psm1 -Force - -while($true){ - $ipAddresses = Get-HnsEndpoint.IpAddress - $duplicateIpAddr = $ipAddresses | Group-Object | Where-Object { $_.Count -gt 1 } - - if($duplicateIpAddr.Count -gt 0){ - break - } - - Start-Sleep -Seconds 300 -} - -Write-Host "Duplicate IP addresses found on the host, collecting windows logs..." -& "$BaseDir\collect-windows-logs.ps1" \ No newline at end of file From beeff95a091dc0a86d6b70cce6b717f06a7bccb9 Mon Sep 17 00:00:00 2001 From: Rishu Singh Date: Fri, 14 Feb 2025 17:51:44 +0530 Subject: [PATCH 03/13] Adding ps1 script as multiline powershell does not work in YAML. Trying to do it via invoking web request. --- .../DetectDuplicateIpAddr.ps1 | 41 +++++++++++++++++++ .../DetectDuplicateIpAddress.yaml | 20 +-------- 2 files changed, 42 insertions(+), 19 deletions(-) create mode 100644 scripts/duplicateIpDetection/DetectDuplicateIpAddr.ps1 diff --git a/scripts/duplicateIpDetection/DetectDuplicateIpAddr.ps1 b/scripts/duplicateIpDetection/DetectDuplicateIpAddr.ps1 new file mode 100644 index 0000000..466e85e --- /dev/null +++ b/scripts/duplicateIpDetection/DetectDuplicateIpAddr.ps1 @@ -0,0 +1,41 @@ +Write-Host "Detecting duplicate IP addresses on the node..." + +$BaseDir = "c:\k\debug" + +Write-Host "Trying to load HNS module..." + +ipmo $BaseDir\hns.v2.psm1 -Force | Write-Host + +$testIndex = 0 + +while($true){ + $ipAddresses = ((Get-HnsEndpoint).IpConfigurations).IpAddress + + Write-Host "IP addresses on the node:" + foreach($ip in $ipAddresses){ + Write-Host $ip + } + + Write-Host "Checking for duplicate IP addresses inside the loop..." + $duplicateIpAddr = $ipAddresses | Group-Object | Where-Object { $_.Count -gt 1 } + + if($duplicateIpAddr.Count -gt 0 -or $testIndex -eq 5){ + break + } + + $testIndex = $testIndex + 1 + + Start-Sleep -Seconds 30 +} + +Write-Host "Duplicate IP addresses found on the node, collecting windows logs..." +$collectWindowsLogs = "$BaseDir\collect-windows-logs.ps1" +powershell $collectWindowsLogs | Write-Host + +Write-Host "Collected Windows logs are at $PWD" + +Write-Host "Issue has been detected, going into infinite loop to keep the container running..." +while($true){ + Write-Host "Container is running in infinte while..." + Start-Sleep -Seconds 3600 +} \ No newline at end of file diff --git a/scripts/duplicateIpDetection/DetectDuplicateIpAddress.yaml b/scripts/duplicateIpDetection/DetectDuplicateIpAddress.yaml index 01a3175..22e7115 100644 --- a/scripts/duplicateIpDetection/DetectDuplicateIpAddress.yaml +++ b/scripts/duplicateIpDetection/DetectDuplicateIpAddress.yaml @@ -24,25 +24,7 @@ spec: command: - powershell.exe - -command - - | - Write-Host "Detecting duplicate IP addresses on the host..." - - $BaseDir = "c:\k\debug" - ipmo $BaseDir\hns.v2.psm1 -Force - - while($true){ - $ipAddresses = ((Get-HnsEndpoint).IpConfigurations).IpAddress - $duplicateIpAddr = $ipAddresses | Group-Object | Where-Object { $_.Count -gt 1 } - - if($duplicateIpAddr.Count -gt 0){ - break - } - - Start-Sleep -Seconds 300 - } - - Write-Host "Duplicate IP addresses found on the host, collecting windows logs..." - & "$BaseDir\collect-windows-logs.ps1" + - '$BaseDir = "c:\k\debug"; Invoke-WebRequest -UseBasicParsing "https://raw.githubusercontent.com/microsoft/wcnscripts/refs/heads/user/rishusingh/duplicateIPdetection/scripts/duplicateIpDetection/DetectDuplicateIpAddr.ps1" -OutFile $BaseDir\DetectDuplicateIpAddr.ps1 | Write-Host; cd $BaseDir; .\DetectDuplicateIpAddr.ps1' securityContext: privileged: true nodeSelector: From 648a6ed75f77a3c709f2ab2938b6f21406ece23d Mon Sep 17 00:00:00 2001 From: Rishu Singh Date: Fri, 14 Feb 2025 18:42:12 +0530 Subject: [PATCH 04/13] removed testIndex that was being used for simulation --- scripts/duplicateIpDetection/DetectDuplicateIpAddr.ps1 | 6 +----- 1 file changed, 1 insertion(+), 5 deletions(-) diff --git a/scripts/duplicateIpDetection/DetectDuplicateIpAddr.ps1 b/scripts/duplicateIpDetection/DetectDuplicateIpAddr.ps1 index 466e85e..517fdc4 100644 --- a/scripts/duplicateIpDetection/DetectDuplicateIpAddr.ps1 +++ b/scripts/duplicateIpDetection/DetectDuplicateIpAddr.ps1 @@ -6,8 +6,6 @@ Write-Host "Trying to load HNS module..." ipmo $BaseDir\hns.v2.psm1 -Force | Write-Host -$testIndex = 0 - while($true){ $ipAddresses = ((Get-HnsEndpoint).IpConfigurations).IpAddress @@ -19,12 +17,10 @@ while($true){ Write-Host "Checking for duplicate IP addresses inside the loop..." $duplicateIpAddr = $ipAddresses | Group-Object | Where-Object { $_.Count -gt 1 } - if($duplicateIpAddr.Count -gt 0 -or $testIndex -eq 5){ + if($duplicateIpAddr.Count -gt 0){ break } - $testIndex = $testIndex + 1 - Start-Sleep -Seconds 30 } From 82c083259c5fcd1292e7fe1160f723b21e86aa6a Mon Sep 17 00:00:00 2001 From: Rishu Singh Date: Fri, 14 Feb 2025 18:49:32 +0530 Subject: [PATCH 05/13] Printing duplicate IP at the end. --- scripts/duplicateIpDetection/DetectDuplicateIpAddr.ps1 | 10 ++++++++-- 1 file changed, 8 insertions(+), 2 deletions(-) diff --git a/scripts/duplicateIpDetection/DetectDuplicateIpAddr.ps1 b/scripts/duplicateIpDetection/DetectDuplicateIpAddr.ps1 index 517fdc4..0909b05 100644 --- a/scripts/duplicateIpDetection/DetectDuplicateIpAddr.ps1 +++ b/scripts/duplicateIpDetection/DetectDuplicateIpAddr.ps1 @@ -21,10 +21,16 @@ while($true){ break } - Start-Sleep -Seconds 30 + Start-Sleep -Seconds 300 } -Write-Host "Duplicate IP addresses found on the node, collecting windows logs..." +Write-Host "Duplicate IP addresses found on the node, Duplicate IP addresses are:" + +foreach($ip in $duplicateIpAddr){ + Write-Host $ip +} + +Write-Host "Collecting Windows logs..." $collectWindowsLogs = "$BaseDir\collect-windows-logs.ps1" powershell $collectWindowsLogs | Write-Host From c79589fd19282bf7785f0faad56ca6f7bdb27733 Mon Sep 17 00:00:00 2001 From: Rishu Singh Date: Wed, 19 Feb 2025 16:26:29 +0530 Subject: [PATCH 06/13] Coorecting the duplicate IP log dump. --- scripts/duplicateIpDetection/DetectDuplicateIpAddr.ps1 | 6 ++++-- 1 file changed, 4 insertions(+), 2 deletions(-) diff --git a/scripts/duplicateIpDetection/DetectDuplicateIpAddr.ps1 b/scripts/duplicateIpDetection/DetectDuplicateIpAddr.ps1 index 0909b05..61cc69f 100644 --- a/scripts/duplicateIpDetection/DetectDuplicateIpAddr.ps1 +++ b/scripts/duplicateIpDetection/DetectDuplicateIpAddr.ps1 @@ -26,8 +26,10 @@ while($true){ Write-Host "Duplicate IP addresses found on the node, Duplicate IP addresses are:" -foreach($ip in $duplicateIpAddr){ - Write-Host $ip +foreach($ipGroup in $duplicateIpAddr){ + foreach($ip in $ipGroup.Group){ + Write-Host $ip + } } Write-Host "Collecting Windows logs..." From e7e247fce323ad04ea3dc12a9316c82599ad4142 Mon Sep 17 00:00:00 2001 From: Rishu Singh Date: Thu, 6 Mar 2025 14:48:34 +0530 Subject: [PATCH 07/13] Adding HNS trace collection ability to catch the dulpicate endpoint creation. --- .../DetectDuplicateIpAddr.ps1 | 40 +++++++++++++++---- 1 file changed, 33 insertions(+), 7 deletions(-) diff --git a/scripts/duplicateIpDetection/DetectDuplicateIpAddr.ps1 b/scripts/duplicateIpDetection/DetectDuplicateIpAddr.ps1 index 61cc69f..6fc50c5 100644 --- a/scripts/duplicateIpDetection/DetectDuplicateIpAddr.ps1 +++ b/scripts/duplicateIpDetection/DetectDuplicateIpAddr.ps1 @@ -6,8 +6,27 @@ Write-Host "Trying to load HNS module..." ipmo $BaseDir\hns.v2.psm1 -Force | Write-Host +$iter = 1 + +pktmon stop # Stopping if pktmon is already running + +# Start pktmon +Write-Host "Starting pktmon with trace level 6 for HNS" +pktmon start --capture --comp all --trace -p Microsoft-Windows-Host-Network-Service -l 6 -f traces.etl --pkt-size 100 -s 1024 + while($true){ - $ipAddresses = ((Get-HnsEndpoint).IpConfigurations).IpAddress + $ipAddresses = @( + "192.168.1.1", + "192.168.1.2", + "192.168.1.4", + "192.168.1.4", + "192.168.1.5", + "192.168.1.5", + "192.168.1.7", + "192.168.1.8", + "192.168.1.9", + "192.168.1.10" +)#((Get-HnsEndpoint).IpConfigurations).IpAddress Write-Host "IP addresses on the node:" foreach($ip in $ipAddresses){ @@ -21,25 +40,32 @@ while($true){ break } + $iter++ + Start-Sleep -Seconds 300 } Write-Host "Duplicate IP addresses found on the node, Duplicate IP addresses are:" foreach($ipGroup in $duplicateIpAddr){ - foreach($ip in $ipGroup.Group){ - Write-Host $ip - } + Write-Host $ipGroup.Name } +Write-Host "Stopping pktmon..." +# Stop pktmon +pktmon stop + Write-Host "Collecting Windows logs..." $collectWindowsLogs = "$BaseDir\collect-windows-logs.ps1" powershell $collectWindowsLogs | Write-Host -Write-Host "Collected Windows logs are at $PWD" +Write-Host "Collected Windows logs and trace are at $PWD" -Write-Host "Issue has been detected, going into infinite loop to keep the container running..." while($true){ - Write-Host "Container is running in infinte while..." + if ($iter -Eq 1) { + Write-Host "The issue was detected in the first iteration and it may have happened already, and log rotation may have occurred." + } else { + Write-Host "Issue detected. Please download and review the collected Windows logs and also traces from the following path: $PWD\traces.etl" + } Start-Sleep -Seconds 3600 } \ No newline at end of file From d98f80dc5e12465a37758b3478a8d2bae901e49e Mon Sep 17 00:00:00 2001 From: Rishu Singh Date: Thu, 6 Mar 2025 14:50:09 +0530 Subject: [PATCH 08/13] Removing the test code --- .../duplicateIpDetection/DetectDuplicateIpAddr.ps1 | 13 +------------ 1 file changed, 1 insertion(+), 12 deletions(-) diff --git a/scripts/duplicateIpDetection/DetectDuplicateIpAddr.ps1 b/scripts/duplicateIpDetection/DetectDuplicateIpAddr.ps1 index 6fc50c5..2eed1c3 100644 --- a/scripts/duplicateIpDetection/DetectDuplicateIpAddr.ps1 +++ b/scripts/duplicateIpDetection/DetectDuplicateIpAddr.ps1 @@ -15,18 +15,7 @@ Write-Host "Starting pktmon with trace level 6 for HNS" pktmon start --capture --comp all --trace -p Microsoft-Windows-Host-Network-Service -l 6 -f traces.etl --pkt-size 100 -s 1024 while($true){ - $ipAddresses = @( - "192.168.1.1", - "192.168.1.2", - "192.168.1.4", - "192.168.1.4", - "192.168.1.5", - "192.168.1.5", - "192.168.1.7", - "192.168.1.8", - "192.168.1.9", - "192.168.1.10" -)#((Get-HnsEndpoint).IpConfigurations).IpAddress + $ipAddresses = ((Get-HnsEndpoint).IpConfigurations).IpAddress Write-Host "IP addresses on the node:" foreach($ip in $ipAddresses){ From cc7936a8fc75d55bf22882e2e6d41e2a894c49c6 Mon Sep 17 00:00:00 2001 From: Rishu Singh Date: Thu, 6 Mar 2025 15:43:03 +0530 Subject: [PATCH 09/13] Embedding the script in YAML, removing --capture from pktmon. --- scripts/duplicateIpDetection/DetectDuplicateIpAddr.ps1 | 2 +- scripts/duplicateIpDetection/DetectDuplicateIpAddress.yaml | 3 ++- 2 files changed, 3 insertions(+), 2 deletions(-) diff --git a/scripts/duplicateIpDetection/DetectDuplicateIpAddr.ps1 b/scripts/duplicateIpDetection/DetectDuplicateIpAddr.ps1 index 2eed1c3..ec9e4ee 100644 --- a/scripts/duplicateIpDetection/DetectDuplicateIpAddr.ps1 +++ b/scripts/duplicateIpDetection/DetectDuplicateIpAddr.ps1 @@ -12,7 +12,7 @@ pktmon stop # Stopping if pktmon is already running # Start pktmon Write-Host "Starting pktmon with trace level 6 for HNS" -pktmon start --capture --comp all --trace -p Microsoft-Windows-Host-Network-Service -l 6 -f traces.etl --pkt-size 100 -s 1024 +pktmon start --trace -p Microsoft-Windows-Host-Network-Service -l 6 -f traces.etl -s 1024 while($true){ $ipAddresses = ((Get-HnsEndpoint).IpConfigurations).IpAddress diff --git a/scripts/duplicateIpDetection/DetectDuplicateIpAddress.yaml b/scripts/duplicateIpDetection/DetectDuplicateIpAddress.yaml index 22e7115..c1dfd16 100644 --- a/scripts/duplicateIpDetection/DetectDuplicateIpAddress.yaml +++ b/scripts/duplicateIpDetection/DetectDuplicateIpAddress.yaml @@ -24,7 +24,8 @@ spec: command: - powershell.exe - -command - - '$BaseDir = "c:\k\debug"; Invoke-WebRequest -UseBasicParsing "https://raw.githubusercontent.com/microsoft/wcnscripts/refs/heads/user/rishusingh/duplicateIPdetection/scripts/duplicateIpDetection/DetectDuplicateIpAddr.ps1" -OutFile $BaseDir\DetectDuplicateIpAddr.ps1 | Write-Host; cd $BaseDir; .\DetectDuplicateIpAddr.ps1' + - | + Write-Host "Detecting duplicate IP addresses on the node..."; $BaseDir = "c:\k\debug"; Write-Host "Trying to load HNS module..."; ipmo $BaseDir\hns.v2.psm1 -Force | Write-Host; $iter = 1; pktmon stop; Write-Host "Starting pktmon with trace level 6 for HNS"; pktmon start --trace -p Microsoft-Windows-Host-Network-Service -l 6 -f traces.etl -s 1024; while($true){ $ipAddresses = ((Get-HnsEndpoint).IpConfigurations).IpAddress; Write-Host "IP addresses on the node:"; foreach($ip in $ipAddresses){ Write-Host $ip }; Write-Host "Checking for duplicate IP addresses inside the loop..."; $duplicateIpAddr = $ipAddresses | Group-Object | Where-Object { $_.Count -gt 1 }; if($duplicateIpAddr.Count -gt 0){ break }; $iter++; Start-Sleep -Seconds 300 }; Write-Host "Duplicate IP addresses found on the node, Duplicate IP addresses are:"; foreach($ipGroup in $duplicateIpAddr){ Write-Host $ipGroup.Name }; Write-Host "Stopping pktmon..."; pktmon stop; Write-Host "Collecting Windows logs..."; $collectWindowsLogs = "$BaseDir\collect-windows-logs.ps1"; powershell $collectWindowsLogs | Write-Host; Write-Host "Collected Windows logs and trace are at $PWD"; while($true){ if ($iter -Eq 1) { Write-Host "The issue was detected in the first iteration and it may have happened already, and log rotation may have occurred." } else { Write-Host "Issue detected. Please download and review the collected Windows logs and also traces from the following path: $PWD\traces.etl" }; Start-Sleep -Seconds 3600 } securityContext: privileged: true nodeSelector: From 7958b49b21665e595f8a97d49f1946c3d52a9d6b Mon Sep 17 00:00:00 2001 From: Rishu Singh Date: Thu, 6 Mar 2025 17:17:05 +0530 Subject: [PATCH 10/13] Reduced sleep time in loop. Added prestop hook for graceful pktmon stop. --- scripts/duplicateIpDetection/DetectDuplicateIpAddr.ps1 | 2 +- .../duplicateIpDetection/DetectDuplicateIpAddress.yaml | 9 ++++++++- 2 files changed, 9 insertions(+), 2 deletions(-) diff --git a/scripts/duplicateIpDetection/DetectDuplicateIpAddr.ps1 b/scripts/duplicateIpDetection/DetectDuplicateIpAddr.ps1 index ec9e4ee..5884af2 100644 --- a/scripts/duplicateIpDetection/DetectDuplicateIpAddr.ps1 +++ b/scripts/duplicateIpDetection/DetectDuplicateIpAddr.ps1 @@ -31,7 +31,7 @@ while($true){ $iter++ - Start-Sleep -Seconds 300 + Start-Sleep -Seconds 180 } Write-Host "Duplicate IP addresses found on the node, Duplicate IP addresses are:" diff --git a/scripts/duplicateIpDetection/DetectDuplicateIpAddress.yaml b/scripts/duplicateIpDetection/DetectDuplicateIpAddress.yaml index c1dfd16..41b0959 100644 --- a/scripts/duplicateIpDetection/DetectDuplicateIpAddress.yaml +++ b/scripts/duplicateIpDetection/DetectDuplicateIpAddress.yaml @@ -25,7 +25,14 @@ spec: - powershell.exe - -command - | - Write-Host "Detecting duplicate IP addresses on the node..."; $BaseDir = "c:\k\debug"; Write-Host "Trying to load HNS module..."; ipmo $BaseDir\hns.v2.psm1 -Force | Write-Host; $iter = 1; pktmon stop; Write-Host "Starting pktmon with trace level 6 for HNS"; pktmon start --trace -p Microsoft-Windows-Host-Network-Service -l 6 -f traces.etl -s 1024; while($true){ $ipAddresses = ((Get-HnsEndpoint).IpConfigurations).IpAddress; Write-Host "IP addresses on the node:"; foreach($ip in $ipAddresses){ Write-Host $ip }; Write-Host "Checking for duplicate IP addresses inside the loop..."; $duplicateIpAddr = $ipAddresses | Group-Object | Where-Object { $_.Count -gt 1 }; if($duplicateIpAddr.Count -gt 0){ break }; $iter++; Start-Sleep -Seconds 300 }; Write-Host "Duplicate IP addresses found on the node, Duplicate IP addresses are:"; foreach($ipGroup in $duplicateIpAddr){ Write-Host $ipGroup.Name }; Write-Host "Stopping pktmon..."; pktmon stop; Write-Host "Collecting Windows logs..."; $collectWindowsLogs = "$BaseDir\collect-windows-logs.ps1"; powershell $collectWindowsLogs | Write-Host; Write-Host "Collected Windows logs and trace are at $PWD"; while($true){ if ($iter -Eq 1) { Write-Host "The issue was detected in the first iteration and it may have happened already, and log rotation may have occurred." } else { Write-Host "Issue detected. Please download and review the collected Windows logs and also traces from the following path: $PWD\traces.etl" }; Start-Sleep -Seconds 3600 } + Write-Host "Detecting duplicate IP addresses on the node..."; $BaseDir = "c:\k\debug"; Write-Host "Trying to load HNS module..."; ipmo $BaseDir\hns.v2.psm1 -Force | Write-Host; $iter = 1; pktmon stop; Write-Host "Starting pktmon with trace level 6 for HNS"; pktmon start --trace -p Microsoft-Windows-Host-Network-Service -l 6 -f traces.etl -s 1024; while($true){ $ipAddresses = ((Get-HnsEndpoint).IpConfigurations).IpAddress; Write-Host "IP addresses on the node:"; foreach($ip in $ipAddresses){ Write-Host $ip }; Write-Host "Checking for duplicate IP addresses inside the loop..."; $duplicateIpAddr = $ipAddresses | Group-Object | Where-Object { $_.Count -gt 1 }; if($duplicateIpAddr.Count -gt 0){ break }; $iter++; Start-Sleep -Seconds 180 }; Write-Host "Duplicate IP addresses found on the node, Duplicate IP addresses are:"; foreach($ipGroup in $duplicateIpAddr){ Write-Host $ipGroup.Name }; Write-Host "Stopping pktmon..."; pktmon stop; Write-Host "Collecting Windows logs..."; $collectWindowsLogs = "$BaseDir\collect-windows-logs.ps1"; powershell $collectWindowsLogs | Write-Host; Write-Host "Collected Windows logs and trace are at $PWD"; while($true){ if ($iter -Eq 1) { Write-Host "The issue was detected in the first iteration and it may have happened already, and log rotation may have occurred." } else { Write-Host "Issue detected. Please download and review the collected Windows logs and also traces from the following path: $PWD\traces.etl" }; Start-Sleep -Seconds 3600 } + lifecycle: + preStop: + exec: + command: + - powershell.exe + - -Command + - "pktmon stop;sleep 20" securityContext: privileged: true nodeSelector: From 060b15e9bbeb6d98eeb58dc3d3ba53f3644c4d90 Mon Sep 17 00:00:00 2001 From: Rishu Singh Date: Fri, 7 Mar 2025 10:38:32 +0530 Subject: [PATCH 11/13] Changing trace size to 2048 --- scripts/duplicateIpDetection/DetectDuplicateIpAddr.ps1 | 2 +- scripts/duplicateIpDetection/DetectDuplicateIpAddress.yaml | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/scripts/duplicateIpDetection/DetectDuplicateIpAddr.ps1 b/scripts/duplicateIpDetection/DetectDuplicateIpAddr.ps1 index 5884af2..c22a0f7 100644 --- a/scripts/duplicateIpDetection/DetectDuplicateIpAddr.ps1 +++ b/scripts/duplicateIpDetection/DetectDuplicateIpAddr.ps1 @@ -12,7 +12,7 @@ pktmon stop # Stopping if pktmon is already running # Start pktmon Write-Host "Starting pktmon with trace level 6 for HNS" -pktmon start --trace -p Microsoft-Windows-Host-Network-Service -l 6 -f traces.etl -s 1024 +pktmon start --trace -p Microsoft-Windows-Host-Network-Service -l 6 -f traces.etl -s 2048 while($true){ $ipAddresses = ((Get-HnsEndpoint).IpConfigurations).IpAddress diff --git a/scripts/duplicateIpDetection/DetectDuplicateIpAddress.yaml b/scripts/duplicateIpDetection/DetectDuplicateIpAddress.yaml index 41b0959..bace8b1 100644 --- a/scripts/duplicateIpDetection/DetectDuplicateIpAddress.yaml +++ b/scripts/duplicateIpDetection/DetectDuplicateIpAddress.yaml @@ -25,7 +25,7 @@ spec: - powershell.exe - -command - | - Write-Host "Detecting duplicate IP addresses on the node..."; $BaseDir = "c:\k\debug"; Write-Host "Trying to load HNS module..."; ipmo $BaseDir\hns.v2.psm1 -Force | Write-Host; $iter = 1; pktmon stop; Write-Host "Starting pktmon with trace level 6 for HNS"; pktmon start --trace -p Microsoft-Windows-Host-Network-Service -l 6 -f traces.etl -s 1024; while($true){ $ipAddresses = ((Get-HnsEndpoint).IpConfigurations).IpAddress; Write-Host "IP addresses on the node:"; foreach($ip in $ipAddresses){ Write-Host $ip }; Write-Host "Checking for duplicate IP addresses inside the loop..."; $duplicateIpAddr = $ipAddresses | Group-Object | Where-Object { $_.Count -gt 1 }; if($duplicateIpAddr.Count -gt 0){ break }; $iter++; Start-Sleep -Seconds 180 }; Write-Host "Duplicate IP addresses found on the node, Duplicate IP addresses are:"; foreach($ipGroup in $duplicateIpAddr){ Write-Host $ipGroup.Name }; Write-Host "Stopping pktmon..."; pktmon stop; Write-Host "Collecting Windows logs..."; $collectWindowsLogs = "$BaseDir\collect-windows-logs.ps1"; powershell $collectWindowsLogs | Write-Host; Write-Host "Collected Windows logs and trace are at $PWD"; while($true){ if ($iter -Eq 1) { Write-Host "The issue was detected in the first iteration and it may have happened already, and log rotation may have occurred." } else { Write-Host "Issue detected. Please download and review the collected Windows logs and also traces from the following path: $PWD\traces.etl" }; Start-Sleep -Seconds 3600 } + Write-Host "Detecting duplicate IP addresses on the node..."; $BaseDir = "c:\k\debug"; Write-Host "Trying to load HNS module..."; ipmo $BaseDir\hns.v2.psm1 -Force | Write-Host; $iter = 1; pktmon stop; Write-Host "Starting pktmon with trace level 6 for HNS"; pktmon start --trace -p Microsoft-Windows-Host-Network-Service -l 6 -f traces.etl -s 2048; while($true){ $ipAddresses = ((Get-HnsEndpoint).IpConfigurations).IpAddress; Write-Host "IP addresses on the node:"; foreach($ip in $ipAddresses){ Write-Host $ip }; Write-Host "Checking for duplicate IP addresses inside the loop..."; $duplicateIpAddr = $ipAddresses | Group-Object | Where-Object { $_.Count -gt 1 }; if($duplicateIpAddr.Count -gt 0){ break }; $iter++; Start-Sleep -Seconds 180 }; Write-Host "Duplicate IP addresses found on the node, Duplicate IP addresses are:"; foreach($ipGroup in $duplicateIpAddr){ Write-Host $ipGroup.Name }; Write-Host "Stopping pktmon..."; pktmon stop; Write-Host "Collecting Windows logs..."; $collectWindowsLogs = "$BaseDir\collect-windows-logs.ps1"; powershell $collectWindowsLogs | Write-Host; Write-Host "Collected Windows logs and trace are at $PWD"; while($true){ if ($iter -Eq 1) { Write-Host "The issue was detected in the first iteration and it may have happened already, and log rotation may have occurred." } else { Write-Host "Issue detected. Please download and review the collected Windows logs and also traces from the following path: $PWD\traces.etl" }; Start-Sleep -Seconds 3600 } lifecycle: preStop: exec: From 0444b01ee4c36478606970693e342ae6574aa013 Mon Sep 17 00:00:00 2001 From: Rishu Singh Date: Fri, 7 Mar 2025 10:49:13 +0530 Subject: [PATCH 12/13] Changed the sleep time in while loop to 60 secs --- scripts/duplicateIpDetection/DetectDuplicateIpAddr.ps1 | 2 +- scripts/duplicateIpDetection/DetectDuplicateIpAddress.yaml | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/scripts/duplicateIpDetection/DetectDuplicateIpAddr.ps1 b/scripts/duplicateIpDetection/DetectDuplicateIpAddr.ps1 index c22a0f7..29eb1c5 100644 --- a/scripts/duplicateIpDetection/DetectDuplicateIpAddr.ps1 +++ b/scripts/duplicateIpDetection/DetectDuplicateIpAddr.ps1 @@ -31,7 +31,7 @@ while($true){ $iter++ - Start-Sleep -Seconds 180 + Start-Sleep -Seconds 60 } Write-Host "Duplicate IP addresses found on the node, Duplicate IP addresses are:" diff --git a/scripts/duplicateIpDetection/DetectDuplicateIpAddress.yaml b/scripts/duplicateIpDetection/DetectDuplicateIpAddress.yaml index bace8b1..6630856 100644 --- a/scripts/duplicateIpDetection/DetectDuplicateIpAddress.yaml +++ b/scripts/duplicateIpDetection/DetectDuplicateIpAddress.yaml @@ -25,7 +25,7 @@ spec: - powershell.exe - -command - | - Write-Host "Detecting duplicate IP addresses on the node..."; $BaseDir = "c:\k\debug"; Write-Host "Trying to load HNS module..."; ipmo $BaseDir\hns.v2.psm1 -Force | Write-Host; $iter = 1; pktmon stop; Write-Host "Starting pktmon with trace level 6 for HNS"; pktmon start --trace -p Microsoft-Windows-Host-Network-Service -l 6 -f traces.etl -s 2048; while($true){ $ipAddresses = ((Get-HnsEndpoint).IpConfigurations).IpAddress; Write-Host "IP addresses on the node:"; foreach($ip in $ipAddresses){ Write-Host $ip }; Write-Host "Checking for duplicate IP addresses inside the loop..."; $duplicateIpAddr = $ipAddresses | Group-Object | Where-Object { $_.Count -gt 1 }; if($duplicateIpAddr.Count -gt 0){ break }; $iter++; Start-Sleep -Seconds 180 }; Write-Host "Duplicate IP addresses found on the node, Duplicate IP addresses are:"; foreach($ipGroup in $duplicateIpAddr){ Write-Host $ipGroup.Name }; Write-Host "Stopping pktmon..."; pktmon stop; Write-Host "Collecting Windows logs..."; $collectWindowsLogs = "$BaseDir\collect-windows-logs.ps1"; powershell $collectWindowsLogs | Write-Host; Write-Host "Collected Windows logs and trace are at $PWD"; while($true){ if ($iter -Eq 1) { Write-Host "The issue was detected in the first iteration and it may have happened already, and log rotation may have occurred." } else { Write-Host "Issue detected. Please download and review the collected Windows logs and also traces from the following path: $PWD\traces.etl" }; Start-Sleep -Seconds 3600 } + Write-Host "Detecting duplicate IP addresses on the node..."; $BaseDir = "c:\k\debug"; Write-Host "Trying to load HNS module..."; ipmo $BaseDir\hns.v2.psm1 -Force | Write-Host; $iter = 1; pktmon stop; Write-Host "Starting pktmon with trace level 6 for HNS"; pktmon start --trace -p Microsoft-Windows-Host-Network-Service -l 6 -f traces.etl -s 2048; while($true){ $ipAddresses = ((Get-HnsEndpoint).IpConfigurations).IpAddress; Write-Host "IP addresses on the node:"; foreach($ip in $ipAddresses){ Write-Host $ip }; Write-Host "Checking for duplicate IP addresses inside the loop..."; $duplicateIpAddr = $ipAddresses | Group-Object | Where-Object { $_.Count -gt 1 }; if($duplicateIpAddr.Count -gt 0){ break }; $iter++; Start-Sleep -Seconds 60 }; Write-Host "Duplicate IP addresses found on the node, Duplicate IP addresses are:"; foreach($ipGroup in $duplicateIpAddr){ Write-Host $ipGroup.Name }; Write-Host "Stopping pktmon..."; pktmon stop; Write-Host "Collecting Windows logs..."; $collectWindowsLogs = "$BaseDir\collect-windows-logs.ps1"; powershell $collectWindowsLogs | Write-Host; Write-Host "Collected Windows logs and trace are at $PWD"; while($true){ if ($iter -Eq 1) { Write-Host "The issue was detected in the first iteration and it may have happened already, and log rotation may have occurred." } else { Write-Host "Issue detected. Please download and review the collected Windows logs and also traces from the following path: $PWD\traces.etl" }; Start-Sleep -Seconds 3600 } lifecycle: preStop: exec: From 4dc9f7d829d9a26b7cda1c905245263f0bfb9334 Mon Sep 17 00:00:00 2001 From: Rishu Singh Date: Fri, 7 Mar 2025 11:33:05 +0530 Subject: [PATCH 13/13] removing endpoint IP dump logs in the loop --- scripts/duplicateIpDetection/DetectDuplicateIpAddr.ps1 | 5 ----- scripts/duplicateIpDetection/DetectDuplicateIpAddress.yaml | 2 +- 2 files changed, 1 insertion(+), 6 deletions(-) diff --git a/scripts/duplicateIpDetection/DetectDuplicateIpAddr.ps1 b/scripts/duplicateIpDetection/DetectDuplicateIpAddr.ps1 index 29eb1c5..4a2bceb 100644 --- a/scripts/duplicateIpDetection/DetectDuplicateIpAddr.ps1 +++ b/scripts/duplicateIpDetection/DetectDuplicateIpAddr.ps1 @@ -17,11 +17,6 @@ pktmon start --trace -p Microsoft-Windows-Host-Network-Service -l 6 -f traces.et while($true){ $ipAddresses = ((Get-HnsEndpoint).IpConfigurations).IpAddress - Write-Host "IP addresses on the node:" - foreach($ip in $ipAddresses){ - Write-Host $ip - } - Write-Host "Checking for duplicate IP addresses inside the loop..." $duplicateIpAddr = $ipAddresses | Group-Object | Where-Object { $_.Count -gt 1 } diff --git a/scripts/duplicateIpDetection/DetectDuplicateIpAddress.yaml b/scripts/duplicateIpDetection/DetectDuplicateIpAddress.yaml index 6630856..18e849e 100644 --- a/scripts/duplicateIpDetection/DetectDuplicateIpAddress.yaml +++ b/scripts/duplicateIpDetection/DetectDuplicateIpAddress.yaml @@ -25,7 +25,7 @@ spec: - powershell.exe - -command - | - Write-Host "Detecting duplicate IP addresses on the node..."; $BaseDir = "c:\k\debug"; Write-Host "Trying to load HNS module..."; ipmo $BaseDir\hns.v2.psm1 -Force | Write-Host; $iter = 1; pktmon stop; Write-Host "Starting pktmon with trace level 6 for HNS"; pktmon start --trace -p Microsoft-Windows-Host-Network-Service -l 6 -f traces.etl -s 2048; while($true){ $ipAddresses = ((Get-HnsEndpoint).IpConfigurations).IpAddress; Write-Host "IP addresses on the node:"; foreach($ip in $ipAddresses){ Write-Host $ip }; Write-Host "Checking for duplicate IP addresses inside the loop..."; $duplicateIpAddr = $ipAddresses | Group-Object | Where-Object { $_.Count -gt 1 }; if($duplicateIpAddr.Count -gt 0){ break }; $iter++; Start-Sleep -Seconds 60 }; Write-Host "Duplicate IP addresses found on the node, Duplicate IP addresses are:"; foreach($ipGroup in $duplicateIpAddr){ Write-Host $ipGroup.Name }; Write-Host "Stopping pktmon..."; pktmon stop; Write-Host "Collecting Windows logs..."; $collectWindowsLogs = "$BaseDir\collect-windows-logs.ps1"; powershell $collectWindowsLogs | Write-Host; Write-Host "Collected Windows logs and trace are at $PWD"; while($true){ if ($iter -Eq 1) { Write-Host "The issue was detected in the first iteration and it may have happened already, and log rotation may have occurred." } else { Write-Host "Issue detected. Please download and review the collected Windows logs and also traces from the following path: $PWD\traces.etl" }; Start-Sleep -Seconds 3600 } + Write-Host "Detecting duplicate IP addresses on the node..."; $BaseDir = "c:\k\debug"; Write-Host "Trying to load HNS module..."; ipmo $BaseDir\hns.v2.psm1 -Force | Write-Host; $iter = 1; pktmon stop; Write-Host "Starting pktmon with trace level 6 for HNS"; pktmon start --trace -p Microsoft-Windows-Host-Network-Service -l 6 -f traces.etl -s 2048; while($true){ $ipAddresses = ((Get-HnsEndpoint).IpConfigurations).IpAddress; Write-Host "Checking for duplicate IP addresses inside the loop..."; $duplicateIpAddr = $ipAddresses | Group-Object | Where-Object { $_.Count -gt 1 }; if($duplicateIpAddr.Count -gt 0){ break }; $iter++; Start-Sleep -Seconds 60 }; Write-Host "Duplicate IP addresses found on the node, Duplicate IP addresses are:"; foreach($ipGroup in $duplicateIpAddr){ Write-Host $ipGroup.Name }; Write-Host "Stopping pktmon..."; pktmon stop; Write-Host "Collecting Windows logs..."; $collectWindowsLogs = "$BaseDir\collect-windows-logs.ps1"; powershell $collectWindowsLogs | Write-Host; Write-Host "Collected Windows logs and trace are at $PWD"; while($true){ if ($iter -Eq 1) { Write-Host "The issue was detected in the first iteration and it may have happened already, and log rotation may have occurred." } else { Write-Host "Issue detected. Please download and review the collected Windows logs and also traces from the following path: $PWD\traces.etl" }; Start-Sleep -Seconds 3600 } lifecycle: preStop: exec: