Tap as a service on openstack with Juju and MaaS
Hello, I've been struggling to configure tap as a service on openstack for a few months now. I can't find any guide or anything about it. Can you suggest a method of port mirroring? I've even via the ovs bridge but I really need a way to mirror data and send it to an instance for analysis as I'm working on an IDS. Thanks in advance for any ideas ! JB
Hi, As I know TaaS is the only port mirroring service in Openstack for OVS and with some basic functionality for sriov. However as in recent years it has a disturbed history it has no real deployment support. I would start with checking what is done by devstack ( https://opendev.org/openstack/tap-as-a-service/src/branch/master/devstack ). If you need any help I am happy to help even with reviews if you have reviews in some charms or ansible playbooks. Lajos (lajoskatona) Jean-Bernard Altidor <altidorjb@gmail.com> ezt írta (időpont: 2023. júl. 27., Cs, 15:41):
Hello, I've been struggling to configure tap as a service on openstack for a few months now. I can't find any guide or anything about it. Can you suggest a method of port mirroring? I've even via the ovs bridge but I really need a way to mirror data and send it to an instance for analysis as I'm working on an IDS. Thanks in advance for any ideas ! JB
Hello Lajos, Thanks for the quick reply. As I couldn't make it work with juju and MaaS, I did a test with DevStack and still my Tap Services and flows stay down. I followed this : https://opendev.org/openstack/tap-as-a-service/src/branch/master/devstack and read your doc that's in review : https://review.opendev.org/c/openstack/tap-as-a-service/+/828382. I also checked that the service plugin was actually added in the neutron.conf. JB On Mon, Jul 31, 2023 at 5:37 AM Lajos Katona <katonalala@gmail.com> wrote:
Hi, As I know TaaS is the only port mirroring service in Openstack for OVS and with some basic functionality for sriov. However as in recent years it has a disturbed history it has no real deployment support. I would start with checking what is done by devstack ( https://opendev.org/openstack/tap-as-a-service/src/branch/master/devstack ). If you need any help I am happy to help even with reviews if you have reviews in some charms or ansible playbooks.
Lajos (lajoskatona)
Jean-Bernard Altidor <altidorjb@gmail.com> ezt írta (időpont: 2023. júl. 27., Cs, 15:41):
Hello, I've been struggling to configure tap as a service on openstack for a few months now. I can't find any guide or anything about it. Can you suggest a method of port mirroring? I've even via the ovs bridge but I really need a way to mirror data and send it to an instance for analysis as I'm working on an IDS. Thanks in advance for any ideas ! JB
participants (2)
-
Jean-Bernard Altidor
-
Lajos Katona