[Openstack] add new ports to port mirror
Priyanka
ppnaik at cse.iitb.ac.in
Tue May 24 04:30:00 UTC 2016
Hey,
Thanks a lot for such a detailed explanation.
Regards,
Priyanka
On Tuesday 24 May 2016 09:59 AM, Kaustubh Kelkar wrote:
>
> Ah, so you want to add to an existing port mirror. I had presumed you
> would delete the existing one and re-create a new dummy port to mirror
> traffic from the two ports.
>
> Anyway, here’s how I would go (from scratch):
>
> 1)Create a dummy interface
>
> ip link add name sniff0 type dummy
>
> ip link set dev sniff0 up
>
> 2)Attach to the OVS bridge br-int
>
> ovs-vsctl add-port br-int sniff0
>
> 3)Mirror traffic from port int-br2 on sniff0
>
> ovs-vsctl -- set Bridge br-int mirrors=@m \
>
> -- --id=@sniff0 get Port sniff0 \
>
> -- --id=@int-br2 get Port int-br2 \
>
> -- --id=@m create Mirror name=mirror0 select-dst-port=@int-br2 \
>
> select-src-port=@int-br2 output-port=@sniff0 select_all=1
>
> 4)Add **another port** int-br3 so that traffic from this port is
> mirrored on sniff0 as well
>
> ovs-vsctl add Mirror mirror0 select_src_port <UUID of int-br2>
>
> ovs-vsctl add Mirror mirror0 select_dst_port <UUID of int-br2>
>
> ovs-vsctl add Mirror mirror0 output_port <UUUID of sniff0>
>
> 5)Show the config,
>
> root at xxxxx:/home/kkelkar# ovs-vsctl find Mirror
>
> _uuid : 0c31c824-c9b7-466b-b262-a92a9c7908a2
>
> external_ids : {}
>
> name : "mirror0"
>
> output_port : 802b18f0-f0c3-4c28-bf7b-7be741ecb24e
>
> output_vlan : []
>
> select_all : true
>
> select_dst_port : [46d079b1-08d5-4865-b32c-a1edce5a4f4d,
> 8bd232e6-c87a-41e6-ba38-b49ab7859a0e]
>
> select_src_port : [46d079b1-08d5-4865-b32c-a1edce5a4f4d,
> 8bd232e6-c87a-41e6-ba38-b49ab7859a0e]
>
> select_vlan : []
>
> statistics : {tx_bytes=3106, tx_packets=37}
>
> As for getting the UUIDs, you could use
>
> ovs-vsctl list Port int-br3
>
> ovs-vsctl list Port sniff0 etc.
>
> And possibly you can trace traffic:
>
> root at hchi:/home/kkelkar# tcpdump -tnei sniff0
>
> tcpdump: WARNING: sniff0: no IPv4 address assigned
>
> tcpdump: verbose output suppressed, use -v or -vv for full protocol decode
>
> listening on sniff0, link-type EN10MB (Ethernet), capture size 65535 bytes
>
> fa:16:3e:f3:7e:2a > 00:0c:db:d0:b1:80, ethertype 802.1Q (0x8100),
> length 70: vlan 4, p 0, ethertype IPv4, 10.3.129.164.754 >
> 192.168.2.27.2049: Flags [.], ack 3993225264, win 182, options
> [nop,nop,TS val 71232768 ecr 3080260966], length 0
>
> fa:16:3e:f3:7e:2a > 00:0c:db:d0:b1:80, ethertype 802.1Q (0x8100),
> length 182: vlan 4, p 0, ethertype IPv4, 10.3.129.164.754 >
> 192.168.2.27.2049: Flags [P.], seq 1:113, ack 1, win 182, options
> [nop,nop,TS val 71232768 ecr 3080260966], length 112: NFS request xid
> 1430702477 getattr [|nfs]
>
> fa:16:3e:ec:5a:ae > fa:16:3e:56:1b:7a, ethertype 802.1Q (0x8100),
> length 70: vlan 1, p 0, ethertype IPv4, 192.168.2.27.2049 >
> 192.168.10.23.754: Flags [.], ack 2335208845, win 114, options
> [nop,nop,TS val 3080321126 ecr 71217728], length 0
>
> Hope this helps.
>
> -Kaustubh
>
> *From:*Priyanka [mailto:ppnaik at cse.iitb.ac.in]
> *Sent:* Monday, May 23, 2016 12:07 AM
> *To:* Kaustubh Kelkar <kaustubh.kelkar at casa-systems.com>; OpenStack
> Mailing List <openstack at lists.openstack.org>
> *Subject:* Re: [Openstack] add new ports to port mirror
>
> Hi,
>
> I have used this command to create the port mirror. How can I mirror a
> new port too say eth2 on this existing port mirror (sniff0)?
>
> Thanks,
>
> Priyanka
>
> On Friday 20 May 2016 08:59 PM, Kaustubh Kelkar wrote:
>
> From http://openvswitch.org/support/dist-docs/ovs-vsctl.8.txt, can
> you try the following?
>
> To mirror traffic on ports eth0 and eth1 on port mirror sniff0:
>
> ovs-vsctl -- set Bridge br-int mirrors=@m \
>
> -- --id=@eth0 get Port eth0 \
>
> -- --id=@eth1 get Port eth1 \
>
> -- --id=@sniff0 get Port sniff0 \
>
> -- --id=@m create Mirror name=mymirror
> select-dst-port=@eth0, at eth1 \
>
> select-src-port=@eth0, at eth1 output-port=@sniff0 select_all=1
>
> -Kaustubh
>
> *From:*Priyanka [mailto:ppnaik at cse.iitb.ac.in]
> *Sent:* Friday, May 20, 2016 5:43 AM
> *To:* OpenStack Mailing List <openstack at lists.openstack.org>
> <mailto:openstack at lists.openstack.org>
> *Subject:* [Openstack] add new ports to port mirror
>
> Hi,
>
> I am having port mirror on br-int of compute node to capture
> traffic from VM. Can I add new ports (i.e. of a new VM) to an
> existing port mirror? If so, what command do I need to use?
>
>
> Thanks,
>
> Priyanka
>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.openstack.org/pipermail/openstack/attachments/20160524/7a8a795c/attachment.html>
More information about the Openstack
mailing list