[ovs-dev] Sflow monitoring on tunnel ports sends outter header information instead of inner header
Neil McKee
neil.mckee at inmon.com
Fri Nov 6 19:21:14 UTC 2015
The sFlow sampling is enabled on ingress to every bridge port (except for
"patch ports" between bridges). So the headers you see will depend on
which port the samples came from, and where the tunnel encapsulation is
being added.
For example, consider the following OVN setup:
br-ext <-> linux routing <-> br-int <-> vm
Traffic from vm will be sampled as it enters br-int and packet samples will
show inner traffic (annotated with encap/decap action meta-data in separate
structures).
Then after routing it enters br-ext. Now the packet samples will show
encapsulated traffic.
So this way you get the full picture. It's just that your sFlow collector
sometimes has to decode deeper into the packet to pull out the inner
addresses etc.
I hope this is clear.
Neil
------
Neil McKee
InMon Corp.
http://www.inmon.com
On Fri, Nov 6, 2015 at 5:40 AM, Liran Schour <LIRANS at il.ibm.com> wrote:
> Hi all,
>
> Recently I noticed that the behavior of sflow agent in OVS has changed.
> In the past sflow monitoring on traffic that goes through tunnel ports had
> sent the inner header information (virtual flow).
> When I try to do the same sflow monitoring with the current master branch
> I get the information of the outer header instead of the inner header (
> physical flow instead of virtual flows).
>
> Anybody knows something about it?
>
> Thanks,
> - Liran
>
> _______________________________________________
> dev mailing list
> dev at openvswitch.org
> http://openvswitch.org/mailman/listinfo/dev
>
More information about the dev
mailing list