[ovs-discuss] Port mirroring patch only sees egress traffic

Tom Carroll thomas.carroll at pnnl.gov
Fri Dec 12 23:49:54 UTC 2014


Good day list -

I'm observing some interesting behavior when mirroring a patch virtual 
device. I have two bridges, br-tun and xapi1 (integration bridge), 
connected via a patch. When I create a mirror on xapi1 to monitor 
patch-tun (the patch's port on xapi1) I observe only egress traffic. 
With the setup, I expect to observe both ingress and egress.

The bridge is created in the following manner:

ip link add name snoop0 type dummy
ip link set dev snoop0 up
ovs-vsctl add-port xapi1 snoop0
ovs-vsctl -- set Bridge xapi1 mirrors=@m \
-- --id=@snoop get Port snoop0 \
-- --id=@patch get Port patch-tun \
-- --id=@n create Bridge name=patchmirror select-dst-port=@patch 
select-src-port=@patch output-port=@snoop

ovs-vsctl list Mirror
_uuid               : 97e806bc-b12b-45e6-a2bc-65dcf8034a4e
external_ids        : {}
name                : patchmirror
output_port         : 67ef2779-515f-44d6-b2f6-d671d098e5ea
output_vlan         : []
select_all          : false
select_dst_port     : [9403ddee-85c7-44af-bb33-25401ba00126]
select_src_port     : [9403ddee-85c7-44af-bb33-25401ba00126]
select_vlan         : []
statistics          : {tx_bytes=304112, tx_packets=1634}

and when I tcpdump -ni snoop0, I only see traffic destined to the patch, 
but not sourced.

The version of software is
ovs-vsctl (Open vSwitch) 2.1.3
Compiled Sep 15 2014 05:43:35

running on XenServer Creedence Beta 3 (linux kernel version 3.10.0+2).

The current work around is to create an Open Flow rule to duplicate the 
traffic.

~ Tom



More information about the discuss mailing list