[ovs-discuss] OVS port mirroring for EW traffic

chintu hetam rometoroam at gmail.com
Wed Dec 16 20:05:39 UTC 2015


Hi All,

I am trying to monitor EW traffic on openstack FW.
I see a peculiar problem, when i access VM2(ssh into) via internal address
i don't see any packets in VM3 tcpdump window, however if i do ssh via
external address(floating-ip, openstack) it works fine.

my internal addresses are of 192.168.90.x range.
and external addresses are of 10.x.y.z range, connectivity wise it's
absolutely fine.
i can connect from inside VM to external address and vice versa, can
connect with internal address within the subnet etc.

*Following is my setup.*

VM1: plays pcap file with tcpreplay, pcap file is modified to reflect
src-dst mac addresses, src-dst ip addresses.

VM2: targeted VM, port mirror is created from port(whose ip address and mac
addresses are part of destination in pcap playing on vm1) to monitoring
port of VM3

VM3: monitoring VM with output port mentioned in mirror configuration.

*Mirror Command*

ovs-vsctl -- set Bridge br-int mirrors=@m -- --id=@qvobb6411a4-da get Port
qvobb6411a4-da -- --id=@qvob6c734d9-d9 get Port qvob6c734d9-d9 -- --id=@m
create Mirror name=mirror2 select-src-port=@qvobb6411a4-da
select-dst-port=@qvobb6411a4-da output-port=@qvob6c734d9-d9

*OVS-Admin relevant command o/p*

[root at compute vcr]# ovs-vsctl list mirror
77b5714b-337e-4685-b6ed-fbf70ad2a7b2
_uuid               : 77b5714b-337e-4685-b6ed-fbf70ad2a7b2
external_ids        : {}
name                : "mirror2"
output_port         : 788ec0c2-7547-4e3b-9b2a-161945ce508b
output_vlan         : []
select_all          : false
select_dst_port     : [49eec9fd-0495-486f-827f-ed9696d93a98]
select_src_port     : [49eec9fd-0495-486f-827f-ed9696d93a98]
select_vlan         : []
statistics          : {tx_bytes=128568126093, tx_packets=637149016}
[root at compute vcr]# ovs-vsctl list port 788ec0c2-7547-4e3b-9b2a-161945ce508b
_uuid               : 788ec0c2-7547-4e3b-9b2a-161945ce508b
bond_active_slave   : []
bond_downdelay      : 0
bond_fake_iface     : false
bond_mode           : []
bond_updelay        : 0
external_ids        : {}
fake_bridge         : false
interfaces          : [c2a2f668-9ca7-4220-a95c-b8792bec4dbe]
lacp                : []
mac                 : []
name                : "qvob6c734d9-d9"
other_config        : {}
qos                 : []
statistics          : {}
status              : {}
tag                 : 5
trunks              : []
vlan_mode           : []
[root at compute vcr]# ovs-vsctl list port 49eec9fd-0495-486f-827f-ed9696d93a98
_uuid               : 49eec9fd-0495-486f-827f-ed9696d93a98
bond_active_slave   : []
bond_downdelay      : 0
bond_fake_iface     : false
bond_mode           : []
bond_updelay        : 0
external_ids        : {}
fake_bridge         : false
interfaces          : [3f03e8d8-8cc7-47fb-b467-fc1c2168305b]
lacp                : []
mac                 : []
name                : "qvobb6411a4-da"
other_config        : {}
qos                 : []
statistics          : {}
status              : {}
tag                 : 4
trunks              : []
vlan_mode           : []
[root at compute vcr]# ovs-vsctl list interface
3f03e8d8-8cc7-47fb-b467-fc1c2168305b
_uuid               : 3f03e8d8-8cc7-47fb-b467-fc1c2168305b
admin_state         : up
bfd                 : {}
bfd_status          : {}
cfm_fault           : []
cfm_fault_status    : []
cfm_flap_count      : []
cfm_health          : []
cfm_mpid            : []
cfm_remote_mpids    : []
cfm_remote_opstate  : []
duplex              : full
external_ids        : {attached-mac="fa:16:3e:3c:9d:fd",
iface-id="bb6411a4-da13-4384-a2c3-cf1bba526686", iface-status=active,
vm-uuid="fcf46f08-167f-46dc-8c71-c72725076671"}
ifindex             : 66
ingress_policing_burst: 0
ingress_policing_rate: 0
lacp_current        : []
link_resets         : 1
link_speed          : 10000000000
link_state          : up
mac                 : []
mac_in_use          : "62:f3:54:16:f3:68"
mtu                 : 1500
name                : "qvobb6411a4-da"
ofport              : 14
ofport_request      : []
options             : {}
other_config        : {}
statistics          : {collisions=0, rx_bytes=252762412, rx_crc_err=0,
rx_dropped=0, rx_errors=0, rx_frame_err=0, rx_over_err=0,
rx_packets=120669219, tx_bytes=3726268303, tx_dropped=0, tx_errors=0,
tx_packets=719563114}
status              : {driver_name=veth, driver_version="1.0",
firmware_version=""}
type                : ""

what am i missing?

-chintu-
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://openvswitch.org/pipermail/ovs-discuss/attachments/20151216/1dbcc75e/attachment-0002.html>


More information about the discuss mailing list