Hello,
I'm using Open vSwitch on my proxmox box (proxmox 6.1-3, ovs version 2.10.1). I had hoped to mirror all traffic on one bridge to a guest machine's tap interface, which I would use as the monitoring interface for the security onion running within that vm. I found a few references to this technique online (e.g. https://github.com/0xvext/proxmox-seconiontap.sh).
When this didn't work for me (tap interface "doesn't exist in table Port"), I eventually discovered that proxmox is creating the vm tap interfaces on linux bridges named fwxxx rather than in ovs. Is this the way it's supposed to work? Is there some way to configure proxmox so that all of the bridges and interfaces it creates are done so within ovs?
Alternately, can anyone suggest a better technique for mirroring all traffic on a virtual bridge to a network device in a vm?
Thanks!
Chris
I'm using Open vSwitch on my proxmox box (proxmox 6.1-3, ovs version 2.10.1). I had hoped to mirror all traffic on one bridge to a guest machine's tap interface, which I would use as the monitoring interface for the security onion running within that vm. I found a few references to this technique online (e.g. https://github.com/0xvext/proxmox-seconiontap.sh).
When this didn't work for me (tap interface "doesn't exist in table Port"), I eventually discovered that proxmox is creating the vm tap interfaces on linux bridges named fwxxx rather than in ovs. Is this the way it's supposed to work? Is there some way to configure proxmox so that all of the bridges and interfaces it creates are done so within ovs?
Alternately, can anyone suggest a better technique for mirroring all traffic on a virtual bridge to a network device in a vm?
Thanks!
Chris