Send mirrored traffic into guest vm

[geminux]

Hi everyone,

I try to send mirrored traffic from another physical system to a guest vm.
The whole stack to achieve this is dedicated (switch port, physical nic, vmbr, guest nic).

I can see the mirrored traffic with tcpdump in the physical nic and the bridge.
But nothing from the tap interface or the guest nic.

notes:

• I tried with and without promiscuous mode on each nic/bridge/tap.
  
• I know I could achieve this with SR-IOV but I'd like to avoid modifying the whole setup for now (And it will be great to make it work on non-SR-IOV capable hardware)

EDIT : pve-manager/5.1-41/0b958203 (running kernel: 4.13.13-2-pve)

Here is a small diagram


Any thoughts/help about this ?
Thanks

 

[geminux]

OK guys it works

If anyone need the same functionnality, you just need to make the bridge act as a hub.

brctl setageing vmbr99 0

If you want to make it persistent, put this in /etc/network/interfaces

auto vmbrXX
iface vmbrXX inet manual
        bridge_ports nic0
        bridge_stp off
        bridge_fd 0
        bridge_ageing 0

I strongly recommand to do it ONLY on a dedicated vmbr/nic with ONLY few tap interfaces attached to avoid unnecessary congestion

 

[Fathi]

Hello,

bridge_ageing or bridge-ageing ?

 

[spirit]

Hello,

bridge_ageing or bridge-ageing ?

both should work.

(Note that bridge_ageing 0, will flood all traffic to all vms, like a hub)