Jun 2, 2022
For a project we have a UniFi 24 Ports switch (2nd gen), we also have a Proxmox cluster. We configured the UniFi switch to mirror the uplink (trunk) port to the UniFi UDM. When physically connecting a laptop and Wireshark to this mirror port, we can see all traffic (from ALL vlan's).

However, we want to bind this port to a VM inside Proxmox and use Wireshark in that VM, but in our current configuration, it looks like we are only seeing Broadcast traffic. How can we solve this problem?

Our configuration looks as follows:
Please note: the blue selected (virtual) NIC's are the relevant NIC's in this image, the other NIC's work as needed and DON'T need any change!

Is there someone who has had the same issue or perhaps someone who knows the awnser to this question?

Thanks in advance!

P.S. if more information is required, please let me now!
I'm not sure this can work this way.

With this setup the VM listening has a virtual port behind a Linux bridge which acts more or less like a switch. This would explain why you are only seeing broadcast traffic :).

I think what should work is handing over the network card PCIe to the VM, the other option is Open VSwitch (OVS) where you can set promiscuous mode but I never played around with that (see https://pve.proxmox.com/wiki/Open_vSwitch )
