[SOLVED] vmbr1 do not see all eno2 traffic on my vm

[pep]

Hi,
I'm trying to setup a new proxmox box to log packet on the network.
enoX are physical network card on proxmox
vmbrX are bridges on proxmox
ensX are network card on linux VM

Basically I set up 2 eno devices eno1 (administration) and eno2 that get TX/RX traffic from a switch mirror port.
I set up vmbr0 and vmbr1 for my "logger OS", vmbr0(eno1,ens18) is SSH access and vmbr1(eno2,ens19) will receive all mirror traffic.
Sadly when I receive traffic on eno2 (looking with nload in proxmox server console) I don't see the same traffix on vmbr1 on the virtual machine (ens19 on this virtual linux).
I triied to set ens19 in promiscuous mode but it does not change anything...

Do I miss something?

 

[Stoiko Ivanov]

I guess the problem here is that the linux-bridge acts like a switch - in the sense that it learns on which port a certain mac-address is located and only forwards traffic for that mac-address to that port.

IIRC you can set a bridge to act as a hub by setting a few options for the bridge in '/etc/network/interfaces'.
I think it was 'bridge_ageing 0' but check `man bridge-utils-interfaces` for more details

Other users seem to have had success by using `tc` - https://forum.proxmox.com/threads/l...ng-tc-only-receiving-broadcast-traffic.47395/

hope this helps!

 

[pep]

Good catch!
I added bridge-ageing to vmbr1 and now I see all the network traffic of my mirrored port!

auto vmbr1
iface vmbr1 inet manual
bridge-ports eno2
bridge-stp off
bridge-fd 0
bridge-ageing 0

Thanks a lot!