- openvswitch 패킷 덤프 필요 시 ovs 포트에 미러링 포트를 생성하여 tcpdump 등으로 패킷을 확
1. Bridge 정보 확인
# ovs-vsctl show
3a5311c5-9111-4d90-997f-c42c4fce7ff4
Bridge "br1"
Port "br1"
Interface "br1"
type: internal
Port "tap1"
tag: 0
Interface "tap1" // Destination
Port "bond1"
Interface "eth3"
Interface "eth1" // Source
ovs_version: "2.3.3"
2. port mirror 생성
# ovs-vsctl -- set Bridge br1 mirrors=@m \ >> br1에서 mirror 생성
-- --id=@tap1 get Port tap1 \ >> Port tap1에서 @tap1 정의
-- --id=@eth1 get Port bond1 \ >> Port bond1에서 @eth1 정의
-- --id=@m create Mirror name=eth1-mirror select-dst-port=@eth1 \ >> 이름, dest, src 정의
select-src-port=@eth1 output-port=@tap1 select_all=1
# ovs-vsctl -- set Bridge br1 mirrors=@m \
-- --id=@tap1 get Port tap1 \
-- --id=@eth1 get Port bond1 \
-- --id=@m create Mirror name=eth1-mirror select-dst-port=@eth1 \
select-src-port=@eth1 output-port=@tap1 select_all=1
f6bbb080-9cc0-4d4e-9035-5e1e571e6bc1
3. 확인
# ovs-vsctl list Bridge br1
_uuid : f4534dc2-2aec-459e-b948-6796a4955190
controller : []
datapath_id : "00000cc47a011bf3"
datapath_type : ""
external_ids : {}
fail_mode : []
flood_vlans : []
flow_tables : {}
ipfix : []
mirrors : [f6bbb080-9cc0-4d4e-9035-5e1e571e6bc1]
name : "br1"
netflow : []
other_config : {}
ports : [c7a0668e-d999-4a9c-93c5-e5655e881d6b, ce04fa18-e683-404f-ad39-d460c0319c49, f017b001-9926-43c3-b468-06e52b5dbcd7]
protocols : []
sflow : []
status : {}
stp_enable : false
4. Mirror 제거
# ovs-vsctl clear Bridge br1 mirrors
'IT > linux' 카테고리의 다른 글
| nfs server with selinux (0) | 2023.06.22 |
|---|---|
| Ansible Controller 설치 (bundle) - Trial License (0) | 2023.06.20 |
| tip : disk full (0) | 2022.06.10 |
| extending xfs filesystem (xfs 확장) (0) | 2022.06.10 |
| creating bond devices on CentOS7, Redhat7 (0) | 2022.06.10 |