Hi ,
I have two virtual machines VM1 and VM2. Then I have added eth0 of my VM
to 'default' network.
Use case :-
I want to monitor all traffic on virbr0('default' network).
Steps followed :-
1. Add VM1 eth0 to virbr0
2. Add VM2 eth1 to virbr0
3. brctl setageing ovsbr0 0 ..(To put bridge in promiscuous)
Now I am running tcpdump on eth1 of VM2 and trying to ping google.com(outside
world)
In VM2 (tcpdump -i eth1), I can see only ingress(incoming) traffic of VM1.
I am not able see outgoing traffic of VM1.
If I create another bridge and trying same scenario with 2 VM then VM2 can
see both ingress and outgress traffic.
So want to know what is the issue?
Is libvirt doing something different with this virtbr0 bridge?
--
Sagar Dilip Shedge,
Pune.
With Regards.
Hi ,
If you have any idea then please respond.
Regards,
Sagar
---------- Forwarded message ----------
From: Sagar Shedge <sagar.shedge92@gmail.com>
Date: Wed, Nov 12, 2014 at 7:25 PM
Subject: Put virbr0 in promiscusous
To: libvirt-users@redhat.com
Hi ,
I have two virtual machines VM1 and VM2. Then I have added eth0 of my VM
to 'default' network.
Use case :-
I want to monitor all traffic on virbr0('default' network).
Steps followed :-
1. Add VM1 eth0 to virbr0
2. Add VM2 eth1 to virbr0
3. brctl setageing ovsbr0 0 ..(To put bridge in promiscuous)
Now I am running tcpdump on eth1 of VM2 and trying to ping google.com(outside
world)
In VM2 (tcpdump -i eth1), I can see only ingress(incoming) traffic of VM1.
I am not able see outgoing traffic of VM1.
If I create another bridge and trying same scenario with 2 VM then VM2 can
see both ingress and outgress traffic.
So want to know what is the issue?
Is libvirt doing something different with this virtbr0 bridge?
--
Sagar Dilip Shedge,
Pune.
With Regards.
--
Sagar Dilip Shedge,
Pune.
With Regards.
On 12.11.2014 14:55, Sagar Shedge wrote:> Hi , > > > I have two virtual machines VM1 and VM2. Then I have added eth0 of my > VM to 'default' network. > > Use case :- > I want to monitor all traffic on virbr0('default' network). > > Steps followed :- > 1. Add VM1 eth0 to virbr0 > 2. Add VM2 eth1 to virbr0 > 3. brctl setageing ovsbr0 0 ..(To put bridge in promiscuous) > > Now I am running tcpdump on eth1 of VM2 and trying to ping google.com > <http://google.com>(outside world) > > In VM2 (tcpdump -i eth1), I can see only ingress(incoming) traffic of > VM1. I am not able see outgoing traffic of VM1. > > If I create another bridge and trying same scenario with 2 VM then VM2 > can see both ingress and outgress traffic. > > So want to know what is the issue? > Is libvirt doing something different with this virtbr0 bridge?I suspect it's a kernel issue. I mean, kernel takes several shortcuts in network stack when it comes to virtual NICs and virtual bridges. I've come across this when implementing QoS. I haven't tried your scenario out, I'm just guessing. BTW: depending on network type, libvirt may or may not set up some ip-/eb-tables filters. But I don't think that's the case. Michal
Hi Michal, Ok. Please can you try this scenario once you get free time. Currently my hypervisor is Ubuntu 14.04 LTS 3.13.0-24-generic. Meanwhile I will try this with some other Linux kernel also. Mail me if you find anything related to this. It will be helpful. Thanks for reply. Regards, Sagar On Mon, Nov 24, 2014 at 3:58 PM, Michal Privoznik <mprivozn@redhat.com> wrote:> On 12.11.2014 14:55, Sagar Shedge wrote: > >> Hi , >> >> >> I have two virtual machines VM1 and VM2. Then I have added eth0 of my >> VM to 'default' network. >> >> Use case :- >> I want to monitor all traffic on virbr0('default' network). >> >> Steps followed :- >> 1. Add VM1 eth0 to virbr0 >> 2. Add VM2 eth1 to virbr0 >> 3. brctl setageing ovsbr0 0 ..(To put bridge in promiscuous) >> >> Now I am running tcpdump on eth1 of VM2 and trying to ping google.com >> <http://google.com>(outside world) >> >> In VM2 (tcpdump -i eth1), I can see only ingress(incoming) traffic of >> VM1. I am not able see outgoing traffic of VM1. >> >> If I create another bridge and trying same scenario with 2 VM then VM2 >> can see both ingress and outgress traffic. >> >> So want to know what is the issue? >> Is libvirt doing something different with this virtbr0 bridge? >> > > I suspect it's a kernel issue. I mean, kernel takes several shortcuts in > network stack when it comes to virtual NICs and virtual bridges. I've come > across this when implementing QoS. I haven't tried your scenario out, I'm > just guessing. BTW: depending on network type, libvirt may or may not set > up some ip-/eb-tables filters. But I don't think that's the case. > > Michal >-- Sagar Dilip Shedge, Pune. With Regards.