host mirroring on multiple VM (unique VNETid/uuid)

Question

We want to mirror all traffic going in/out port vnet0, and we want to send it to bridge port vnet2 (where we have a traffic monitoring application) and make sure traffic from vnet2 is excluded on tcpdump running on vnet2

I am using bond0 mirroring to mirror traffic from all the VM present to new VM(vnet2) "tc filter add dev bond0 parent ffff: protocol all u32 match u8 0 0 action mirred egress mirror dev vnet2

tcpdump trace collected at vnet2 should have traces from all the VM except traces from vnet2

score 0 · Answer 1 · answered Jun 25 '19 at 14:41

0

get the IP of new VM by below command: -> ifconfig | grep -Eo 'inet (addr:)?([0-9].){3}[0-9]' | grep -Eo '([0-9].){3}[0-9]' | grep -v '127.0.0.1'

-> sudo tcpdump -w test.pcap not host

answered Jun 25 '19 at 14:41

Shirish Mishra

1

host mirroring on multiple VM (unique VNETid/uuid)

1 Answers1