Here is steps I'm trying to play with port mirror on OVS:
1. INPORT=tap0 2. #OUTPORT=ens806f0 3. OUTPORT=tap1 4. ovs-vsctl -- --id=@m get mirror mymirror -- remove bridge ovs-usw0 mirrors @m 5. ovs-vsctl -- --id=@m create mirror name=mymirror -- add bridge ovs-usw0 mirrors @m 6. ovs-vsctl -- --id=@portid get port $INPORT -- set mirror mymirror select_src_port=@portid select_dst_port=@portid 7. #ovs-vsctl add-port ovs-usw0 $OUTPORT 8. ovs-vsctl -- --id=@portid get port $OUTPORT -- set mirror mymirror output-port=@portid 9. ovs-vsctl list mirror mymirror Case1: A kvm guest1 traffic goes down through tap0 by virtio, and enter bridge ovs-usw0. ens806f0 is a 10G physical port where I want all guest traffic got mirrored into. After above settings, generate some traffic on guest, and then tcpdump on destination mirrored port, ens806f0 in this case, nothings pops up... Any thing I missed here? Case2: But when I a set output-port to tap1, which anchor kvm guest2 traffic, run tcpdump inside guest2 will see all guest1 traffic, however guest2 can reach outside anymore, it can only got mirrored guest1 traffic. Is it designed to do so for guest2 only accept mirrored traffic, but not able to generate its own traffic to outside? -- No zuo no die but I have to try. _______________________________________________ discuss mailing list discuss@openvswitch.org http://openvswitch.org/mailman/listinfo/discuss
