I'm running into an interesting issue, and I was curious if anyone else
has ran into it.
I can run the DNA drivers and be able to pull traffic into Snort/TCPDUMP
without an issue, but if I try to run the PF_RING Aware Drivers for my
ixgbe card I get no traffic. I'm pretty sure it is to do with VLAN
tagging, I just haven't been able to figure out what exactly. I've tried
using ethtool to disable 'rxvlan' but it isn't able to make the changes.
Has anyone else ran into this? I really don't want to have to make a
tagged interface for each VLAN, and the DNA drivers won't work for us
since we'll be pushing out to multiple IDS applications, and only one
application can exist on a queue, although I may just be
misunderstanding how the DNA drivers work.
Here's some output from ethtool:
#ifconfig p1p1
Link encap:Ethernet HWaddr 00:xx
UP BROADCAST RUNNING PROMISC MULTICAST MTU:1500 Metric:1
RX packets:1536044361 errors:0 dropped:0 overruns:0 frame:0
TX packets:29 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:1000
RX bytes:1414833145971 (1.2 TiB) TX bytes:3582 (3.4 KiB)
# ethtool -k p1p1
Features for p1p1:
rx-checksumming: on
tx-checksumming: on
scatter-gather: on
tcp-segmentation-offload: on
udp-fragmentation-offload: off
generic-segmentation-offload: on
generic-receive-offload: on
large-receive-offload: on
rx-vlan-offload: on
tx-vlan-offload: on
ntuple-filters: off
receive-hashing: on
ethtool -d p1p1 | grep VLAN
0x05088: VLNCTRL (VLAN Control register) 0x00008100
VLAN Mode: disabled
VLAN Filter: disabled
0x05AC0: IMIRVP (Immed. Interr. Rx VLAN Prior.) 0x00000000
# ethtool -K p1p1 rxvlan off
Could not change any device features
Anyone have any ideas on this?
Thanks
_______________________________________________
Ntop-misc mailing list
[email protected]
http://listgateway.unipi.it/mailman/listinfo/ntop-misc
