On Fri, Dec 12, 2014 at 03:49:54PM -0800, Tom Carroll wrote:
> I'm observing some interesting behavior when mirroring a patch virtual
> device. I have two bridges, br-tun and xapi1 (integration bridge), connected
> via a patch. When I create a mirror on xapi1 to monitor patch-tun (the
> patch's port on xapi1) I observe only egress traffic. With the setup, I
> expect to observe both ingress and egress.
>
> The bridge is created in the following manner:
>
> ip link add name snoop0 type dummy
> ip link set dev snoop0 up
> ovs-vsctl add-port xapi1 snoop0
> ovs-vsctl -- set Bridge xapi1 mirrors=@m \
> -- --id=@snoop get Port snoop0 \
> -- --id=@patch get Port patch-tun \
> -- --id=@n create Bridge name=patchmirror select-dst-port=@patch
> select-src-port=@patch output-port=@snoop
>
> ovs-vsctl list Mirror
> _uuid : 97e806bc-b12b-45e6-a2bc-65dcf8034a4e
> external_ids : {}
> name : patchmirror
> output_port : 67ef2779-515f-44d6-b2f6-d671d098e5ea
> output_vlan : []
> select_all : false
> select_dst_port : [9403ddee-85c7-44af-bb33-25401ba00126]
> select_src_port : [9403ddee-85c7-44af-bb33-25401ba00126]
> select_vlan : []
> statistics : {tx_bytes=304112, tx_packets=1634}
>
> and when I tcpdump -ni snoop0, I only see traffic destined to the patch, but
> not sourced.
Confirmed. The OVS logic for patch ports, in compose_output_action__()
in ofproto-dpif-xlate.c, doesn't even try to handle mirroring. We
should probably fix that sometime (if you're a programmer, then we'd
gratefully accept a fix).
_______________________________________________
discuss mailing list
discuss@openvswitch.org
http://openvswitch.org/mailman/listinfo/discuss
