Hi Alan please see inline On Apr 11, 2013, at 12:21 AM, "Robson, Alan" <[email protected]> wrote:
> Is there some trick to using “perfect” filtering rules on the i82599 using > PF_RING 5.5.2 (The pre-compiled rpm version) on RHEL6 on X86_64 that I have > missed ? > > I have been successful using the 5-tuple rules, I have used ethtool –K to set > ntuple to on for the dna device, the call to add_hw_rule with my perfect rule > information returns 0, just like the 5-tuple rules, the perfect rule shows up > in the list for the interface using ethtool –u (unlike the 5-tuple rules), > but the 5-tuple rules work and the perfect filter ones just don’t. > > I’ve also tried adding perfect rules using ethtool –U and they show up in > ethtool –u but they still don’t seem to siphon any traffic toward my > executable listening on dna1@2, and If I had not started listening before > hand the system won’t even allow me to open a device called dna1@2. > > If I write my own program to add a 5-tuple rule it all around works and I get > the traffic I want. Trouble is, 5-tuple rules don’t support masks for ranges. > > [root@probe pcap]# ethtool -u dna1 > 32 RX rings available > Total 0 rules > > [root@probe pcap]# ethtool -U dna1 flow-type udp4 src-ip 75.105.246.90 m > 0.0.0.0 dst-ip 75.105.238.42 m 0.0.0.0 src-port 5060 m 0x0 dst-port 5060 m > 0x0 action 2 > Added rule with ID 2045 > [root@probe pcap]# ethtool -u dna1 > 32 RX rings available > Total 1 rules > > Filter: 2045 > Rule Type: UDP over IPv4 > Src IP addr: 75.105.246.90 mask: 0.0.0.0 > Dest IP addr: 75.105.238.42 mask: 0.0.0.0 > TOS: 0x0 mask: 0xff > Src port: 5060 mask: 0x0 > Dest port: 5060 mask: 0x0 > VLAN EtherType: 0x0 mask: 0xffff > VLAN: 0x0 mask: 0xffff > User-defined: 0x0 mask: 0xffffffffffffffff > Action: Direct to queue 2 > > It all looks good – but I can’t open dna1@2 or see any packets being queued – > there are in fact plenty of packets coming into the dna1 interface that match > this description. This is strange that you can't open dna1@2 (sorry for the stupid question: are you sure the queue exists?). It is possible to have ssh access to the machine? Or please provide all the info needed to reproduce the issue (load script, commands, pcap files, etc). > Also, I can see how to manipulate the perfect filtering masks using ethtool, > but I can’t see how to do it via the API, could you please give me some > pointers on how to do so. As the mask for perfect filters must be the same for all the filters (hw imposes this), it is automatically set to /32 by pf_ring in order to avoid misconfigurations. Best Regards Alfredo > > Many thanks > > Alan > _______________________________________________ > Ntop-misc mailing list > [email protected] > http://listgateway.unipi.it/mailman/listinfo/ntop-misc
_______________________________________________ Ntop-misc mailing list [email protected] http://listgateway.unipi.it/mailman/listinfo/ntop-misc
