Hi, If it is the restriction of Linux kernel, how about using OVS instead?
With OVS, you can add the port mirroring more flexibly, I think. Thanks, Iwase On 2016年02月19日 07:14, Henrique Santos Fernandes wrote: > Just an update. > > I guess it was an update in kernel. ( although i could not find the commit. ) > > I am now using my lts kernel from archlinux and the command runned fine > > Thanks > > Em qui, 18 de fev de 2016 às 17:47, Henrique Santos Fernandes > <[email protected] <mailto:[email protected]>> escreveu: > > Hello, > > There is anyother alternatve to this? > > I mean, now for somereason I get an error while trying to do this: > > # brctl setageing rede_snort1 0 > set ageing time failed: Numerical result out of range > > It only works when the number is 10 or above. > I looked for new code to see if there is any change to it, but could not > find it. > Any one knows anything? > > Thanks! > > > > Em sex, 18 de set de 2015 às 11:09, Henrique Santos Fernandes > <[email protected] <mailto:[email protected]>> escreveu: > > Yusuke, > > Yes, it is controlled by bridge-utils > > Thanks a lot! > It seens that is working right now! > > Before i realize it was probaly a brigde problem, cause when > tcpdumping from KVM host all the interfaces and brigdes, i could see that the > packages was beeing sent on the vm interfaces, but not getting into the > brigde, i also try to see more about brctl comands.. but i did not make > anything usefull of it!! > > Only thing i could do was to see the learned macs in the brigde! > > Again, Thanks a lot, i was able to see all ping packets on the snort > host! > > > > > Em qui, 17 de set de 2015 às 23:06, Yusuke Iwase > <[email protected] <mailto:[email protected]>> escreveu: > > Hi, > > First, Br1 is a virtual bridge which controlled by > "bridge-utils", right? > If so, please try the following command. > $ sudo brctl setageing <bridgename> 0 > > Because the virtual bridge performs as a L2 switch, > millered packets maybe droped at Br1. > > The above command forces to forget every MAC address > and makes the bridge act as a repeater hub. > > Thanks, > Iwase > > > On 2015年09月18日 00:13, Henrique Santos Fernandes wrote: > > Hello, > > > > I am trying to use ryu + mininet + snort integration everything > virtualized on KVM > > > > Right now my goal is: > > > > Have a Snort machine > > A mininet machine. > > > > The mininet have the ryu controller with snort integration, and > the snort machine have pigrelay, so it will comunicate with the ryucontroler. > > > > I created a mininet network and use hwintf.py so i could add > the virtual machine interface to mininet. This is done so this machine can > comunicate to the snort machine. i use linux brigde to get it done for KVM. > > > > So Br1 is atached to mininet and snort machine as eth1 > > When i use simple switch, the machine is able to comunicate > without problem but my point is to send all packed out on this interface, > like port mirroring but from al lports, so snort can analize all traffic. > > > > The problem is, snort does not see anything... i use this FLOW > action: > > > > actions = [parser.OFPActionOutput(out_port), > > parser.OFPActionOutput(self.snort_port)] > > > > So the controller send the packtes to the port it suposed to > send and to snort. > > > > When i ping the snort, i receive a "DUP" packect.. so i guess > it is kind of working.. > > > > But when i ping anyhost else, nothing goes to the snort, > tcpdump dont see anything. > > > > Does anyone knows another way of getting this kind of > connectionthat i want? > > Or how to fix this problem? > > > > Thanks a lot! > > > > > > > > > ------------------------------------------------------------------------------ > > Monitor Your Dynamic Infrastructure at Any Scale With Datadog! > > Get real-time metrics from all of your servers, apps and tools > > in one place. > > SourceForge users - Click here to start your Free Trial of > Datadog now! > > http://pubads.g.doubleclick.net/gampad/clk?id=241902991&iu=/4140 > > > > > > > > _______________________________________________ > > Ryu-devel mailing list > > [email protected] > <mailto:[email protected]> > > https://lists.sourceforge.net/lists/listinfo/ryu-devel > > > ------------------------------------------------------------------------------ Site24x7 APM Insight: Get Deep Visibility into Application Performance APM + Mobile APM + RUM: Monitor 3 App instances at just $35/Month Monitor end-to-end web transactions and take corrective actions now Troubleshoot faster and improve end-user experience. Signup Now! http://pubads.g.doubleclick.net/gampad/clk?id=272487151&iu=/4140 _______________________________________________ Ryu-devel mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/ryu-devel
