On 2/26/16 16:23 , Rob Seastrom wrote: > > Hi folks, > > Maybe my Google-fu is failing me (and searching my archives of this list has > failed me too)... but has anyone got a recipe for passing through a physical > NIC in a mode where it can go promiscuous mode to a SmartMachine? Is that > even possible with Crossbow in the middle? > > Use case is monitoring span/port mirrors on a couple of switches, or maybe > optical taps if I manage to find my junk box. I see that Snort is in pkgsrc > - don't know if that means people are running it just on a SmartMachine to > monitor traffic to and from it, or if folks are actually running a full blown > network IDS on SmartOS.
While you can't assign a physical nic itself you can opt to allow the vnic to have unfiltered access to the underlying device's promiscuous mode with the vmadm property 'nics.*.allow_unfiltered_promisc'. That should do what you need, I expect, but still allow other zones to leverage the device (which would not really be possible if you assigned the NIC fully to the zone). Robert ------------------------------------------- smartos-discuss Archives: https://www.listbox.com/member/archive/184463/=now RSS Feed: https://www.listbox.com/member/archive/rss/184463/25769125-55cfbc00 Modify Your Subscription: https://www.listbox.com/member/?member_id=25769125&id_secret=25769125-7688e9fb Powered by Listbox: http://www.listbox.com
