On 2/29/16 14:56 , Rob Seastrom wrote: > >> On Feb 29, 2016, at 5:27 PM, Robert Mustacchi <[email protected]> wrote: >>> I can see all traffic just fine when I run snoop in the global zone. >>> >>> A possible added difficulty is that the mirror port is spitting out 802.1q >>> tagged traffic. I was only getting the LLDP traffic between the switch and >>> the router (i.e. untagged) before I configured the nic with a vlan in the >>> smartmachine. >> >> When I originally did the unfiltered promisc bits it was focused on >> additional mac addresses for KVM guests which would still be on the same >> VLAN. There could be some gotchas there. Though, I'd also run dladm >> show-linkprop to verify that it's been properly set. Note that this will >> require the zone to be halted and then started up again. > > Turns out that it was not being set right. I rebooted the zone, and then > prior to starting tcpdump, ran: > > dladm set-linkprop -z 2dc24843-a10c-6e9d-a9d0-c69520ece6d9 -p > promisc-filtered=off net1 > > I was rewarded with "dladm: warning: invalid link property > 'promisc-filtered'", but the current value changed from "on" to "off", and > after that tcpdump worked as expected.
That warning came most likely because you missed the -t option. > Doesn't seem to be persistent across reboots of the zone though. Any clues > to making it persistent? Actually, looking deeper, the problem is that I trusted my memory too much as Eric pointed out. We don't actually support passing this through for non-KVM instances at this moment, per https://github.com/joyent/smartos-live/blob/master/overlay/generic/usr/lib/brand/joyent/statechange#L21. Robert ------------------------------------------- smartos-discuss Archives: https://www.listbox.com/member/archive/184463/=now RSS Feed: https://www.listbox.com/member/archive/rss/184463/25769125-55cfbc00 Modify Your Subscription: https://www.listbox.com/member/?member_id=25769125&id_secret=25769125-7688e9fb Powered by Listbox: http://www.listbox.com
