Solved

single VM in promiscuous mode on AHV

  • 11 January 2018
  • 8 replies
  • 4380 views

Userlevel 1
Badge +7

How to enable promiscuous mode on AHV ?

 

icon

Best answer by EladRosen 18 January 2018, 17:09

View original

This topic has been closed for comments

8 replies

Userlevel 3
Badge +13
Are you looking to sniff only packets destined/originating from vm's running on AHV? or do you want to sniff packets from physical devices outside the host?
Userlevel 1
Badge +7
Sniff packets from physical devices outside the host
Userlevel 1
Badge +7
any news?
Userlevel 3
Badge +13
As of now it is not possible to sniff packets from physical devices external to Nutanis. There is a feature request logged for this capability. You can only sniff packets that are originating or destined to AHV vm's by using the network chain functionality.
Userlevel 1
Badge +7
Hi
i was able to make it work with this commands

$ ovs-vsctl add-br br0$ ovs-vsctl add-port br0 eth0$ ovs-vsctl add-port br0 tap0$ ovs-vsctl add-port br0 tap1 -- --id=@p get port tap1 -- --id=@m create mirror name=m0 select-all=true output-port=@p -- set bridge br0 mirrors=@m
Userlevel 3
Badge +13
EladRosen We don't recommend doing it directly from OVS for the following reason,

1. Acropolis service doesn't have any control on the config done directly on OVS so a host reboot will lose the config
2. When the vm gets shutdown and started the config is lost.
3. When the vm is moved to another host the config is lost.

The feature request logged is to support this as a acropolis feature as OVS supports it already.
Userlevel 1
Badge +7
I know all this ( a lot of testing )Thank you for making it clear.But still, until you'll release the support of this it's a valid work around for my customer,Instead off not working at all.We will use affinity rule for that VM or the agent vm feature.While AHV upgrades will be Handled carefully.Hope this RFE will be available ASAP.
Userlevel 3
Badge +13
Thanks EladRosen just wanted to clarify the limitations of the config if any one else refers to this post in the future.