Date: Mon, 06 Mar 2006 08:20:22 -0800 From: "Shawn Saunders" <saundersconsult@hotmail.com> To: dionch@freemail.gr Cc: freebsd-net@freebsd.org Subject: Re: Trying to make a Host into a gigabit hub for testing Message-ID: <BAY115-F28E51B366A84A480DF4600BAE90@phx.gbl> In-Reply-To: <4356E47D.605@freemail.gr>
index | next in thread | previous in thread | raw e-mail
>From: Chris Dionissopoulos <dionch@freemail.gr> >Reply-To: dionch@freemail.gr >To: Shawn Saunders <saundersconsult@hotmail.com> >CC: freebsd-net@freebsd.org >Subject: Re: Trying to make a Host into a gigabit hub for testing >Date: Thu, 20 Oct 2005 03:27:41 +0300 >MIME-Version: 1.0 >Received: from mx2.freebsd.org ([216.136.204.119]) by mc7-f42.hotmail.com >with Microsoft SMTPSVC(6.0.3790.211); Wed, 19 Oct 2005 17:29:08 -0700 >Received: from hub.freebsd.org (hub.freebsd.org [216.136.204.18])by >mx2.freebsd.org (Postfix) with ESMTP id 656895B21A;Thu, 20 Oct 2005 >00:29:05 +0000 (GMT)(envelope-from owner-freebsd-net@freebsd.org) >Received: from hub.freebsd.org (localhost [127.0.0.1])by hub.freebsd.org >(Postfix) with ESMTP id C0E6216A423;Thu, 20 Oct 2005 00:29:01 +0000 >(GMT)(envelope-from owner-freebsd-net@freebsd.org) >Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125])by >hub.freebsd.org (Postfix) with ESMTP id DD73616A41Ffor ><freebsd-net@freebsd.org>; Thu, 20 Oct 2005 00:28:47 +0000 >(GMT)(envelope-from dionch@freemail.gr) >Received: from smtp.freemail.gr (smtp.freemail.gr [213.239.180.35])by >mx1.FreeBSD.org (Postfix) with ESMTP id 5364843D5Afor ><freebsd-net@freebsd.org>; Thu, 20 Oct 2005 00:28:47 +0000 >(GMT)(envelope-from dionch@freemail.gr) >Received: by smtp.freemail.gr (Postfix, from userid 101)id C34DCBC047; Thu, >20 Oct 2005 03:28:45 +0300 (EEST) >Received: from [10.0.0.1] (vdp1003.ath03.dsl.hol.gr >[62.38.168.4])bysmtp.freemail.gr (Postfix) with ESMTP id 18E14BC037;Thu, 20 >Oct 2005 03:28:44 +0300 (EEST) >X-Message-Info: JGTYoYF78jEHjJx36Oi8+Z3TmmkSEdPtfpLB7P/ybN8= >X-Original-To: freebsd-net@freebsd.org >Delivered-To: freebsd-net@freebsd.org >User-Agent: Mozilla Thunderbird 1.0.6 (Windows/20050716) >X-Accept-Language: en-us, en >References: <BAY101-F311E5D4CB110662746F404BA700@phx.gbl> >X-BeenThere: freebsd-net@freebsd.org >X-Mailman-Version: 2.1.5 >Precedence: list >List-Id: Networking and TCP/IP with FreeBSD <freebsd-net.freebsd.org> >List-Unsubscribe: ><http://lists.freebsd.org/mailman/listinfo/freebsd-net>,<mailto:freebsd-net-request@freebsd.org?subject=unsubscribe>; >List-Archive: <http://lists.freebsd.org/pipermail/freebsd-net>; >List-Post: <mailto:freebsd-net@freebsd.org> >List-Help: <mailto:freebsd-net-request@freebsd.org?subject=help> >List-Subscribe: ><http://lists.freebsd.org/mailman/listinfo/freebsd-net>,<mailto:freebsd-net-request@freebsd.org?subject=subscribe>; >Errors-To: owner-freebsd-net@freebsd.org >Return-Path: owner-freebsd-net@freebsd.org >X-OriginalArrivalTime: 20 Oct 2005 00:29:08.0388 (UTC) >FILETIME=[48E05640:01C5D50D] > >SS>I am setting up a test environment with multiple IDS's. ngctl looks >like a solution but it is not broadcasting all packets to all interfaces as >the documentation appears to state it should. I've probably made some >error in configuration. >SS> >SS>My goal is to put em0 into a spanned port in promiscuous mode and >broadcast all traffic from that port out the other network interfaces. I >plan on having em0 (gigabit) and 6 other gigabit interfaces. Each will >then echo the same traffic to six other machines (IDS's) for testing. >SS> >SS>The proof of concept with a gigabit (EM0) and 4 10/100 ethernets (sfx). >The 10/100's will be replaced for implementation. >SS> >SS>Any help would be appreciated. My config follows: > >Hi, >Why to use ng_fec and ng_one2many together? >how about something simplier, like: > > +----------+ -->-sf0:lower--->wire >wire>--em:lower->| one2many | -->-sf1:lower--->wire > | | -->-sf2:lower--->wire > +----------+ -->sf3:lower--->wire > >ngctl mkpeer em0: one2many lower one >ngctl name em0:lower o2m >ngctl connect sf0: o2m lower many0 >ngctl connect sf1: o2m lower many1 >ngctl connect sf2: o2m lower many2 >ngctl connect sf3: o2m lower many3 >ngctl msg o2m setconfig "{ xmitAlg=2 failAlg=1 enabledLinks=[1 1 1 1 1] }" > >ngctl msg sf0: setpromisc 1 >ngctl msg sf0: setautosrc 0 >ngctl msg sf1: setpromisc 1 >ngctl msg sf1: setautosrc 0 >ngctl msg sf2: setpromisc 1 >ngctl msg sf2: setautosrc 0 >ngctl msg sf3: setpromisc 1 >ngctl msg sf3: setautosrc 0 >ngctl msg em0: setpromisc 1 >ngctl msg em0: setautosrc 0 > >This keeps kernel-stack isolated from traffic, I think >(and all interfaces involved layer2 unreachable from outsiders). > >Just tell us if its working for you. > >Chris. > Chris, Your help was greatly appreciated. I posted the STATS on our tests and hope that was informative. It went very well. Now we have a slightly different scenario, and ng_hub sounds like the perfect solution: I need to have 2 different incoming ports data put together and out as a group to 4 other ports. I need to have 3 differnet incoming ports data put together and then redirected out 2 other ports. Basically will ng_hub allow me to have a setup whereby I can have data coming in via Port A, B, and C, and it goes out on only ports, D, E, F, and G? Not ports A, B, or C? Shawnhome | help
Want to link to this message? Use this
URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?BAY115-F28E51B366A84A480DF4600BAE90>