From owner-freebsd-net@FreeBSD.ORG Sat Jan 18 16:29:46 2014 Return-Path: Delivered-To: freebsd-net@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id D97B0DCE for ; Sat, 18 Jan 2014 16:29:46 +0000 (UTC) Received: from mail-la0-x236.google.com (mail-la0-x236.google.com [IPv6:2a00:1450:4010:c03::236]) (using TLSv1 with cipher ECDHE-RSA-RC4-SHA (128/128 bits)) (No client certificate requested) by mx1.freebsd.org (Postfix) with ESMTPS id 4DAB01E8D for ; Sat, 18 Jan 2014 16:29:46 +0000 (UTC) Received: by mail-la0-f54.google.com with SMTP id y1so4485890lam.13 for ; Sat, 18 Jan 2014 08:29:43 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113; h=mime-version:sender:in-reply-to:references:date:message-id:subject :from:to:cc:content-type; bh=kA3qW6CcUwHOcI16akxjtuDWq3zbJF0v0zqGIpvjqCk=; b=YI02LrohbAvanMmCB2YAHHlCQe9iX2Jta0lvZm4VgMfgjghFQaECcYHTH4nM7Ng9KN zJD08x0e1QS7ZQkH/VOxfIJ0Tko+s+cd1rjIdKEW6f7vOYVoCAORnQr09AyuSeE/Wd9z w8H8QYuKxRk+ZZQfydcKHgfAXtyy5hmhsAL60DNm+4/1nO7NUQp3KUUGxlCGVQe6HEx3 z2q8MNo+ydEuPqc4KJaNur+Ccssuj+nOntu5zwPOzYxRQCALjYyZxAWQAUc+rQDIieYv f+WBlXrw4roMH4trxYnVPKnLvcS+FxqclT0qxu08jZFYXxoLX7aL8U8cSyrpQr1UqGc7 vRdA== MIME-Version: 1.0 X-Received: by 10.112.171.41 with SMTP id ar9mr41260lbc.74.1390062583441; Sat, 18 Jan 2014 08:29:43 -0800 (PST) Sender: rizzo.unipi@gmail.com Received: by 10.114.175.180 with HTTP; Sat, 18 Jan 2014 08:29:43 -0800 (PST) In-Reply-To: References: Date: Sat, 18 Jan 2014 08:29:43 -0800 X-Google-Sender-Auth: LAtJ1ZQoIBIPg_7Ov1SWZCt8eug Message-ID: Subject: Re: Port mirroring on FreeBSD From: Luigi Rizzo To: hiren panchasara Content-Type: text/plain; charset=ISO-8859-1 X-Content-Filtered-By: Mailman/MimeDel 2.1.17 Cc: "freebsd-net@freebsd.org" X-BeenThere: freebsd-net@freebsd.org X-Mailman-Version: 2.1.17 Precedence: list List-Id: Networking and TCP/IP with FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sat, 18 Jan 2014 16:29:47 -0000 On Fri, Jan 17, 2014 at 10:58 PM, hiren panchasara < hiren.panchasara@gmail.com> wrote: > I have this weird requirement that I am juggling right now and I > wanted to reach out to larger audience: > > In this box I have 2 dualport ixgbe 10G cards. On ingress, I want to > get data off of 2 ports of first 10G card and lagg/lacp them into 1 > stream of data. But for outgoing, I want to have 2 identical streams > of data going out on 2 ports of the second 10G card. (not > load-balancing but more of a mirroring). > > The reason for this is, I need to be able to provide same data to 2 > different application hosts downstream for monitoring. Something like: > > http://www.juniper.net/techpubs/en_US/junos13.2/topics/concept/port-mirroring-ex-series.html > > I believe a regular switch might be perfect but for I could not find > anything simple in FreeBSD to do that. > > Luigi: Can netmap/vale be helpful here? > for this and other custom applications what I would do is build a userspace application that puts the nics in netmap mode and does the necessary juggling. Note that since the host is going to be the performance bottleneck, you can probably do the same with just bpf without too much impact on performance (and some advantage since you do not need to handle the input traffic; at least, if i understand your description the monitor does not need to see a replica of the incoming traffic). Some time ago the answer to this type of questions used to be "use netgraph". Maybe it is also a valid option but i do not know if there are modules that suit your need. cheers luigi