From owner-freebsd-net@FreeBSD.ORG Sat Jan 18 16:31:58 2014 Return-Path: Delivered-To: freebsd-net@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [8.8.178.115]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id 29FDEE7F for ; Sat, 18 Jan 2014 16:31:58 +0000 (UTC) Received: from mail-qa0-x22d.google.com (mail-qa0-x22d.google.com [IPv6:2607:f8b0:400d:c00::22d]) (using TLSv1 with cipher ECDHE-RSA-RC4-SHA (128/128 bits)) (No client certificate requested) by mx1.freebsd.org (Postfix) with ESMTPS id DC0921EFA for ; Sat, 18 Jan 2014 16:31:57 +0000 (UTC) Received: by mail-qa0-f45.google.com with SMTP id ii20so4255353qab.4 for ; Sat, 18 Jan 2014 08:31:56 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113; h=mime-version:sender:in-reply-to:references:date:message-id:subject :from:to:cc:content-type; bh=5iTi6s0pRzw+obQX2/oClbh4/6A6axhLVCCLPVCVDoc=; b=Vsc5TJKKCI57l+nl1/5zGQT2mfsIQ+o1jyoopSI1UUZFhRknb7VGmWS/nhiEwThmSU hENVkgRe6bDFXZ3FOjj5RYbcLE9sgf2uQrMqHWCX3QcV6mxS3J6jkwOmuWspEy9ZBFxb 3zubuJe/VFCv1y82VcPZwUPdi8+fuYihC4Jynq4Z2mgxs1mwW5I7sGer5jC3BpeL76X/ Gxs+C3h9jX8+oDMNd4L4/0b4eTi/tgfp5xNLhYu20npZQE9+fZCUToLV406QY0a8lJap Sp5Cs7UleqygHOUwzV9WEetrUuNYV2VKdMWkS3K/cGMDoGgQlkXYtVuIDVW3R121IoUv 3woQ== MIME-Version: 1.0 X-Received: by 10.140.108.74 with SMTP id i68mr12555613qgf.87.1390062716587; Sat, 18 Jan 2014 08:31:56 -0800 (PST) Sender: adrian.chadd@gmail.com Received: by 10.224.52.8 with HTTP; Sat, 18 Jan 2014 08:31:56 -0800 (PST) In-Reply-To: References: Date: Sat, 18 Jan 2014 08:31:56 -0800 X-Google-Sender-Auth: xMejva-fc5asLIjQPi0VeHVhLyw Message-ID: Subject: Re: Port mirroring on FreeBSD From: Adrian Chadd To: Luigi Rizzo Content-Type: text/plain; charset=ISO-8859-1 Cc: "freebsd-net@freebsd.org" , hiren panchasara X-BeenThere: freebsd-net@freebsd.org X-Mailman-Version: 2.1.17 Precedence: list List-Id: Networking and TCP/IP with FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sat, 18 Jan 2014 16:31:58 -0000 On 18 January 2014 08:29, Luigi Rizzo wrote: > On Fri, Jan 17, 2014 at 10:58 PM, hiren panchasara < > hiren.panchasara@gmail.com> wrote: > >> I have this weird requirement that I am juggling right now and I >> wanted to reach out to larger audience: >> >> In this box I have 2 dualport ixgbe 10G cards. On ingress, I want to >> get data off of 2 ports of first 10G card and lagg/lacp them into 1 >> stream of data. But for outgoing, I want to have 2 identical streams >> of data going out on 2 ports of the second 10G card. (not >> load-balancing but more of a mirroring). >> >> The reason for this is, I need to be able to provide same data to 2 >> different application hosts downstream for monitoring. Something like: >> >> http://www.juniper.net/techpubs/en_US/junos13.2/topics/concept/port-mirroring-ex-series.html >> >> I believe a regular switch might be perfect but for I could not find >> anything simple in FreeBSD to do that. >> >> Luigi: Can netmap/vale be helpful here? >> > > for this and other custom applications what I would > do is build a userspace application that puts the nics in > netmap mode and does the necessary juggling. > > Note that since the host is going to be the performance bottleneck, > you can probably do the same with just bpf without too much > impact on performance (and some advantage since you do not > need to handle the input traffic; at least, if i understand > your description the monitor does not need to see a > replica of the incoming traffic). > > Some time ago the answer to this type of questions used to be > "use netgraph". Maybe it is also a valid option but i do not > know if there are modules that suit your need. part of me wonders whether having a netgraph style system for gluing together netmap things but in userland would be useful. -a