Date: Sat, 18 Jan 2014 08:31:56 -0800 From: Adrian Chadd <adrian@freebsd.org> To: Luigi Rizzo <rizzo@iet.unipi.it> Cc: "freebsd-net@freebsd.org" <freebsd-net@freebsd.org>, hiren panchasara <hiren.panchasara@gmail.com> Subject: Re: Port mirroring on FreeBSD Message-ID: <CAJ-Vmokx8iR7k-%2Ba7xY%2B8P397J5N5WZ3tH4U2cnY8cKdBVT=iw@mail.gmail.com> In-Reply-To: <CA%2BhQ2%2BjCwQJB%2BP=dSKm%2BaB0SLW9=%2BPvZ7mcm8L561YZaPdmdJg@mail.gmail.com> References: <CALCpEUF8xeq4asVB5U4sAm3VfaprnGEuphH4N3QmtazFV%2BZWeA@mail.gmail.com> <CA%2BhQ2%2BjCwQJB%2BP=dSKm%2BaB0SLW9=%2BPvZ7mcm8L561YZaPdmdJg@mail.gmail.com>
next in thread | previous in thread | raw e-mail | index | archive | help
On 18 January 2014 08:29, Luigi Rizzo <rizzo@iet.unipi.it> wrote: > On Fri, Jan 17, 2014 at 10:58 PM, hiren panchasara < > hiren.panchasara@gmail.com> wrote: > >> I have this weird requirement that I am juggling right now and I >> wanted to reach out to larger audience: >> >> In this box I have 2 dualport ixgbe 10G cards. On ingress, I want to >> get data off of 2 ports of first 10G card and lagg/lacp them into 1 >> stream of data. But for outgoing, I want to have 2 identical streams >> of data going out on 2 ports of the second 10G card. (not >> load-balancing but more of a mirroring). >> >> The reason for this is, I need to be able to provide same data to 2 >> different application hosts downstream for monitoring. Something like: >> >> http://www.juniper.net/techpubs/en_US/junos13.2/topics/concept/port-mirroring-ex-series.html >> >> I believe a regular switch might be perfect but for I could not find >> anything simple in FreeBSD to do that. >> >> Luigi: Can netmap/vale be helpful here? >> > > for this and other custom applications what I would > do is build a userspace application that puts the nics in > netmap mode and does the necessary juggling. > > Note that since the host is going to be the performance bottleneck, > you can probably do the same with just bpf without too much > impact on performance (and some advantage since you do not > need to handle the input traffic; at least, if i understand > your description the monitor does not need to see a > replica of the incoming traffic). > > Some time ago the answer to this type of questions used to be > "use netgraph". Maybe it is also a valid option but i do not > know if there are modules that suit your need. part of me wonders whether having a netgraph style system for gluing together netmap things but in userland would be useful. -a
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?CAJ-Vmokx8iR7k-%2Ba7xY%2B8P397J5N5WZ3tH4U2cnY8cKdBVT=iw>