Hi Ondrej, On 2/22/24 2:08 PM, Ondrej Zajicek wrote:
Is is possible to use this approach when a packet is forwarded between NICs (or at least between multiple ports on one NIC)?
It depends on the hardware, in case of ConnectX, then no. Each port is a isolated NIC, they just happen to be in the same chip. AFAIK they don't have a link between them, at least the firmware doesn't support it. In the case of Spectrum it is possible: https://github.com/Mellanox/mlxsw/wiki/ACLs#mirroring-packets https://github.com/Mellanox/mlxsw/wiki/Port-Mirroring I don't have the full overview of which hardware has which capabilities, as it requires understanding all of the individual kernel drivers. $ git grep FLOW_DISSECTOR_KEY_ -- Best regards Asbjørn Sloth Tønnesen
