Hi.
Currently I am conducting research for my master thesis on fast
monitoring of inter-vm communication. Among some other solutions I
looked into, Open vSwitch in combination with KVM was my choice.
My setup consists of two virtual machines, each using a tap interface
with virtio. Both interfaces (tap105, tap106) are assigned to an ovs
bridge. They don't have any connectivity to other networks:
________ ________
| | | |
| tap105 | | tap106 |
|________|-. .-|________|
| |
___|____|___ ________
| |--| |
| ovs br0 | | tap999 |
|____________| |________|
My current approach is a configuration of a mirror port (tap999) on my
bridge and capturing via PF_RING [1]. I also tried to grab packets
directly of the br0 interface but tcpdump didn't see any.
Can this be done with the brcompat module? As far as I understood the
purpose of brcompat is only to provide compatibility with the standard
command line tools like brctl.
Did I get this right or might brcompat help me with capturing traffic?
Is there any other way how capturing can be done directly on br0?
What would you say is the most efficient way of packet capturing in the
host system?
The second question I am currently working on is how many copies of each
packet are created. Or in other words: How often does ovs copy the data
while forwarding a packet from one vm to another?
Is the data copied into the mirror port or handed over somehow else?
(pointer? mmap?)
Thank you for your help.
Regards,
Daniel
[1] http://www.ntop.org/PF_RING.html
_______________________________________________
discuss mailing list
discuss@openvswitch.org
http://openvswitch.org/mailman/listinfo/discuss_openvswitch.org
