On Mon, Nov 11, 2013 at 02:31:13PM -0800, terryxing wrote: > I have a question about the port mirror. > > I use the command line as below: I just want to implement the port mirror > algorithm like this, on the same bridge, mirror ovs port 1 traffic to ovs > port 10, and mirror ovs port 2 traffic to ovs port 11 .... and mirror ovs > port x traffic to ovs port y. *But NOT* forwarding all ovs port to a SPAN > port, which involves multiple ports but only within one policy. > > ovs-vsctl -- --id=@p get port tap519eb2f0-13 -- --id=@client1 get Port > tapbe8770a1-6b -- set bridge br-int mirrors=@m -- --id=@m create mirror > name=br-int select-dst-port=@client1 select-src-port=@client1 output-port=@p > > I mirror all traffic arrived or originated from the client 1 port, for > example, the ovs port for VM1, and output port is the ovs port of a monitor > device VM for VM1. > > What if I want to add additional port mirror on the same bridge ? Can I use > the same CLI but different tap IP ? and I will use another port other than > output port I previously used, will that work ?
You should be able to add another one with a very similar command, by changing "set bridge br-int mirrors=@m" to say "add bridge br-int mirrors @m". You can change all the other parameters to suit yourself; they can be the same or different. > If, the above multi-port mirror policy works on the same bridge, *how can > my OVS can find the output port existing on the different OVS* ? these > bridges on multiple OVS are tunneled by connecting to a bridge call br-tun > which has gre port on the tunnel. Your other OVS will have to figure out where to send it somehow. You could use a separate tunnel or a different key within a tunnel to designate the output port. _______________________________________________ discuss mailing list discuss@openvswitch.org http://openvswitch.org/mailman/listinfo/discuss
