Re: Trying to make a Host into a gigabit hub for testing

Mon, 06 Mar 2006 08:21:28 -0800 

From: Chris Dionissopoulos <[EMAIL PROTECTED]>
Reply-To: [EMAIL PROTECTED]
To: Shawn Saunders <[EMAIL PROTECTED]>
CC: freebsd-net@freebsd.org
Subject: Re: Trying to make a Host into a gigabit hub for testing
Date: Thu, 20 Oct 2005 03:27:41 +0300
MIME-Version: 1.0
Received: from mx2.freebsd.org ([216.136.204.119]) by mc7-f42.hotmail.com with Microsoft SMTPSVC(6.0.3790.211); Wed, 19 Oct 2005 17:29:08 -0700 Received: from hub.freebsd.org (hub.freebsd.org [216.136.204.18])by mx2.freebsd.org (Postfix) with ESMTP id 656895B21A;Thu, 20 Oct 2005 00:29:05 +0000 (GMT)(envelope-from [EMAIL PROTECTED]) Received: from hub.freebsd.org (localhost [127.0.0.1])by hub.freebsd.org (Postfix) with ESMTP id C0E6216A423;Thu, 20 Oct 2005 00:29:01 +0000 (GMT)(envelope-from [EMAIL PROTECTED]) Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125])by hub.freebsd.org (Postfix) with ESMTP id DD73616A41Ffor <freebsd-net@freebsd.org>; Thu, 20 Oct 2005 00:28:47 +0000 (GMT)(envelope-from [EMAIL PROTECTED]) Received: from smtp.freemail.gr (smtp.freemail.gr [213.239.180.35])by mx1.FreeBSD.org (Postfix) with ESMTP id 5364843D5Afor <freebsd-net@freebsd.org>; Thu, 20 Oct 2005 00:28:47 +0000 (GMT)(envelope-from [EMAIL PROTECTED]) Received: by smtp.freemail.gr (Postfix, from userid 101)id C34DCBC047; Thu, 20 Oct 2005 03:28:45 +0300 (EEST) Received: from [10.0.0.1] (vdp1003.ath03.dsl.hol.gr [62.38.168.4])bysmtp.freemail.gr (Postfix) with ESMTP id 18E14BC037;Thu, 20 Oct 2005 03:28:44 +0300 (EEST) 
X-Message-Info: JGTYoYF78jEHjJx36Oi8+Z3TmmkSEdPtfpLB7P/ybN8=
X-Original-To: freebsd-net@freebsd.org
Delivered-To: freebsd-net@freebsd.org
User-Agent: Mozilla Thunderbird 1.0.6 (Windows/20050716)
X-Accept-Language: en-us, en
References: <[EMAIL PROTECTED]>
X-BeenThere: freebsd-net@freebsd.org
X-Mailman-Version: 2.1.5
Precedence: list
List-Id: Networking and TCP/IP with FreeBSD <freebsd-net.freebsd.org>
List-Unsubscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-net>,<mailto:[EMAIL PROTECTED]> 
List-Archive: <http://lists.freebsd.org/pipermail/freebsd-net>
List-Post: <mailto:freebsd-net@freebsd.org>
List-Help: <mailto:[EMAIL PROTECTED]>
List-Subscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-net>,<mailto:[EMAIL PROTECTED]> 
Errors-To: [EMAIL PROTECTED]
Return-Path: [EMAIL PROTECTED]
X-OriginalArrivalTime: 20 Oct 2005 00:29:08.0388 (UTC) FILETIME=[48E05640:01C5D50D] 


SS>I am setting up a test environment with multiple IDS's.  ngctl looks 
like a solution but it is not broadcasting all packets to all interfaces as 
the documentation appears to state it should.  I've probably made some 
error in configuration.

SS>

SS>My goal is to put em0 into a spanned port in promiscuous mode and 
broadcast all traffic from that port out the other network interfaces.  I 
plan on having em0 (gigabit) and 6 other gigabit interfaces.  Each will 
then echo the same traffic to six other machines (IDS's) for testing.

SS>

SS>The proof of concept with a gigabit (EM0) and 4 10/100 ethernets (sfx).  
The 10/100's will be replaced for implementation.

SS>
SS>Any help would be appreciated.  My config follows:

Hi,
Why to use ng_fec and ng_one2many together?
how about something simplier, like:

                             +----------+ -->-sf0:lower--->wire
wire>--em:lower->| one2many | -->-sf1:lower--->wire
                            |                  | -->-sf2:lower--->wire
                            +----------+ -->sf3:lower--->wire

ngctl mkpeer em0: one2many lower one
ngctl name em0:lower o2m
ngctl connect sf0:  o2m lower many0
ngctl connect sf1: o2m lower many1
ngctl connect sf2: o2m lower many2
ngctl connect sf3: o2m lower many3
ngctl msg o2m setconfig "{ xmitAlg=2 failAlg=1 enabledLinks=[1 1 1 1 1] }"

ngctl msg sf0: setpromisc 1
ngctl msg sf0: setautosrc 0
ngctl msg sf1: setpromisc 1
ngctl msg sf1: setautosrc 0
ngctl msg sf2: setpromisc 1
ngctl msg sf2: setautosrc 0
ngctl msg sf3: setpromisc 1
ngctl msg sf3: setautosrc 0
ngctl msg em0: setpromisc 1
ngctl msg em0: setautosrc 0

This keeps kernel-stack isolated from traffic, I think
(and all interfaces involved layer2 unreachable from outsiders).

Just tell us if its working for you.

Chris.



Chris,


Your help was greatly appreciated.  I posted the STATS on our tests and hope 
that was informative.  It went very well.



Now we have a slightly different scenario, and ng_hub sounds like the 
perfect solution:



I need to have 2 different incoming ports data put together and out as a 
group to 4 other ports.
I need to have 3 differnet incoming ports data put together and then 
redirected out 2 other ports.



Basically will ng_hub allow me to have a setup whereby I can have data 
coming in via Port A, B, and C, and it goes out on only ports, D, E, F, and 
G?  Not ports A, B, or C?


Shawn


_______________________________________________
freebsd-net@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-net
To unsubscribe, send any mail to "[EMAIL PROTECTED]"














    











					Reply via email to