OK, I am running current now. If I run:
tcpdump -ni vale0:2 -w /tmp/2 & tcpdump -ni vale0:1 -w /tmp/1 & pkt-gen -i vale0:0 -f tx I get half of all generated traffic on /tmp/2 and the other half of /tmp/1. I guess this is the expected behavior, different from what I expected. Is that the expected behavior? Is there a way to create a VALE port that will mirror the traffic? Or is there a way to run the pcap enabled application (tcpdump in this case) in netmap mode (pcap netmap) without removing the packets from the ring? Say, I want to be table to run: pkt-gen -i vale0:0 -f tx pkt-gen -i vale0:1 -f rx tcpdump -ni vale0:2 -w /tmp/1 and have a copy of all traffic on /tmp/1. In the above tests, if I run: pkt-gen -i vale0:0 -f tx pkt-gen -i vale0:1 -f rx tcpdump -ni vale0:1 -w /tmp/1 tcpdump will remove as many packets as it can from the ring, and rx rates will drop to 0 or close to it (the ramaining rate is what tcpdump can not process) thank you On Fri, Nov 27, 2015 at 3:50 PM, Eduardo Meyer <dudu.me...@gmail.com> wrote: > Hello, > > I am trying to achieve a netmap based bridge which will allow me to > capture packets from it, say, I want to bridge ix0 + ix1 and be able to > tcpdump it (in fact I want to run other applications which are netmap > aware). > > Should it work on -STABLE? Because as far as I remember I could make it > work in the past, and some other people[1] had some success doing it too > (at least the vale + wire bridge part) > > What I get is an error while opening ix0 connected to vale: > > # ./vale-ctl > 257.967371 bdg_ctl [148] bridge:0 port:0 vale0:fnm0 > 257.967399 bdg_ctl [148] bridge:0 port:1 vale0:ids0 > 257.967407 bdg_ctl [148] bridge:0 port:2 vale0:ix0 > 257.967414 bdg_ctl [148] bridge:1 port:0 vale1:fnm1 > 257.967419 bdg_ctl [148] bridge:1 port:1 vale1:ids1 > 257.967428 bdg_ctl [148] bridge:1 port:2 vale1:ix1 > > # ./bridge -i netmap:ix0 -i netmap:ix1 > ./bridge built Nov 26 2015 19:18:34 > 268.504787 nm_open [839] NIOCREGIF failed: Device busy ix0 > 268.504800 main [233] cannot open netmap:ix0 > Exit 1 > > How can I achieve it? Is it ok to expect to have another netmap capable > software (say like suricata) to use this other vale connected port? Or will > both software (bridge and suricata) concurrently copy and remove packets > from netmap rings and therefore mess up the whole thing? > > [1] > https://lists.openinfosecfoundation.org/pipermail/oisf-users/2015-October/005310.html > > > -- > =========== > Eduardo Meyer > pessoal: dudu.me...@gmail.com > profissional: ddm.farmac...@saude.gov.br > -- =========== Eduardo Meyer pessoal: dudu.me...@gmail.com profissional: ddm.farmac...@saude.gov.br _______________________________________________ freebsd-net@freebsd.org mailing list https://lists.freebsd.org/mailman/listinfo/freebsd-net To unsubscribe, send any mail to "freebsd-net-unsubscr...@freebsd.org"
