Hi. I have some issue with using n2disk in the network namespace environment. Here is a config I have:
#!/bin/bash # add the namespaces ip netns add GEN ip netns add NET ip netns add REC # create the veth pair ip link add veth1 type veth peer name veth2 ip link add veth3 type veth peer name veth4 # move the interfaces to the namespaces ip link set veth1 netns GEN ip link set veth2 netns NET ip link set veth3 netns NET ip link set veth4 netns REC # bring up the links ip netns exec GEN ip link set dev veth1 up ip netns exec NET ip link set dev veth2 up ip netns exec NET ip link set dev veth3 up ip netns exec REC ip link set dev veth4 up # now assign the ip addresses ip netns exec GEN ip addr add 20.0.0.1/24 dev veth1 ip netns exec REC ip addr add 20.0.0.2/24 dev veth4 # create the bridge ip netns exec NET brctl addbr br-test ip netns exec NET brctl stp br-test off ip netns exec NET ip link set dev br-test up # add int to bridge ip netns exec NET brctl addif br-test veth2 ip netns exec NET brctl addif br-test veth3 # simulate delay ip netns exec NET tc qdisc add dev veth2 root netem delay 1000ms ping works fine and I see expected delay root@parallels-Parallels-Virtual-Platform:~# ip netns exec GEN ping -c 5 20.0.0.2 PING 20.0.0.2 (20.0.0.2) 56(84) bytes of data. 64 bytes from 20.0.0.2: icmp_req=1 ttl=64 time=1000 ms 64 bytes from 20.0.0.2: icmp_req=2 ttl=64 time=1000 ms 64 bytes from 20.0.0.2: icmp_req=3 ttl=64 time=1000 ms 64 bytes from 20.0.0.2: icmp_req=4 ttl=64 time=1000 ms 64 bytes from 20.0.0.2: icmp_req=5 ttl=64 time=1000 ms --- 20.0.0.2 ping statistics --- 5 packets transmitted, 5 received, 0% packet loss, time 4000ms rtt min/avg/max/mdev = 1000.048/1000.056/1000.067/1.095 ms tshark (sniffer) also shows delay root@parallels-Parallels-Virtual-Platform:~# ip netns exec GEN tshark -i veth1tshark: Lua: Error during loading: [string "/usr/share/wireshark/init.lua"]:45: dofile has been disabled Running as user "root" and group "root". This could be dangerous. Capturing on veth1 0.000000 20.0.0.1 -> 20.0.0.2 ICMP 98 Echo (ping) request id=0x0c10, seq=1/256, ttl=64 1.000092 20.0.0.2 -> 20.0.0.1 ICMP 98 Echo (ping) reply id=0x0c10, seq=1/256, ttl=64 1.000242 20.0.0.1 -> 20.0.0.2 ICMP 98 Echo (ping) request id=0x0c10, seq=2/512, ttl=64 2.000299 20.0.0.2 -> 20.0.0.1 ICMP 98 Echo (ping) reply id=0x0c10, seq=2/512, ttl=64 2.000375 20.0.0.1 -> 20.0.0.2 ICMP 98 Echo (ping) request id=0x0c10, seq=3/768, ttl=64 3.000436 20.0.0.2 -> 20.0.0.1 ICMP 98 Echo (ping) reply id=0x0c10, seq=3/768, ttl=64 3.000538 20.0.0.1 -> 20.0.0.2 ICMP 98 Echo (ping) request id=0x0c10, seq=4/1024, ttl=64 4.000586 20.0.0.2 -> 20.0.0.1 ICMP 98 Echo (ping) reply id=0x0c10, seq=4/1024, ttl=64 4.000685 20.0.0.1 -> 20.0.0.2 ICMP 98 Echo (ping) request id=0x0c10, seq=5/1280, ttl=64 5.000727 20.0.0.2 -> 20.0.0.1 ICMP 98 Echo (ping) reply id=0x0c10, seq=5/1280, ttl=64 But if I dump packets to disk using n2disk (ip netns exec GEN n2disk -i veth1 -o /tmp) I see packets only in one direction - ICMP replies. Is there any caveats with using n2disk (pf_ring) in virtualized environment? Thanks. Mikhail _______________________________________________ Ntop-misc mailing list [email protected] http://listgateway.unipi.it/mailman/listinfo/ntop-misc
