On 01/20/2016 05:20 PM, Jason Wang wrote: > > > On 01/20/2016 03:44 PM, Wen Congyang wrote: >>>> >>>> ... >>>> -chardev socket,id=comparer0,host=ip_primary,port=X,server,nowait >>>> -chardev socket,id=comparer1,host=ip_primary,port=Y,server,nowait >>>> -chardev socket,id=mirrorer0,host=ip_primary,port=Z,server,nowait >>>> -netdev tap,id=hn0 >>>> -traffic-mirrorer netdev=hn0,id=t0,indev=comparer0,outdev=mirrorer0 >>>> -colo-comparer primary_traffic=comparer0,secondary_traffic=comparer1 >>>> ... >>>> >>>> packet comparer compares the packets from two chardev: comparer0 and >>>> comparer1. >>>> traffic-mirrorer mirror tx to secondary node through chardev mirrorer0, >>>> and mirror rx to packet comparer through chardev comparer0. >>>> >>>> In secondary node: >>>> >>>> ... >>>> -chardev socket,id=redirector0,host=ip_primary,port=Y >>>> -chardev socket,id=redirector1,host=ip_primary,port=Z >>>> -netdev tap,id=hn0 >>>> -traffic-redirector netdev=hn0,id,r0,indev=redirector0,outdev=redirector1 >>>> -colo-rewriter netdev=hn0,id=c0 >>>> ... >>>> >>>> traffic-redirector redirect the rx traffic from primary node through >>>> redirector0 and redirect the tx traffic to promary node through >>>> redirector1. >>>> colo-rewriter rewrite seq number as a normal netfilter. >> What are traffic-mirrorer and colo-comparer, traffic-redirector, >> colo-rewriter? >> A netfilter driver? > > traffic-mirrorer/redirector is a type of netfilter that just > mirror/redirect packets between netdev and chardev (just the mirror > client/sever and redirect client/sever in the above graph) > colo-rewriter is a type of netfilter that did ack/seq adjust (just the > TCP rewriter in the above graph) > colo-comparer is a thread object that did packet comparing (similar to > "compare" in the above graph but not a netfiler)
Thanks. I have another question: IIRC, both rx and tx packets walk through all netfilter objects in the same order. tx packet(sent to the guest): we want that redirector hanldes it first rx packet(sent from the guest): we want that colo-rewriter handles it first Change the order or use two traffic-redirectors? Thanks Wen Congyang > >> >> If not, how to get the packet from the netdev, and send back the packet to >> the netdev? >> >> Thanks >> Wen Congyang >> > > > > . >
