On 01/20/2016 06:03 PM, Jason Wang wrote: > > > On 01/20/2016 05:49 PM, Wen Congyang wrote: >> On 01/20/2016 05:20 PM, Jason Wang wrote: >>> >>> On 01/20/2016 03:44 PM, Wen Congyang wrote: >>>>>> ... >>>>>> -chardev socket,id=comparer0,host=ip_primary,port=X,server,nowait >>>>>> -chardev socket,id=comparer1,host=ip_primary,port=Y,server,nowait >>>>>> -chardev socket,id=mirrorer0,host=ip_primary,port=Z,server,nowait >>>>>> -netdev tap,id=hn0 >>>>>> -traffic-mirrorer netdev=hn0,id=t0,indev=comparer0,outdev=mirrorer0 >>>>>> -colo-comparer primary_traffic=comparer0,secondary_traffic=comparer1 >>>>>> ... >>>>>> >>>>>> packet comparer compares the packets from two chardev: comparer0 and >>>>>> comparer1. >>>>>> traffic-mirrorer mirror tx to secondary node through chardev mirrorer0, >>>>>> and mirror rx to packet comparer through chardev comparer0. >>>>>> >>>>>> In secondary node: >>>>>> >>>>>> ... >>>>>> -chardev socket,id=redirector0,host=ip_primary,port=Y >>>>>> -chardev socket,id=redirector1,host=ip_primary,port=Z >>>>>> -netdev tap,id=hn0 >>>>>> -traffic-redirector netdev=hn0,id,r0,indev=redirector0,outdev=redirector1 >>>>>> -colo-rewriter netdev=hn0,id=c0 >>>>>> ... >>>>>> >>>>>> traffic-redirector redirect the rx traffic from primary node through >>>>>> redirector0 and redirect the tx traffic to promary node through >>>>>> redirector1. >>>>>> colo-rewriter rewrite seq number as a normal netfilter. >>>> What are traffic-mirrorer and colo-comparer, traffic-redirector, >>>> colo-rewriter? >>>> A netfilter driver? >>> traffic-mirrorer/redirector is a type of netfilter that just >>> mirror/redirect packets between netdev and chardev (just the mirror >>> client/sever and redirect client/sever in the above graph) >>> colo-rewriter is a type of netfilter that did ack/seq adjust (just the >>> TCP rewriter in the above graph) >>> colo-comparer is a thread object that did packet comparing (similar to >>> "compare" in the above graph but not a netfiler) >> Thanks. I have another question: >> IIRC, both rx and tx packets walk through all netfilter objects in the same >> order. >> >> tx packet(sent to the guest): we want that redirector hanldes it first >> rx packet(sent from the guest): we want that colo-rewriter handles it first >> Change the order or use two traffic-redirectors? >> >> Thanks >> Wen Congyang > > Interesting question. > > Two redirectors sounds ok or maybe we can go through rx filters in a > reverse order?
netdev <---> filter1 <----> filter2 <----> .... <----> emulated device <----> guest So I think we can go through rx filters in a reverse order. But it changes the behavior. So I am not sure if we can do it. Thanks Wen Congyang > > > . >
