> To clarify, > > In the real world, this would be two physical machines with different > NICs plugged into different ports on a managed switch, with said > switch set to mirror traffic onto the second machine (see the > WireShark website for hints on how to do so for various brands of real > switches) . > > So what is needed is to do the same with a virtual switch, such as the > Linux kernel "bridge" device or some version of the "VDE" user mode > virtual switch device. >
On the host = hypervisor instance, set up a soft-bridge and prevent it from learning. Thus, it becomes a "hub" in the sense that it replicates all traffic to all ports (except for a loopback to the same port). On the host = hypervisor, the guests' inner virtual LAN interfaces end up as TAP devices (or at least it's one of your configurable options). You then need to bridge those TAP devices together. And, you can probably tcpdump or tshark on the virtual device br0 or whatever it gets called. # Create the bridge and add its two interfaces brctl addbr br0 # This script was originally used with physical Eth interfaces. # The following is possibly done by QEMU automatically, # if you tell it the bridge interface to use: brctl addif br0 tap0 brctl addif br0 tap1 # Qemu equivalent: # qemu_system_* ... -netdev tap,id=tap0,br=br0 # qemu_system_* ... -netdev tap,id=tap1,br=br0 # or (br0 = default) # qemu_system_* ... -netdev bridge,id=tap0[,br=br0] # qemu_system_* ... -netdev bridge,id=tap1[,br=br0] # Turn off STP brctl stp br0 off # Turn off address learning - make the bridge act almost like a hub # (make it broadcast everything on all ports) brctl setageing br0 0 # set shortest possible hello time and forwarding delay. # Those are STP parameters, but curiously they get applied # even if STP is off. brctl setfd br0 0 brctl sethello br0 1 # Bring it all up # the tap interfaces do not need an explicit "ifconfig up" #ifconfig eth0 up #ifconfig eth1 up ifconfig br0 192.168.10.122/24 up echo 0 > /sys/devices/virtual/net/br0/bridge/multicast_snooping Note that ifconfig and brctl have been considered old and deprecated for ages. But, both are still available :-) You can certainly do the same using the "ip" tool, to steer the "ip addr" and "ip link" side of things, as well as the bridge . There are probably other ways to interconnect two VM's by a direct interconnect. To be honest, I'd love to hear other people's suggestions - specifically, on my part, with a focus on the lowest possible latency. Frank
