Hi John, Thanks for the summary. I’ve been using 1710 when I wrote the e-mail, but I’ve tried 1801 and I could configure span on a veth interface (that’s my setup for now), but I didn’t see any traffic on the destination port (I tried loopback bvi and an L2 and L3 physical interface as destinations) - nothing in show trace and the interface counters didn’t go up. How do I verify that the traffic is mirrored onto the destination port? Is there some constraint on what the destination port can be?
Thanks, Juraj From: John Lo (loj) [mailto:l...@cisco.com] Sent: Thursday, January 18, 2018 3:20 AM To: Damjan Marion (damarion) <damar...@cisco.com>; Juraj Linkeš <juraj.lin...@pantheon.tech> Cc: vpp-dev@lists.fd.io Subject: RE: [vpp-dev] Port mirroring support in vpp For VPP 18.01 and master, SPAN has been enhanced to allow port mirroring for interface in L2 mode such as ones in bridge domains. There is a “L2” argument added to the SPAN CLI/API which allow any interface, including vHost, to have packet replicated on its L2 input and/or output paths and be sent to the specified destination interface. The CLI syntax for SPAN is now: DBGvpp# set int span ? set interface span … set interface span <if-name> [l2] {disable | destination <if-name> [both|rx|tx]} If you specify the “l2” keyword, packet replication will be performed on L2 input and/or output packets on the specified interface. It should work for any interface in any bridge domain except BVI. For the BVI, SPAN can only replicate L2 input (and not output) packets. Regards, John From: vpp-dev-boun...@lists.fd.io<mailto:vpp-dev-boun...@lists.fd.io> [mailto:vpp-dev-boun...@lists.fd.io] On Behalf Of Damjan Marion (damarion) Sent: Wednesday, January 17, 2018 8:17 PM To: Juraj Linkeš <juraj.lin...@pantheon.tech<mailto:juraj.lin...@pantheon.tech>> Cc: vpp-dev@lists.fd.io<mailto:vpp-dev@lists.fd.io> Subject: Re: [vpp-dev] Port mirroring support in vpp Have you tried with SPAN? On 17 Jan 2018, at 10:07, Juraj Linkeš <juraj.lin...@pantheon.tech<mailto:juraj.lin...@pantheon.tech>> wrote: Hi VPP devs, I’m trying to figure out whether it’s possible to set up port mirroring on a vhost-user port in VPP. The case I’m trying to make work is simple: I have traffic between two vms (using vhost-user ports) and I want to listen to that traffic, replicate it and send it somewhere else (to an interface, but preferably an ip). I’ve looked into what’s available in VPP and there is some support for SPAN, but doesn’t seem to work with vhost-user interfaces (I wasn’t able to configure it). In fact, it only seems to be configurable on physical interfaces. Is this accurate? Then there are clis for lawful intercept (set li), but the configuration doesn’t seem to do anything. Is this supported? Is there some other way to achieve port mirroring on vhost-user interfaces in case the two above are not supported? It can be any unwieldy/hacky way (maybe setting something up with multicast?). Thanks, Juraj _______________________________________________ vpp-dev mailing list vpp-dev@lists.fd.io<mailto:vpp-dev@lists.fd.io> https://lists.fd.io/mailman/listinfo/vpp-dev
_______________________________________________ vpp-dev mailing list vpp-dev@lists.fd.io https://lists.fd.io/mailman/listinfo/vpp-dev
