Port Mirroring

Getting Started with Napatech Link-Virtualization™ Software

Platform
Napatech SmartNIC
Content Type
Getting Started Guide
Capture Software Version
Link-Virtualization™ Software 4.4

You can create an OVS-based virtual network from a specified port or from an entire bridge, to a target mirror port.

About this task

You can set up mirroring to mirror all or partial traffic.

Ensure your environment is configured as follows:

  • You have set up two physical hosts (host1 and host2). Each host:
    • Is running the Napatech version of Open vSwitch.
    • Has a Napatech SmartNIC.
    • Runs one VM installed with QEMU or KVM.

In the figure, the first image mirrors traffic that is sent to a specific port (select-dst-port), the second image mirrors traffic received on a specific port (select-src-port), and the third image captures all traffic on the mirror bridge (select-all).

VM1 captures traffic that is sent to a specific port (select-dst-port), VM2 captures traffic received on a specific port (select-src-port), VM3 image captures all traffic on the mirror bridge (select-all).

Follow these steps to configure the host:

Procedure

  1. Make sure that your VM is not started.
  2. If you have already created a bridge, delete any existing bridges:
    ovs-vsctl del-br <bridge>
    where bridge is the name of the bridge.
  3. Create an OVS bridge:
    ovs-vsctl add-br br0 -- set bridge br0 datapath_type=netdev
  4. Add two physical ports, dpdk0 and dpdk1, to the bridge:
    ovs-vsctl add-port br0 dpdk0 \
        -- set interface dpdk0 type=dpdk \
        options:dpdk-devargs=class=eth,mac=22:22:22:22:22:22
    ovs-vsctl add-port br0 dpdk1 \
        -- set interface dpdk1 type=dpdk \
        options:dpdk-devargs=class=eth,mac=11:11:11:11:11:11

    where mac=22:22:22:22:22:22 is the MAC address of the second physical port and mac=11:11:11:11:11:11 is the MAC address of the first physical port.

    Use:
    ntlog | grep mac
    on the physical port to discover the MAC address of the target port.
  5. Add the dpdkvp0 port as the virtual port:
    ovs-vsctl add-port br0 dpdkvp0 -- set int dpdkvp0 type=dpdk \ 
      options:"dpdk-devargs=0000:XX:XX.5,representor=[5]"
    where:

    XX:XX is the PCI bus ID, found with the command lspci | grep Napatech.

  6. Delete any existing mirrors on the bridge:
    ovs-vsctl clear Bridge br0 mirrors
  7. Create a port mirror:
    ovs-vsctl set Bridge br0 mirrors=@m \
        --id=@p0 get Port dpdk0 \
        --id=@p1 get Port dpdk1 \
        --id=@m create Mirror name=mymirror select-src-port=@p0 \
            output-port=@p1
    where:
    • ovs-vsctl set Bridge br0 mirrors=@m
      installs the @m mirror on the br0 bridge
    • --id=@p0 get Port dpdk0
      assigns the dpdk0 port to the @p0 variable
    • --id=@p1 get Port dpdk1
      assigns the dpdk1 port to the @p1 variable
    • --id=@m create Mirror name=mymirror select-src-port=@p0 \
          output-port=@p1
      defines the rules of the @m mirror to select traffic that comes from @p0 and to mirror it to port @p1.
    Change the select variable depending on the type of mirroring you require:
    • select-src-port: mirrors traffic that is coming from a specific port
    • select-dst-port: mirrors traffic that is going to a specific port
    • select-all=true: captures all traffic on the mirror bridge
  8. Booting the VM.