Solve : Mirror Rules with KVM and Open VSwitch? – InterviewSolution

InterviewSolution

1.	Solve : Mirror Rules with KVM and Open VSwitch?
Answer» Hello all, I have an UBUNTU 14.04.5 LTS X32 server that is running KVM/virtmanager with 2 VMs. I need all traffic on the box to be mirrored to an interface on one of my VMs. I installed Openvswitch and created bridge ovsbr0 with it. I setup eth0 to use ovsbr0. I went into virt-manager and changed the nic to "specify shared device name" and the bridge was set to "ovsbr0". On VM start, I observe port vnet0, vnet1, and vnet2 created and attach to the bridge. (output below) [emailprotected]:~$ sudo ovs-vsctl show xxx-xxx-xxx-xxx Bridge "ovsbr0" Port "vnet1" Interface "vnet1" Port "vnet2" Interface "vnet2" Port "eth0" Interface "eth0" Port "ovsbr0" Interface "ovsbr0" type: internal Port "vnet0" Interface "vnet0" ovs_version: "2.0.2" I was then able to create a rule in openvswitch using the following command to bridge all traffic to one of those ports. sudo ovs-vsctl -- set Bridge ovsbr0 [emailprotected] -- [emailprotected] get Port eth0 -- [emailprotected] get Port vnet0 -- [emailprotected] get Port vnet1 -- [emailprotected] get Port vnet2 -- [emailprotected] create Mirror name=pvsintfmirror [emailprotected],@vnet1,@eth0 [emailprotected],@vnet1,@eth0 [emailprotected] The mirroring worked but my issue is that on REBOOT, the VM interfaces seem to get assigned to those vnet ports randomly. Thus, the mirroring rule breaks if the wrong VM interface gets assigned to the wrong port. If anyone knows how to ENSURE that the right interface connects to the vnet2 port so that mirrored traffic flows correctly, that would be a big help. Thanks Random thought coming from my use of Xen (so may be completely useless in your situation) - Check what MAC address the interfaces are coming up with in your VMs and check that they are the same on every reboot - I found with Xen that it would randomly generate a MAC address for each interface every time the VM was started and since it was different the guest OS wouldn't NECESSARILY assign them the same interface number as they had previously (the guest OS sees them as completely new adapters). If this turns out to be the issue, you'd then want to look and see if there is a WAY to specify the MAC address you want each interface to have so that it is persistent.Thanks for the reply. the MAC addresses of the interfaces are coming up the same accross reboots. The interface MAC addresses are stated in VM xml files.

Discussion

No Comment Found

Related InterviewSolutions