端口镜像
作者:互联网
ovs-vsctl add-port br0 tap1 -- set interface tap1 type=internal ovs-vsctl add-port br0 tap2 -- set interface tap2 type=internal ovs-vsctl add-port br0 tap3 -- set interface tap3 type=internal ip netns add ns1 ip netns add ns2 ip netns add ns3 ip link set dev tap1 netns ns1 ip link set dev tap2 netns ns2 ip link set dev tap3 netns ns3 ip netns exec ns1 ip addr add 10.10.10.11/24 dev tap1 ip netns exec ns1 ip link set up tap1 ip netns exec ns2 ip addr add 10.10.10.12/24 dev tap2 ip netns exec ns2 ip link set up tap2 ip netns exec ns3 ip link set up tap3
ovs-vsctl -- --id=@tap1 get port tap1 \ -- --id=@tap3 get port tap3 \ -- --id=@m create mirror name=m0 select_dst_port=@tap1 output_port=@tap3 \ -- set bridge br0 mirrors=@m
[root@bogon ~]# ip netns exec ns1 ping 10.10.10.12 -c 2 PING 10.10.10.12 (10.10.10.12) 56(84) bytes of data. 64 bytes from 10.10.10.12: icmp_seq=1 ttl=64 time=0.702 ms 64 bytes from 10.10.10.12: icmp_seq=2 ttl=64 time=0.070 ms --- 10.10.10.12 ping statistics --- 2 packets transmitted, 2 received, 0% packet loss, time 1028ms rtt min/avg/max/mdev = 0.070/0.386/0.702/0.316 ms [root@bogon ~]#
[root@bogon ~]# ip netns exec ns3 tcpdump -i tap3 -e -nn icmp or arp tcpdump: verbose output suppressed, use -v or -vv for full protocol decode listening on tap3, link-type EN10MB (Ethernet), capture size 262144 bytes 17:39:57.346895 2e:c2:ed:62:84:34 > 9a:8f:47:8a:7d:76, ethertype ARP (0x0806), length 42: Reply 10.10.10.12 is-at 2e:c2:ed:62:84:34, length 28 17:39:57.347178 2e:c2:ed:62:84:34 > 9a:8f:47:8a:7d:76, ethertype IPv4 (0x0800), length 98: 10.10.10.12 > 10.10.10.11: ICMP echo reply, id 10779, seq 1, length 64 17:39:58.384556 2e:c2:ed:62:84:34 > 9a:8f:47:8a:7d:76, ethertype IPv4 (0x0800), length 98: 10.10.10.12 > 10.10.10.11: ICMP echo reply, id 10779, seq 2, length 64 17:40:02.384860 2e:c2:ed:62:84:34 > 9a:8f:47:8a:7d:76, ethertype ARP (0x0806), length 42: Request who-has 10.10.10.11 tell 10.10.10.12, length 28 17:45:02.966908 2e:c2:ed:62:84:34 > 9a:8f:47:8a:7d:76, ethertype IPv4 (0x0800), length 98: 10.10.10.12 > 10.10.10.11: ICMP echo reply, id 13276, seq 1, length 64 17:45:03.994538 2e:c2:ed:62:84:34 > 9a:8f:47:8a:7d:76, ethertype IPv4 (0x0800), length 98: 10.10.10.12 > 10.10.10.11: ICMP echo reply, id 13276, seq 2, length 64 17:45:07.984762 2e:c2:ed:62:84:34 > 9a:8f:47:8a:7d:76, ethertype ARP (0x0806), length 42: Request who-has 10.10.10.11 tell 10.10.10.12, length 28 17:45:07.984781 2e:c2:ed:62:84:34 > 9a:8f:47:8a:7d:76, ethertype ARP (0x0806), length 42: Reply 10.10.10.12 is-at 2e:c2:ed:62:84:34, length 28
标签:ip,端口,length,10.10,镜像,10.12,netns,84 来源: https://www.cnblogs.com/dream397/p/12938617.html