[Cerowrt-devel] cerowrt 3.10.17-3 released
Dave Taht
dave.taht at gmail.com
Tue Oct 22 19:27:02 EDT 2013
On Tue, Oct 22, 2013 at 4:12 PM, Stephen Hemminger
<stephen at networkplumber.org> wrote:
> With TC you can apply an action to packets coming in.
> One of those actions is mirred (not a typo) which mirrors the packet
> to another device. There is both mirror and redirect possible.
>
> Jamal invented this years ago, but actions are not widely used.
I use this technique for an input redirect into ifb for cerowrt's
shaper. It works
well.
> Inside Vyatta CLI wrappers, the port-mirroring capability converts to tc
> commands. For example doing SPAN equivalent from eth0 to eth1 is:
>
> tc filter add dev eth0 parent ffff: \
> protocol all prio 10 u32 \
> match u32 0 0 flowid 1:1 \
> action mirred egress mirror dev eth1
In this case the device on eth1 would have to be an entirely passive
device otherwise it will attempt to interact with that traffic (?) In
the case of cero, it has two ethernet devices available, one hooked
directly into a switch, and as many wifi ones as you want. What would
probably work would be to split off a dedicated vlan port for the
mirror and send stuff to dev eth1.4 - (for example) so long as the
listening server was entirely passive.
tc filter add dev sw00 parent ffff: \
protocol all prio 10 u32 \
match u32 0 0 flowid 1:1 \
action mirred egress mirror dev se00.4
but you'd also want to do it on ingress too. (?)
I forget the syntax for splitting off a vlan port in cero...
> The actions apply to a filter, and this seemed to be a workable (match all)
> filter.
Both directions?
>
>
--
Dave Täht
Fixing bufferbloat with cerowrt: http://www.teklibre.com/cerowrt/subscribe.html
More information about the Cerowrt-devel
mailing list