Kemp Support, how can we help?

The latest application delivery knowledge and expertise at your fingertips.

KVM port mirroring

 

Information

 

Summary:

This article extends the deployment guide and provides details about port mirroring configuration in the KVM environment using Open vSwitch.

Port mirroring is essential for monitoring ports on VA probes/collectors. 

Environment:

Product: Flowmon Probe

Version: Any

Platform: KVM

Question/Problem Description:

How to configure port mirroring in KVM?

Steps to Reproduce:  
Error Message:  
Defect Number:  
Enhancement Number:  
Cause:  
Resolution:

The first step is to install Open vSwitch on the KVM host. We recommend following the official guide.

A new bridge can be created then:

ovs-vsctl add-br <bridge_name>

The next step is to add network interfaces to the bridge (network interfaces that should be monitored and also monitoring port of Flowmon appliance):

ovs-vsctl add-port <bridge_name> <interface_name>

Host interfaces can be listed with:

ip a

All VM interfaces can be listed with:

for vm in $(virsh list | grep running | awk '{print $2}'); do echo -n "$vm:"; virsh dumpxml $vm| grep -oP "vnet\d+" ; done

Flowmon instance's monitoring ports have to be modified to support the Open vSwitch bridge:

virsh edit <Flowmon_appliance_name>

Locate the monitoring port and replace

<interface type='network'>
<source network='default'/>

by (replace <bridge_name> with your bridge)

<interface type='bridge'>
<source bridge='<bridge_name>'/>
<virtualport type='openvswitch'/>

After that, the mirroring session can be created:

ovs-vsctl -- --id=@m create mirror name=<mirror_name> -- add bridge <bridge_name> mirrors @m

Now there are multiple options for configuration:

Mirror everything to Flowmon's monitoring port

ovs-vsctl set mirror <mirror_name> select_all=true

Get UUID of Flowmon's monitoring port (the same command can be used for any other interface)

ovs-vsctl get port <interface_name> _uuid

Use UUID for output_port in the mirroring

ovs-vsctl set mirror <mirror_name> output_port=<UUID_obtained_in_the_previous_step>

Mirror specific interfaces to Flowmon's monitoring port

ovs-vsctl set mirror <mirror_name> select_src_port=<UUID_of_the_interface_to_monitor> select_dst_port=<UUID_of_the_interface_to_monitor> output_port=<UUID_of_the_monitoring_port>

Mirror specific VLANs to Flowmon's monitoring port

ovs-vsctl set mirror <mirror_name> select_vlan=<list_of_VLANs_to_monitor> output_vlan=<VLAN_of_the_monitoring_port>

Configure the "output_vlan" on the monitoring port:

ovs-vsctl set port <monitoring_port> tag=<desired_VLAN>

or for multiple VLANs:

 ovs-vsctl set port <monitoring_port> trunks=<list_of_VLAN_ids>

Commands for debugging

List bridges

ovs-vsctl show

List ports in the bridge

ovs-vsctl list-ports <bridge_name>

List a mirror

ovs-vsctl list mirror <mirror_name>

List all ports

ovs-vsctl list port
Workaround:  
Notes:

https://docs.openvswitch.org/en/latest/faq/configuration/

https://www.youtube.com/watch?v=wikHzoScsPc

https://docs.openvswitch.org/en/latest/intro/install/


Was this article helpful?
0 out of 0 found this helpful

Comments