Kemp Support, how can we help?

The latest application delivery knowledge and expertise at your fingertips.

KVM port mirroring





This article extends the deployment guide and provides details about port mirroring configuration in the KVM environment using Open vSwitch.

Port mirroring is essential for monitoring ports on VA probes/collectors. 


Product: Flowmon Probe

Version: Any

Platform: KVM

Question/Problem Description:

How to configure port mirroring in KVM?

Steps to Reproduce:  
Error Message:  
Defect Number:  
Enhancement Number:  

The first step is to install Open vSwitch on the KVM host. We recommend following the official guide.

A new bridge can be created then:

ovs-vsctl add-br <bridge_name>

The next step is to add network interfaces to the bridge (network interfaces that should be monitored and also monitoring port of Flowmon appliance):

ovs-vsctl add-port <bridge_name> <interface_name>

Host interfaces can be listed with:

ip a

All VM interfaces can be listed with:

for vm in $(virsh list | grep running | awk '{print $2}'); do echo -n "$vm:"; virsh dumpxml $vm| grep -oP "vnet\d+" ; done

Flowmon instance's monitoring ports have to be modified to support the Open vSwitch bridge:

virsh edit <Flowmon_appliance_name>

Locate the monitoring port and replace

<interface type='network'>
<source network='default'/>

by (replace <bridge_name> with your bridge)

<interface type='bridge'>
<source bridge='<bridge_name>'/>
<virtualport type='openvswitch'/>

After that, the mirroring session can be created:

ovs-vsctl -- --id=@m create mirror name=<mirror_name> -- add bridge <bridge_name> mirrors @m

Now there are multiple options for configuration:

Mirror everything to Flowmon's monitoring port

ovs-vsctl set mirror <mirror_name> select_all=true

Get UUID of Flowmon's monitoring port (the same command can be used for any other interface)

ovs-vsctl get port <interface_name> _uuid

Use UUID for output_port in the mirroring

ovs-vsctl set mirror <mirror_name> output_port=<UUID_obtained_in_the_previous_step>

Mirror specific interfaces to Flowmon's monitoring port

ovs-vsctl set mirror <mirror_name> select_src_port=<UUID_of_the_interface_to_monitor> select_dst_port=<UUID_of_the_interface_to_monitor> output_port=<UUID_of_the_monitoring_port>

Mirror specific VLANs to Flowmon's monitoring port

ovs-vsctl set mirror <mirror_name> select_vlan=<list_of_VLANs_to_monitor> output_vlan=<VLAN_of_the_monitoring_port>

Configure the "output_vlan" on the monitoring port:

ovs-vsctl set port <monitoring_port> tag=<desired_VLAN>

or for multiple VLANs:

 ovs-vsctl set port <monitoring_port> trunks=<list_of_VLAN_ids>

Commands for debugging

List bridges

ovs-vsctl show

List ports in the bridge

ovs-vsctl list-ports <bridge_name>

List a mirror

ovs-vsctl list mirror <mirror_name>

List all ports

ovs-vsctl list port

Was this article helpful?
0 out of 0 found this helpful