OpenVSwitch mirroring only layer2 traffic
For testing purposes, I am using Open vswitch to mirror traffic from 2 interfaces eth1 and eth2 to eth3.
Added eth1, eth2 and eth3 to the bridge
I am using the following command to set the mirroring:
ovs-vsctl -- set Bridge br0 mirrors=@m \
-- --id=@eth1 get Port eth1 \
-- --id=@eth2 get Port eth2 \
-- --id=@eth3 get Port eth3 \
-- --id=@m create Mirror name=e1e2toe3 select-dst-port=@eth1 select-src-port=@eth1 output-port=@eth3
A node with tcpdump is connected to eth3.
tcpdump shows only layer2 traffic: ARP, CDP (Cisco devices connected to eth1 and eth2) conversations between devices connected to eth1 and eth2, but no upper layers: ex: pings, ssh, telnet not visible.
Any hint?
Make sure your interfaces are set into promiscuous mode, since switches, by default, will ignore traffic being sent to them unless their ports are set to promiscuous mode:
ifconfig eth1 up
ifconfig eth1 promisc
Sources:
http://www.tcpdump.org/faq.html#q6
https://askubuntu.com/questions/430355/configure-a-network-interface-into-promiscuous-mode
Failing that, use tcprewrite to change the destination MAC/IP addresses of the replayed traffic, assuming you're replaying a .pcap file. (I think you might just have to change one of the two but I can't remember which)
The following guide tells you how to do this:
http://xmodulo.com/how-to-capture-and-replay-network-traffic-on-linux.html
- Distinguish between two maximum values in a column with Power Query
- Power Query Conditional JOIN - JOIN with WHERE clause
- Calculate combinations for a range of text values in excel
- How to update a column's values in Power BI M Language
- What's the difference between DAX and Power Query (or M)?
- Sorting issue when consolidating monthly data into a year to date file. Using query, sorting by day, time, and letter
- Power Query `List.Generate` runs too slow
- Custom Colum based on specific dates in powerquery
- How do I properly use table.group in a PowerQuery query to dynamically summarize different rows and columns?
- Excel Power Query syntax issue transform multiple columns of records
- How to capitalize only first letter of a sentence
- Power Query Import For Power BI with group by on SelectRows
- Get data from config table cell when loading data source with power query
- Translate Excel Formula into Power Query
- Counting matching pairs of letters in lists of bigrams in Power Query M
- Bigrams of a string in Power Query M
- Power Query code to refer to another query (and how buffering works)
- M code for the equivalent of of Left (string, len(string)-11)
- How to add a missing column to the Transform Sample File
- How to add or insert ' (single quotes) for every string in a list in which strings are separated by commas in Power Query
- Power BI M code Split column from Lowercase to Uppercase won't include diacritics (accents)
- M Code(Power Query) to Remove Empty columns that runs fast
- How to find the value with date closest to another date
- Error when build AOSP 14 - internal error: undefined variable CTS_TEST_SUITES_DEFAULT
- Call a table using a dynamic identifier
- Problem getting the value from a cell using M in excel
- How to rename columns based on the data within them in Power Query M?
- Power Query return a field name based on parameter
- Power Query: after combining 2 tables got something strange
- Token Literal Expected Error in Power Query M Code using try and List.MatchesAny