[Bug 1639273] Re: openvswitch port mirroring only mirrors egress traffic
Xiang Hui
hui.xiang at canonical.com
Wed Nov 16 04:44:16 UTC 2016
** Description changed:
with a liberty openstack installation (openvswitch
2.4.1-0ubuntu0.15.10.1~cloud0) with two VMs, when vm1's interface is
mirrored to vm2's interface, only vm1's egress traffic is mirrored;
ingress traffic does not appear on vm2's interface.
+ ubuntu at machine-15:~$ sudo ovs-vsctl list mirror
+ ubuntu at machine-15:~$ sudo ovs-vsctl -- set Bridge br-int mirrors=@m -- --id=@qvo07e7496c-a1 get Port qvo07e7496c-a1 -- --id=@qvo91feef0f-f9 get Port qvo91feef0f-f9 -- --id=@m create Mirror name=mirror3 select-src-port=@qvo07e7496c-a1 select-dst-port=@qvo07e7496c-a1 output-port=@qvo91feef0f-f9
+ 7e9e725f-1d23-4b30-8e46-82f7f7e71353
+ ubuntu at machine-15:~$ sudo ovs-vsctl list mirror
+ _uuid : 7e9e725f-1d23-4b30-8e46-82f7f7e71353
+ external_ids : {}
+ name : "mirror3"
+ output_port : a0e92620-37dd-4fd6-b514-45d47526306a
+ output_vlan : []
+ select_all : false
+ select_dst_port : [cafc190f-e89a-4f2c-ab56-2072351bbe41]
+ select_src_port : [cafc190f-e89a-4f2c-ab56-2072351bbe41]
+ select_vlan : []
+ statistics : {}
- ubuntu at machine-15:~$ sudo ovs-vsctl list mirror
- ubuntu at machine-15:~$ sudo ovs-vsctl -- set Bridge br-int mirrors=@m -- --id=@qvo07e7496c-a1 get Port qvo07e7496c-a1 -- --id=@qvo91feef0f-f9 get Port qvo91feef0f-f9 -- --id=@m create Mirror name=mirror3 select-src-port=@qvo07e7496c-a1 select-dst-port=@qvo07e7496c-a1 output-port=@qvo91feef0f-f9
- 7e9e725f-1d23-4b30-8e46-82f7f7e71353
- ubuntu at machine-15:~$ sudo ovs-vsctl list mirror
- _uuid : 7e9e725f-1d23-4b30-8e46-82f7f7e71353
- external_ids : {}
- name : "mirror3"
- output_port : a0e92620-37dd-4fd6-b514-45d47526306a
- output_vlan : []
- select_all : false
- select_dst_port : [cafc190f-e89a-4f2c-ab56-2072351bbe41]
- select_src_port : [cafc190f-e89a-4f2c-ab56-2072351bbe41]
- select_vlan : []
- statistics : {}
+ ubuntu at machine-15:~$ ping -c 1 10.5.150.3
+ PING 10.5.150.3 (10.5.150.3) 56(84) bytes of data.
+ 64 bytes from 10.5.150.3: icmp_seq=1 ttl=63 time=4.26 ms
+ --- 10.5.150.3 ping statistics ---
+ 1 packets transmitted, 1 received, 0% packet loss, time 0ms
+ rtt min/avg/max/mdev = 4.268/4.268/4.268/0.000 ms
- ubuntu at machine-15:~$ ping -c 1 10.5.150.3
- PING 10.5.150.3 (10.5.150.3) 56(84) bytes of data.
- 64 bytes from 10.5.150.3: icmp_seq=1 ttl=63 time=4.26 ms
+ on vm 1 both directions appear, as expected:
- --- 10.5.150.3 ping statistics ---
- 1 packets transmitted, 1 received, 0% packet loss, time 0ms
- rtt min/avg/max/mdev = 4.268/4.268/4.268/0.000 ms
+ 17:16:13.093469 IP 10.5.2.1 > 192.168.21.7: ICMP echo request, id 9031, seq 1, length 64
+ 17:16:13.094792 IP 192.168.21.7 > 10.5.2.1: ICMP echo reply, id 9031, seq 1, length 64
-
- on vm 1 both directions appear, as expected:
-
- 17:16:13.093469 IP 10.5.2.1 > 192.168.21.7: ICMP echo request, id 9031, seq 1, length 64
- 17:16:13.094792 IP 192.168.21.7 > 10.5.2.1: ICMP echo reply, id 9031, seq 1, length 64
-
-
- on vm 2 only outgoing traffic is mirrored:
+ on vm 2 only outgoing traffic is mirrored:
17:16:13.095066 IP 192.168.21.7 > 10.5.2.1: ICMP echo reply, id 9031,
seq 1, length 64
+
+
+ ---------------------------
+
+ [Impact]
+
+ This patch addresses an issue where no ingress traffic mirrored on the openvswitch
+ mirroring output port.
+
+ [Test Case]
+ Deploy an OpenStack cloud w/ trusty-liberty, spawed two vms into the same compute host, configuring ovs mirror with this two vms' interface, tcpdump on the output mirroring interface.
+
+ [Regression Potential]
+
+ None.
--
You received this bug notification because you are a member of Ubuntu
OpenStack, which is subscribed to Ubuntu Cloud Archive.
https://bugs.launchpad.net/bugs/1639273
Title:
openvswitch port mirroring only mirrors egress traffic
Status in Ubuntu Cloud Archive:
New
Status in openvswitch:
New
Bug description:
with a liberty openstack installation (openvswitch
2.4.1-0ubuntu0.15.10.1~cloud0) with two VMs, when vm1's interface is
mirrored to vm2's interface, only vm1's egress traffic is mirrored;
ingress traffic does not appear on vm2's interface.
ubuntu at machine-15:~$ sudo ovs-vsctl list mirror
ubuntu at machine-15:~$ sudo ovs-vsctl -- set Bridge br-int mirrors=@m -- --id=@qvo07e7496c-a1 get Port qvo07e7496c-a1 -- --id=@qvo91feef0f-f9 get Port qvo91feef0f-f9 -- --id=@m create Mirror name=mirror3 select-src-port=@qvo07e7496c-a1 select-dst-port=@qvo07e7496c-a1 output-port=@qvo91feef0f-f9
7e9e725f-1d23-4b30-8e46-82f7f7e71353
ubuntu at machine-15:~$ sudo ovs-vsctl list mirror
_uuid : 7e9e725f-1d23-4b30-8e46-82f7f7e71353
external_ids : {}
name : "mirror3"
output_port : a0e92620-37dd-4fd6-b514-45d47526306a
output_vlan : []
select_all : false
select_dst_port : [cafc190f-e89a-4f2c-ab56-2072351bbe41]
select_src_port : [cafc190f-e89a-4f2c-ab56-2072351bbe41]
select_vlan : []
statistics : {}
ubuntu at machine-15:~$ ping -c 1 10.5.150.3
PING 10.5.150.3 (10.5.150.3) 56(84) bytes of data.
64 bytes from 10.5.150.3: icmp_seq=1 ttl=63 time=4.26 ms
--- 10.5.150.3 ping statistics ---
1 packets transmitted, 1 received, 0% packet loss, time 0ms
rtt min/avg/max/mdev = 4.268/4.268/4.268/0.000 ms
on vm 1 both directions appear, as expected:
17:16:13.093469 IP 10.5.2.1 > 192.168.21.7: ICMP echo request, id 9031, seq 1, length 64
17:16:13.094792 IP 192.168.21.7 > 10.5.2.1: ICMP echo reply, id 9031, seq 1, length 64
on vm 2 only outgoing traffic is mirrored:
17:16:13.095066 IP 192.168.21.7 > 10.5.2.1: ICMP echo reply, id 9031,
seq 1, length 64
---------------------------
[Impact]
This patch addresses an issue where no ingress traffic mirrored on the openvswitch
mirroring output port.
[Test Case]
Deploy an OpenStack cloud w/ trusty-liberty, spawed two vms into the same compute host, configuring ovs mirror with this two vms' interface, tcpdump on the output mirroring interface.
[Regression Potential]
None.
To manage notifications about this bug go to:
https://bugs.launchpad.net/cloud-archive/+bug/1639273/+subscriptions
More information about the Ubuntu-openstack-bugs
mailing list