On 12.11.2014 14:55, Sagar Shedge wrote:
Hi ,
I have two virtual machines VM1 and VM2. Then I have added eth0 of my
VM to 'default' network.
Use case :-
I want to monitor all traffic on virbr0('default' network).
Steps followed :-
1. Add VM1 eth0 to virbr0
2. Add VM2 eth1 to virbr0
3. brctl setageing ovsbr0 0 ..(To put bridge in promiscuous)
Now I am running tcpdump on eth1 of VM2 and trying to ping google.com
<http://google.com>(outside world)
In VM2 (tcpdump -i eth1), I can see only ingress(incoming) traffic of
VM1. I am not able see outgoing traffic of VM1.
If I create another bridge and trying same scenario with 2 VM then VM2
can see both ingress and outgress traffic.
So want to know what is the issue?
Is libvirt doing something different with this virtbr0 bridge?
I suspect it's a kernel issue. I mean, kernel takes several shortcuts in
network stack when it comes to virtual NICs and virtual bridges. I've
come across this when implementing QoS. I haven't tried your scenario
out, I'm just guessing. BTW: depending on network type, libvirt may or
may not set up some ip-/eb-tables filters. But I don't think that's the
case.
Michal
_______________________________________________
libvirt-users mailing list
libvirt-users@xxxxxxxxxx
https://www.redhat.com/mailman/listinfo/libvirt-users
