Page MenuHomeVyOS Platform

Migrate port mirroring to vyos-1x and support two-way traffic mirroring
Closed, ResolvedPublicFEATURE REQUEST

Description

I will consider migrating port mirroring related configuration and code from vyatta-cfg-qos to the configuration template of all interfaces in vyos-1x, and support mirroring two-way traffic on the interface

https://github.com/vyos/vyatta-cfg-qos/blob/current/scripts/vyatta-qos.pl#L322-L346
https://github.com/vyos/vyatta-cfg-qos/blob/current/templates/interfaces/ethernet/node.tag/mirror/node.def
https://adamkuj.net/blog/2016/05/18/pro-tip-port-mirroring-in-linux/

Details

Difficulty level
Unknown (require assessment)
Version
-
Why the issue appeared?
Will be filled on close
Is it a breaking change?
Perfectly compatible

Related Objects

StatusSubtypeAssignedTask
ResolvedFEATURE REQUESTjack9603301
ResolvedFEATURE REQUESTjack9603301
OpenFEATURE REQUESTjack9603301

Event Timeline

jack9603301 changed the task status from Open to In progress.Nov 27 2020, 10:32 AM
jack9603301 triaged this task as Normal priority.
jack9603301 created this task.
jack9603301 created this object in space S1 VyOS Public.
jack9603301 moved this task from Need Triage to In Progress on the VyOS 1.3 Equuleus board.
jack9603301 changed the subtype of this task from "Task" to "Feature Request".Nov 28 2020, 4:38 AM

Running VyOS 1.3-rolling-202012060217 immediately when I enable port mirroring all sessions are dropped on this link.

This is true for Ping and also SSH.

Can I restart ping? Can be restored after restart

Of course, restarting ping works, but all flows in transit will stop, this is not what you wan't on an edge device running 10GBit/s of traffic

I am a little doubtful whether this is in design, and whether there will be a short-term up to down to up conversion when the interface is modified.

In the test topology, the same situation was found in the mirror test of pppoe0


In the latest PR implementation, eth0 will shake at the moment when the eth0 configuration is changed, but it seems to be restored immediately

The latest PR tests on port mirroring and configuration migrator seem to be all right

The topology is as follows:

Okay, debugging with @jack9603301 showed that there was/is an issue. If you are running DHCP client on the interface which is using mirroring, this indeed becomes an issue as traffic is dropped until the session is re-established.

This is b/c in vyos.ifconfig all IP addresses which are NOT in the config are dropped from the interface.

OK, the latest PR can be tested. I just tested the basic functions and the effectiveness of the migration script. But I haven't submitted the PR of vyatta-cfg-system

jack9603301 moved this task from In Progress to Finished on the VyOS 1.3 Equuleus board.

Maybe this implementation also has a dependency problem, I will fix it in the near future