Hello!
I've just started experimenting with Xen, and so far I like it, but I'm running into an issue setting up port mirroring and promiscuous mode.
I'm trying to get all traffic on a network within my Xen server to be mirrored to a specific VM so I can practice with an IDS. I've determined that the VM I want my IDS on is connected via vif104.1, and I think I should run this command to create a mirror
over the whole network:
ovs-vsctl --set Bridge xenbr1 mirrors=@m -- -- id=@vif93.0 get Port vif93.0 -- --id=@vif78.3 get Port vif78.3 -- --id=@vif72.0 get Port vif72.0 -- --id=@79.1 get Port vif79.1 -- --id=@tap93.0 get Port tap93.0 -- --id=@xenbr1 get Port xenbr1 -- --id=@vif62.3 get Port vif62.3 -- --id=@tap62.3 get Port tap62.3 -- --id=@eth1 get Port eth1 -- --id=@vif104.1 get Port vif104.1 -- -- --id=@m create Mirror name=xenbr1-everything-mirror select-dst-port=@vif93.0,@vif78.3,@vif72.0,@vif79.1,@tap93.0,@xenbr1,@vif62.3,@vif103.1,@tap62.3,@eth1 select-src-port=@vif93.0,@vif78.3,@vif72.0,@vif79.1,@tap93.0,@xenbr1,@vif62.3,@vif103.1,@tap62.3,@eth1 output-port=@vif104.1
After running that, I should set vif104.1 into promiscuous mode with:
xe vif-param-set uuid=<uuid_of_vif> other-config:promiscuous="true"
Unfortunately, when I try running the ovs-vsctl command I get:
ovs-vsctl: unrecognized option `--set'
I think this is because I'm specifying multiple dst-ports and src-ports but I'm not sure.
I'm also a bit confused on the difference between port mirroring and promiscuous mode in general. Would someone please explain that to me and help me figure out how to achieve the desired result? Also, I'd like to make this persistent across reboots,
but it appears the VIF IDs change each time the VM reboots. Is there a way to stop that?