|
 |
049c96 |
From a7a39f89b58da3eb939f7233c23f8eb225826d48 Mon Sep 17 00:00:00 2001
|
|
|
049c96 |
From: Phil Sutter <psutter@redhat.com>
|
|
|
049c96 |
Date: Wed, 30 Mar 2016 16:51:09 +0200
|
|
|
049c96 |
Subject: [PATCH] man: tc-mirred.8: Reword man page a bit, add generic mirror
|
|
|
049c96 |
example
|
|
|
049c96 |
|
|
|
049c96 |
Bugzilla: https://bugzilla.redhat.com/show_bug.cgi?id=1275426
|
|
|
049c96 |
Upstream Status: iproute2.git commit 26df2953a5c34
|
|
|
049c96 |
|
|
|
049c96 |
commit 26df2953a5c34fe03986cbf3466321fd8a3af1c5
|
|
|
049c96 |
Author: Phil Sutter <phil@nwl.cc>
|
|
|
049c96 |
Date: Tue Mar 22 15:48:35 2016 +0100
|
|
|
049c96 |
|
|
|
049c96 |
man: tc-mirred.8: Reword man page a bit, add generic mirror example
|
|
|
049c96 |
|
|
|
049c96 |
Signed-off-by: Phil Sutter <phil@nwl.cc>
|
|
|
049c96 |
Signed-off-by: Stephen Hemminger <stephen@networkplumber.org>
|
|
|
049c96 |
---
|
|
|
049c96 |
man/man8/tc-mirred.8 | 26 +++++++++++++++++++-------
|
|
|
049c96 |
1 file changed, 19 insertions(+), 7 deletions(-)
|
|
|
049c96 |
|
|
|
049c96 |
diff --git a/man/man8/tc-mirred.8 b/man/man8/tc-mirred.8
|
|
|
049c96 |
index 52d98bc..bba96e0 100644
|
|
|
049c96 |
--- a/man/man8/tc-mirred.8
|
|
|
049c96 |
+++ b/man/man8/tc-mirred.8
|
|
|
049c96 |
@@ -21,11 +21,9 @@ mirred - mirror/redirect action
|
|
|
049c96 |
.SH DESCRIPTION
|
|
|
049c96 |
The
|
|
|
049c96 |
.B mirred
|
|
|
049c96 |
-action allows to redirect or mirror packets to another network interface on the
|
|
|
049c96 |
-same system. It is typically used in combination with the
|
|
|
049c96 |
-.B ifb
|
|
|
049c96 |
-pseudo device to create a shrared instance where QoS happens, but serves well
|
|
|
049c96 |
-for debugging or monitoring purposes, too.
|
|
|
049c96 |
+action allows packet mirroring (copying) or redirecting (stealing) the packet it
|
|
|
049c96 |
+receives. Mirroring is what is sometimes referred to as Switch Port Analyzer
|
|
|
049c96 |
+(SPAN) and is commonly used to analyze and/or debug flows.
|
|
|
049c96 |
.SH OPTIONS
|
|
|
049c96 |
.TP
|
|
|
049c96 |
.B ingress
|
|
|
049c96 |
@@ -67,9 +65,23 @@ debugging purposes:
|
|
|
049c96 |
.EE
|
|
|
049c96 |
.RE
|
|
|
049c96 |
|
|
|
049c96 |
-Use an
|
|
|
049c96 |
+Mirror all incoming ICMP packets on eth0 to a dummy interface for examination
|
|
|
049c96 |
+with e.g. tcpdump:
|
|
|
049c96 |
+
|
|
|
049c96 |
+.RS
|
|
|
049c96 |
+.EX
|
|
|
049c96 |
+# ip link add dummy0 type dummy
|
|
|
049c96 |
+# ip link set dummy0 up
|
|
|
049c96 |
+# tc qdisc add dev eth0 handle ffff: ingress
|
|
|
049c96 |
+# tc filter add dev eth0 parent ffff: protocol ip \\
|
|
|
049c96 |
+ u32 match ip protocol 1 0xff \\
|
|
|
049c96 |
+ action mirred egress mirror dev dummy0
|
|
|
049c96 |
+.EE
|
|
|
049c96 |
+.RE
|
|
|
049c96 |
+
|
|
|
049c96 |
+Using an
|
|
|
049c96 |
.B ifb
|
|
|
049c96 |
-interface to send ingress traffic on eth0 through an instance of
|
|
|
049c96 |
+interface, it is possible to send ingress traffic through an instance of
|
|
|
049c96 |
.BR sfq :
|
|
|
049c96 |
|
|
|
049c96 |
.RS
|
|
|
049c96 |
--
|
|
|
049c96 |
1.8.3.1
|
|
|
049c96 |
|