NETGEAR is aware of a growing number of phone and online scams. To learn how to stay safe click here.

Forum Discussion

neilfw's avatar
neilfw
Aspirant
Nov 13, 2017
Solved

Port mirroring on GS724TP

I have a GS724TP gigabit managed switch.  I have enabled port mirroring as per the image below, but on the device connected to port g22, all I get is the broadcast traffic that I would have got anywa...
Troubleshooting
  • neilfw's avatar
    neilfw
    Nov 14, 2017

    Thanks for the configuration confirmation Hopchen. It was a right pain to debug, in the end built an Ubuntu laptop to fully test the port and not use the Ubuntu server instance it was patched to.  It was in the end not a lack of promiscuous on either Ubuntu instance that was the issue, it was a lack of promiscuousness on the underlying virtualization layer.  Citrix Xen does not act as a pass through even when a physical port is mapped uniquely to one host, so you need the following command executed in the Xen Hypervisor

     

    ovs-vsctl -- set Bridge xenbr1 mirrors=@m \
    -- --id=@eth1 get Port eth1 \
    -- --id=@vif1.1 get Port vif1.1 \
    -- --id=@m create Mirror name=eth1-mirror select-dst-port=@eth1 \
    select-src-port=@eth1 output-port=@vif1.1

     

    Where the physical interface is eth1 on the Citrix Xen Hypervisor, and vif1.1 is the virtual interface applied to the host.

     

neilfw's avatar
neilfw
Aspirant
Nov 14, 2017

Thanks for the configuration confirmation Hopchen. It was a right pain to debug, in the end built an Ubuntu laptop to fully test the port and not use the Ubuntu server instance it was patched to.  It was in the end not a lack of promiscuous on either Ubuntu instance that was the issue, it was a lack of promiscuousness on the underlying virtualization layer.  Citrix Xen does not act as a pass through even when a physical port is mapped uniquely to one host, so you need the following command executed in the Xen Hypervisor

 

ovs-vsctl -- set Bridge xenbr1 mirrors=@m \
-- --id=@eth1 get Port eth1 \
-- --id=@vif1.1 get Port vif1.1 \
-- --id=@m create Mirror name=eth1-mirror select-dst-port=@eth1 \
select-src-port=@eth1 output-port=@vif1.1

 

Where the physical interface is eth1 on the Citrix Xen Hypervisor, and vif1.1 is the virtual interface applied to the host.

 

Hopchen's avatar
Hopchen
Prodigy
Nov 14, 2017

Heya,

 

Glad you got it solved! Yes, I assumed it was some sort of promiscuous NIC issue when you only saw broadcast.

 

I recommend that you mark this thread as resolved for now.

 

Any problems - give us a shout! :)

  • neilfw's avatar
    neilfw
    Aspirant
    Nov 14, 2017

    Thanks

NETGEAR Academy

Boost your skills with the Netgear Academy - Get trained, certified and stay ahead with the latest Netgear technology! 

Join Us!

ProSupport for Business

Comprehensive support plans for maximum network uptime and business peace of mind.

 

Learn More