SlideShare a Scribd company logo

Cannot observe ingress packets

S
soichi shigeta

This is a material for discussion about the design of Tap-as-a-Service. (IRC meeting on 7/20/2016)

Software
1 of 7
Download to read offline
Copyright 2016 FUJITSU LABORATORIES LTD. Cannot observe ingress packets Kazuhiro Suzuki 2016/7/20 Fujitsu Laboratories Ltd. 0
We cannot observe ingress packets on Monitor  Test Bet  Flow entries for Ingress packets defined in br-int. Copyright 2016 FUJITSU LABORATORIES LTD. 1. cookie=0x0, duration=601700.446s, table=0, n_packets=44, n_bytes=1848, idle_age=65534, hard_age=65534, priority=20,dl_vlan=1,dl_dst=01:00:00:00:00:00/01:00:00:00: 00:00 actions=NORMAL,mod_vlan_vid:3901,output:5 2. cookie=0x0, duration=599507.935s, table=0, n_packets=0, n_bytes=0, idle_age=65534, hard_age=65534, priority=20,dl_vlan=1,dl_dst=fa:16:3e:bd:77:8f actions=NORMAL,mod_vlan_vid:3901,output:5 VM1Monitor VM0 MAC:fa:16:3e:bd:77:8f br_int br_tapPort Mirroring ping 5 1
We observed packets on Monitor VM  When VM0 and VM1 are running on the same host, we can observe only egress packets at the port of VM1, ingress packets cannot be observed. Copyright 2016 FUJITSU LABORATORIES LTD. $ tcpdump -e -n -i eth1 06:23:18.062505 fa:16:3e:bd:77:8f > fa:16:3e:8c:54:e3, ethertype 802.1Q (0x8100), length 102: vlan 2, p 0, ethertype IPv4, 192.168.1.3 > 192.168.1.6: ICMP echo reply, id 926, seq 12152, length 64 06:23:19.063943 fa:16:3e:bd:77:8f > fa:16:3e:8c:54:e3, ethertype 802.1Q (0x8100), length 102: vlan 2, p 0, ethertype IPv4, 192.168.1.3 > 192.168.1.6: ICMP echo reply, id 926, seq 12153, length 64 VM1Monitor VM0 br_int br_tapPort Mirroring ping 5 tcpdump 2
Copyright 2016 FUJITSU LABORATORIES LTD.  We checked packets which go through VM0 port using tcpdump Packet observation in VM0 $ sudo tcpdump -n -e -i dummy0 14:52:57.774417 fa:16:3e:8c:54:e3 > fa:16:3e:bd:77:8f, ethertype 802.1Q (0x8100), length 102: vlan 1, p 0, ethertype IPv4, 192.168.1.6 > 192.168.1.3: ICMP echo request, id 926, seq 10334, length 64 14:52:57.774874 fa:16:3e:bd:77:8f > fa:16:3e:8c:54:e3, ethertype 802.1Q (0x8100), length 102: vlan 1, p 0, ethertype IPv4, 192.168.1.3 > 192.168.1.6: ICMP echo reply, id 926, seq 10334, length 64 VM1Monitor VM0 br_int br_tapPort Mirroring ping 5 tcpdump 3
 We also checked packets at VM1  Both ingress packets observed at VM0 and VM1 have vlan id 1, but the flow entry for ingress packets is not evaluated. VM1Monitor VM0 br_int br_tapPort Mirroring ping 5 Copyright 2016 FUJITSU LABORATORIES LTD. Packet observation in VM1 $ sudo tcpdump -n -e -i dummy0 14:46:33.258666 fa:16:3e:8c:54:e3 > fa:16:3e:bd:77:8f, ethertype 802.1Q (0x8100), length 102: vlan 1, p 0, ethertype IPv4, 192.168.1.6 > 192.168.1.3: ICMP echo request, id 926, seq 9950, length 64 14:46:33.258901 fa:16:3e:bd:77:8f > fa:16:3e:8c:54:e3, ethertype 802.1Q (0x8100), length 102: vlan 1, p 0, ethertype IPv4, 192.168.1.3 > 192.168.1.6: ICMP echo reply, id 926, seq 9950, length 64 tcpdump 4
We modified a flow entry of TapFlow  We can observe both direction(egress and ingress) on Monitor when “dl_vlan=1” is removed from the ingress flow entries. Copyright 2016 FUJITSU LABORATORIES LTD. $ tcpdump -e -n -i eth1 06:23:18.062505 fa:16:3e:bd:77:8f > fa:16:3e:8c:54:e3, ethertype 802.1Q (0x8100), length 102: vlan 2, p 0, ethertype IPv4, 192.168.1.3 > 192.168.1.6: ICMP echo reply, id 926, seq 12152, length 64 06:23:19.063943 fa:16:3e:bd:77:8f > fa:16:3e:8c:54:e3, ethertype 802.1Q (0x8100), length 102: vlan 2, p 0, ethertype IPv4, 192.168.1.3 > 192.168.1.6: ICMP echo reply, id 926, seq 12153, length 64 VM1Monitor VM0 br_int br_tapPort Mirroring ping 5 tcpdump 5
Cannot observe ingress packets

Recommended

Designof traffic isolationby using flow based tunneling
Designof traffic isolationby using flow based tunnelingDesignof traffic isolationby using flow based tunneling
Designof traffic isolationby using flow based tunnelingsoichi shigeta
 
Capture and replay hardware behaviour for regression testing and bug reporting
Capture and replay hardware behaviour for regression testing and bug reportingCapture and replay hardware behaviour for regression testing and bug reporting
Capture and replay hardware behaviour for regression testing and bug reportingmartin-pitt
 
Kai Voigt - Big Data zum Anfassen - code.talks 2015
Kai Voigt - Big Data zum Anfassen - code.talks 2015Kai Voigt - Big Data zum Anfassen - code.talks 2015
Kai Voigt - Big Data zum Anfassen - code.talks 2015AboutYouGmbH
 
C++ Optimization Tips
C++ Optimization TipsC++ Optimization Tips
C++ Optimization TipsAbdelrahman Al-Ogail
 
Mango64 u boot 업데이트 하기
Mango64 u boot 업데이트 하기Mango64 u boot 업데이트 하기
Mango64 u boot 업데이트 하기종인 전
 
A little systemtap
A little systemtapA little systemtap
A little systemtapyang bingwu
 
Inspector - Node.js : Notes
Inspector - Node.js : NotesInspector - Node.js : Notes
Inspector - Node.js : NotesSubhajit Sahu
 
Zookeper
ZookeperZookeper
ZookeperAlexeyStepanov21
 

Recommended

Designof traffic isolationby using flow based tunneling
Designof traffic isolationby using flow based tunnelingDesignof traffic isolationby using flow based tunneling
Designof traffic isolationby using flow based tunnelingsoichi shigeta
 
Capture and replay hardware behaviour for regression testing and bug reporting
Capture and replay hardware behaviour for regression testing and bug reportingCapture and replay hardware behaviour for regression testing and bug reporting
Capture and replay hardware behaviour for regression testing and bug reportingmartin-pitt
 
Kai Voigt - Big Data zum Anfassen - code.talks 2015
Kai Voigt - Big Data zum Anfassen - code.talks 2015Kai Voigt - Big Data zum Anfassen - code.talks 2015
Kai Voigt - Big Data zum Anfassen - code.talks 2015AboutYouGmbH
 
C++ Optimization Tips
C++ Optimization TipsC++ Optimization Tips
C++ Optimization TipsAbdelrahman Al-Ogail
 
Mango64 u boot 업데이트 하기
Mango64 u boot 업데이트 하기Mango64 u boot 업데이트 하기
Mango64 u boot 업데이트 하기종인 전
 
A little systemtap
A little systemtapA little systemtap
A little systemtapyang bingwu
 
Inspector - Node.js : Notes
Inspector - Node.js : NotesInspector - Node.js : Notes
Inspector - Node.js : NotesSubhajit Sahu
 
Zookeper
ZookeperZookeper
ZookeperAlexeyStepanov21
 
Vi
ViVi
Viluanpho91
 
A3 sec -_msr_2.0
A3 sec -_msr_2.0A3 sec -_msr_2.0
A3 sec -_msr_2.0a3sec
 
SPICE Model of M1FE60(PDF)
SPICE Model of M1FE60(PDF)SPICE Model of M1FE60(PDF)
SPICE Model of M1FE60(PDF)Tsuyoshi Horigome
 
RabbitMQ Server - cheat sheet -
RabbitMQ Server - cheat sheet -RabbitMQ Server - cheat sheet -
RabbitMQ Server - cheat sheet -Naoto MATSUMOTO
 
Building packages through emulation by Sean Bruno
Building packages through emulation by Sean BrunoBuilding packages through emulation by Sean Bruno
Building packages through emulation by Sean Brunoeurobsdcon
 
Petascale Storage -- Do It Yourself!
Petascale Storage -- Do It Yourself!Petascale Storage -- Do It Yourself!
Petascale Storage -- Do It Yourself!Tim Lossen
 
PORTIQUE VERIF
PORTIQUE VERIFPORTIQUE VERIF
PORTIQUE VERIFStructural designer civil engineering
 
Internet of Things Magic Show
Internet of Things Magic ShowInternet of Things Magic Show
Internet of Things Magic ShowStephen Chin
 
Kernel Recipes 2015: Introduction to Kernel Power Management
Kernel Recipes 2015: Introduction to Kernel Power ManagementKernel Recipes 2015: Introduction to Kernel Power Management
Kernel Recipes 2015: Introduction to Kernel Power ManagementAnne Nicolas
 
Great Hiroshima with Python 170830
Great Hiroshima with Python 170830Great Hiroshima with Python 170830
Great Hiroshima with Python 170830Takuya Nishimoto
 
Monitoramento ambiental e alertas visuais com Zabbix - 3º Zabbix Meetup do In...
Monitoramento ambiental e alertas visuais com Zabbix - 3º Zabbix Meetup do In...Monitoramento ambiental e alertas visuais com Zabbix - 3º Zabbix Meetup do In...
Monitoramento ambiental e alertas visuais com Zabbix - 3º Zabbix Meetup do In...Zabbix BR
 
Prosess accouting
Prosess accoutingProsess accouting
Prosess accoutingTorstein Hansen
 
AMDGPU ROCm Tensorflow 1.8 install memo (not support Ubuntu 1804)
AMDGPU ROCm Tensorflow 1.8 install memo (not support Ubuntu 1804)AMDGPU ROCm Tensorflow 1.8 install memo (not support Ubuntu 1804)
AMDGPU ROCm Tensorflow 1.8 install memo (not support Ubuntu 1804)Naoto MATSUMOTO
 
[Velocity Ignite] Petascale Storage
[Velocity Ignite] Petascale Storage[Velocity Ignite] Petascale Storage
[Velocity Ignite] Petascale StorageTim Lossen
 
Surf iOS版 中文用户指南
Surf iOS版 中文用户指南Surf iOS版 中文用户指南
Surf iOS版 中文用户指南yarshure Kong
 
Vagrant勉強会 チュートリアル編
Vagrant勉強会 チュートリアル編Vagrant勉強会 チュートリアル編
Vagrant勉強会 チュートリアル編Yasuyuki Sugai
 
The true story_of_hello_world
The true story_of_hello_worldThe true story_of_hello_world
The true story_of_hello_worldfantasy zheng
 
Beyond Golden Containers: Complementing Docker with Puppet
Beyond Golden Containers: Complementing Docker with PuppetBeyond Golden Containers: Complementing Docker with Puppet
Beyond Golden Containers: Complementing Docker with Puppetlutter
 
Os Practical Assignment 1
Os Practical Assignment 1Os Practical Assignment 1
Os Practical Assignment 1Emmanuel Garcia
 
OOP for Hardware Verification--Demystified!
OOP for Hardware Verification--Demystified! OOP for Hardware Verification--Demystified!
OOP for Hardware Verification--Demystified! DVClub
 
Les évolutions adaptatives
Les évolutions adaptativesLes évolutions adaptatives
Les évolutions adaptativesRESPONSIV
 
The Coming Intelligent Digital Assistant Era and Its Impact on Online Platforms
The Coming Intelligent Digital Assistant Era and Its Impact on Online PlatformsThe Coming Intelligent Digital Assistant Era and Its Impact on Online Platforms
The Coming Intelligent Digital Assistant Era and Its Impact on Online PlatformsCognizant
 

More Related Content

What's hot

A3 sec -_msr_2.0
A3 sec -_msr_2.0A3 sec -_msr_2.0
A3 sec -_msr_2.0a3sec
 
RabbitMQ Server - cheat sheet -
RabbitMQ Server - cheat sheet -RabbitMQ Server - cheat sheet -
RabbitMQ Server - cheat sheet -Naoto MATSUMOTO
 
Building packages through emulation by Sean Bruno
Building packages through emulation by Sean BrunoBuilding packages through emulation by Sean Bruno
Building packages through emulation by Sean Brunoeurobsdcon
 
Petascale Storage -- Do It Yourself!
Petascale Storage -- Do It Yourself!Petascale Storage -- Do It Yourself!
Petascale Storage -- Do It Yourself!Tim Lossen
 
Internet of Things Magic Show
Internet of Things Magic ShowInternet of Things Magic Show
Internet of Things Magic ShowStephen Chin
 
Kernel Recipes 2015: Introduction to Kernel Power Management
Kernel Recipes 2015: Introduction to Kernel Power ManagementKernel Recipes 2015: Introduction to Kernel Power Management
Kernel Recipes 2015: Introduction to Kernel Power ManagementAnne Nicolas
 
Great Hiroshima with Python 170830
Great Hiroshima with Python 170830Great Hiroshima with Python 170830
Great Hiroshima with Python 170830Takuya Nishimoto
 
Monitoramento ambiental e alertas visuais com Zabbix - 3º Zabbix Meetup do In...
Monitoramento ambiental e alertas visuais com Zabbix - 3º Zabbix Meetup do In...Monitoramento ambiental e alertas visuais com Zabbix - 3º Zabbix Meetup do In...
Monitoramento ambiental e alertas visuais com Zabbix - 3º Zabbix Meetup do In...Zabbix BR
 
AMDGPU ROCm Tensorflow 1.8 install memo (not support Ubuntu 1804)
AMDGPU ROCm Tensorflow 1.8 install memo (not support Ubuntu 1804)AMDGPU ROCm Tensorflow 1.8 install memo (not support Ubuntu 1804)
AMDGPU ROCm Tensorflow 1.8 install memo (not support Ubuntu 1804)Naoto MATSUMOTO
 
[Velocity Ignite] Petascale Storage
[Velocity Ignite] Petascale Storage[Velocity Ignite] Petascale Storage
[Velocity Ignite] Petascale StorageTim Lossen
 
Surf iOS版 中文用户指南
Surf iOS版 中文用户指南Surf iOS版 中文用户指南
Surf iOS版 中文用户指南yarshure Kong
 
Vagrant勉強会 チュートリアル編
Vagrant勉強会 チュートリアル編Vagrant勉強会 チュートリアル編
Vagrant勉強会 チュートリアル編Yasuyuki Sugai
 
The true story_of_hello_world
The true story_of_hello_worldThe true story_of_hello_world
The true story_of_hello_worldfantasy zheng
 
Beyond Golden Containers: Complementing Docker with Puppet
Beyond Golden Containers: Complementing Docker with PuppetBeyond Golden Containers: Complementing Docker with Puppet
Beyond Golden Containers: Complementing Docker with Puppetlutter
 
Os Practical Assignment 1
Os Practical Assignment 1Os Practical Assignment 1
Os Practical Assignment 1Emmanuel Garcia
 
OOP for Hardware Verification--Demystified!
OOP for Hardware Verification--Demystified! OOP for Hardware Verification--Demystified!
OOP for Hardware Verification--Demystified! DVClub
 

What's hot (20)

Vi
ViVi
Vi
 
A3 sec -_msr_2.0
A3 sec -_msr_2.0A3 sec -_msr_2.0
A3 sec -_msr_2.0
 
SPICE Model of M1FE60(PDF)
SPICE Model of M1FE60(PDF)SPICE Model of M1FE60(PDF)
SPICE Model of M1FE60(PDF)
 
RabbitMQ Server - cheat sheet -
RabbitMQ Server - cheat sheet -RabbitMQ Server - cheat sheet -
RabbitMQ Server - cheat sheet -
 
Building packages through emulation by Sean Bruno
Building packages through emulation by Sean BrunoBuilding packages through emulation by Sean Bruno
Building packages through emulation by Sean Bruno
 
Petascale Storage -- Do It Yourself!
Petascale Storage -- Do It Yourself!Petascale Storage -- Do It Yourself!
Petascale Storage -- Do It Yourself!
 
PORTIQUE VERIF
PORTIQUE VERIFPORTIQUE VERIF
PORTIQUE VERIF
 
Internet of Things Magic Show
Internet of Things Magic ShowInternet of Things Magic Show
Internet of Things Magic Show
 
Kernel Recipes 2015: Introduction to Kernel Power Management
Kernel Recipes 2015: Introduction to Kernel Power ManagementKernel Recipes 2015: Introduction to Kernel Power Management
Kernel Recipes 2015: Introduction to Kernel Power Management
 
Great Hiroshima with Python 170830
Great Hiroshima with Python 170830Great Hiroshima with Python 170830
Great Hiroshima with Python 170830
 
Monitoramento ambiental e alertas visuais com Zabbix - 3º Zabbix Meetup do In...
Monitoramento ambiental e alertas visuais com Zabbix - 3º Zabbix Meetup do In...Monitoramento ambiental e alertas visuais com Zabbix - 3º Zabbix Meetup do In...
Monitoramento ambiental e alertas visuais com Zabbix - 3º Zabbix Meetup do In...
 
Prosess accouting
Prosess accoutingProsess accouting
Prosess accouting
 
AMDGPU ROCm Tensorflow 1.8 install memo (not support Ubuntu 1804)
AMDGPU ROCm Tensorflow 1.8 install memo (not support Ubuntu 1804)AMDGPU ROCm Tensorflow 1.8 install memo (not support Ubuntu 1804)
AMDGPU ROCm Tensorflow 1.8 install memo (not support Ubuntu 1804)
 
[Velocity Ignite] Petascale Storage
[Velocity Ignite] Petascale Storage[Velocity Ignite] Petascale Storage
[Velocity Ignite] Petascale Storage
 
Surf iOS版 中文用户指南
Surf iOS版 中文用户指南Surf iOS版 中文用户指南
Surf iOS版 中文用户指南
 
Vagrant勉強会 チュートリアル編
Vagrant勉強会 チュートリアル編Vagrant勉強会 チュートリアル編
Vagrant勉強会 チュートリアル編
 
The true story_of_hello_world
The true story_of_hello_worldThe true story_of_hello_world
The true story_of_hello_world
 
Beyond Golden Containers: Complementing Docker with Puppet
Beyond Golden Containers: Complementing Docker with PuppetBeyond Golden Containers: Complementing Docker with Puppet
Beyond Golden Containers: Complementing Docker with Puppet
 
Os Practical Assignment 1
Os Practical Assignment 1Os Practical Assignment 1
Os Practical Assignment 1
 
OOP for Hardware Verification--Demystified!
OOP for Hardware Verification--Demystified! OOP for Hardware Verification--Demystified!
OOP for Hardware Verification--Demystified!
 

Viewers also liked

Les évolutions adaptatives
Les évolutions adaptativesLes évolutions adaptatives
Les évolutions adaptativesRESPONSIV
 
The Coming Intelligent Digital Assistant Era and Its Impact on Online Platforms
The Coming Intelligent Digital Assistant Era and Its Impact on Online PlatformsThe Coming Intelligent Digital Assistant Era and Its Impact on Online Platforms
The Coming Intelligent Digital Assistant Era and Its Impact on Online PlatformsCognizant
 
GDD - GUILD Driven Development
GDD - GUILD Driven DevelopmentGDD - GUILD Driven Development
GDD - GUILD Driven DevelopmentCarlos Correia
 
Help us transform Italian Public Administration! - Team per la Trasformazione...
Help us transform Italian Public Administration! - Team per la Trasformazione...Help us transform Italian Public Administration! - Team per la Trasformazione...
Help us transform Italian Public Administration! - Team per la Trasformazione...Team per la Trasformazione Digitale
 
Missing Action Plan (May 2015)
Missing Action Plan (May 2015)Missing Action Plan (May 2015)
Missing Action Plan (May 2015)Victoria Gaitskell
 
Kitchen Cabinet Design Trends in Virginia
Kitchen Cabinet Design Trends in VirginiaKitchen Cabinet Design Trends in Virginia
Kitchen Cabinet Design Trends in VirginiaMaria Wilson
 
SI-PI, Khristina Damayanti, Hapzi Ali, Isu Sosial Dan Etika Dalam Sistem Info...
SI-PI, Khristina Damayanti, Hapzi Ali, Isu Sosial Dan Etika Dalam Sistem Info...SI-PI, Khristina Damayanti, Hapzi Ali, Isu Sosial Dan Etika Dalam Sistem Info...
SI-PI, Khristina Damayanti, Hapzi Ali, Isu Sosial Dan Etika Dalam Sistem Info...khristina damayanti
 

Viewers also liked (9)

Les évolutions adaptatives
Les évolutions adaptativesLes évolutions adaptatives
Les évolutions adaptatives
 
The Coming Intelligent Digital Assistant Era and Its Impact on Online Platforms
The Coming Intelligent Digital Assistant Era and Its Impact on Online PlatformsThe Coming Intelligent Digital Assistant Era and Its Impact on Online Platforms
The Coming Intelligent Digital Assistant Era and Its Impact on Online Platforms
 
GDD - GUILD Driven Development
GDD - GUILD Driven DevelopmentGDD - GUILD Driven Development
GDD - GUILD Driven Development
 
Storyboard
StoryboardStoryboard
Storyboard
 
Help us transform Italian Public Administration! - Team per la Trasformazione...
Help us transform Italian Public Administration! - Team per la Trasformazione...Help us transform Italian Public Administration! - Team per la Trasformazione...
Help us transform Italian Public Administration! - Team per la Trasformazione...
 
Missing Action Plan (May 2015)
Missing Action Plan (May 2015)Missing Action Plan (May 2015)
Missing Action Plan (May 2015)
 
Kitchen Cabinet Design Trends in Virginia
Kitchen Cabinet Design Trends in VirginiaKitchen Cabinet Design Trends in Virginia
Kitchen Cabinet Design Trends in Virginia
 
SI-PI, Khristina Damayanti, Hapzi Ali, Isu Sosial Dan Etika Dalam Sistem Info...
SI-PI, Khristina Damayanti, Hapzi Ali, Isu Sosial Dan Etika Dalam Sistem Info...SI-PI, Khristina Damayanti, Hapzi Ali, Isu Sosial Dan Etika Dalam Sistem Info...
SI-PI, Khristina Damayanti, Hapzi Ali, Isu Sosial Dan Etika Dalam Sistem Info...
 
Poseidon Adventures
Poseidon AdventuresPoseidon Adventures
Poseidon Adventures
 

Similar to Cannot observe ingress packets

Ipv6 test plan for opnfv poc v2.2 spirent-vctlab
Ipv6 test plan for opnfv poc v2.2 spirent-vctlabIpv6 test plan for opnfv poc v2.2 spirent-vctlab
Ipv6 test plan for opnfv poc v2.2 spirent-vctlabIben Rodriguez
 
Open stack advanced_part
Open stack advanced_partOpen stack advanced_part
Open stack advanced_partlilliput12
 
SAS (Secure Active Switch)
SAS (Secure Active Switch)SAS (Secure Active Switch)
SAS (Secure Active Switch)Security Date
 
metadatacoreProperties.xmlModel2015-07-13T030104Zthua3267th.docx
metadatacoreProperties.xmlModel2015-07-13T030104Zthua3267th.docxmetadatacoreProperties.xmlModel2015-07-13T030104Zthua3267th.docx
metadatacoreProperties.xmlModel2015-07-13T030104Zthua3267th.docxARIV4
 
Odl010024 qin q laboratory exercise guide issue1
Odl010024 qin q laboratory exercise guide issue1Odl010024 qin q laboratory exercise guide issue1
Odl010024 qin q laboratory exercise guide issue1jcbp_peru
 
Kernelvm 201312-dlmopen
Kernelvm 201312-dlmopenKernelvm 201312-dlmopen
Kernelvm 201312-dlmopenHajime Tazaki
 
SDN Training - Open daylight installation + example with mininet
SDN Training - Open daylight installation + example with mininetSDN Training - Open daylight installation + example with mininet
SDN Training - Open daylight installation + example with mininetSAMeh Zaghloul
 
Mac ip snmp
Mac ip snmpMac ip snmp
Mac ip snmpgielth01
 
OpenStack networking
OpenStack networkingOpenStack networking
OpenStack networkingSim Janghoon
 
Debugging Ruby
Debugging RubyDebugging Ruby
Debugging RubyAman Gupta
 
VoiceBootcamp Ccnp collaboration lab guide v1.0 sample
VoiceBootcamp Ccnp collaboration lab guide v1.0 sampleVoiceBootcamp Ccnp collaboration lab guide v1.0 sample
VoiceBootcamp Ccnp collaboration lab guide v1.0 sampleFaisal Khan
 
Vista 1600 c epon olt quick start manual(r1.2)
Vista 1600 c epon olt quick start manual(r1.2)Vista 1600 c epon olt quick start manual(r1.2)
Vista 1600 c epon olt quick start manual(r1.2)Shanxi Cai
 
OSDC 2017 - Werner Fischer - Linux performance profiling and monitoring
OSDC 2017 - Werner Fischer - Linux performance profiling and monitoringOSDC 2017 - Werner Fischer - Linux performance profiling and monitoring
OSDC 2017 - Werner Fischer - Linux performance profiling and monitoringNETWAYS
 
Open daylight and Openstack
Open daylight and OpenstackOpen daylight and Openstack
Open daylight and OpenstackDave Neary
 
Embedded Recipes 2019 - Introduction to JTAG debugging
Embedded Recipes 2019 - Introduction to JTAG debuggingEmbedded Recipes 2019 - Introduction to JTAG debugging
Embedded Recipes 2019 - Introduction to JTAG debuggingAnne Nicolas
 

Similar to Cannot observe ingress packets (20)

Ipv6 test plan for opnfv poc v2.2 spirent-vctlab
Ipv6 test plan for opnfv poc v2.2 spirent-vctlabIpv6 test plan for opnfv poc v2.2 spirent-vctlab
Ipv6 test plan for opnfv poc v2.2 spirent-vctlab
 
Open stack advanced_part
Open stack advanced_partOpen stack advanced_part
Open stack advanced_part
 
SAS (Secure Active Switch)
SAS (Secure Active Switch)SAS (Secure Active Switch)
SAS (Secure Active Switch)
 
metadatacoreProperties.xmlModel2015-07-13T030104Zthua3267th.docx
metadatacoreProperties.xmlModel2015-07-13T030104Zthua3267th.docxmetadatacoreProperties.xmlModel2015-07-13T030104Zthua3267th.docx
metadatacoreProperties.xmlModel2015-07-13T030104Zthua3267th.docx
 
Odl010024 qin q laboratory exercise guide issue1
Odl010024 qin q laboratory exercise guide issue1Odl010024 qin q laboratory exercise guide issue1
Odl010024 qin q laboratory exercise guide issue1
 
Kernelvm 201312-dlmopen
Kernelvm 201312-dlmopenKernelvm 201312-dlmopen
Kernelvm 201312-dlmopen
 
SDN Training - Open daylight installation + example with mininet
SDN Training - Open daylight installation + example with mininetSDN Training - Open daylight installation + example with mininet
SDN Training - Open daylight installation + example with mininet
 
Mac ip snmp
Mac ip snmpMac ip snmp
Mac ip snmp
 
OpenStack networking
OpenStack networkingOpenStack networking
OpenStack networking
 
Debugging Ruby
Debugging RubyDebugging Ruby
Debugging Ruby
 
VoiceBootcamp Ccnp collaboration lab guide v1.0 sample
VoiceBootcamp Ccnp collaboration lab guide v1.0 sampleVoiceBootcamp Ccnp collaboration lab guide v1.0 sample
VoiceBootcamp Ccnp collaboration lab guide v1.0 sample
 
Configure vtp
Configure vtpConfigure vtp
Configure vtp
 
Vista 1600 c epon olt quick start manual(r1.2)
Vista 1600 c epon olt quick start manual(r1.2)Vista 1600 c epon olt quick start manual(r1.2)
Vista 1600 c epon olt quick start manual(r1.2)
 
OSDC 2017 - Werner Fischer - Linux performance profiling and monitoring
OSDC 2017 - Werner Fischer - Linux performance profiling and monitoringOSDC 2017 - Werner Fischer - Linux performance profiling and monitoring
OSDC 2017 - Werner Fischer - Linux performance profiling and monitoring
 
18763980 ccna-lab-manual-640802-ii-2009-ii
18763980 ccna-lab-manual-640802-ii-2009-ii18763980 ccna-lab-manual-640802-ii-2009-ii
18763980 ccna-lab-manual-640802-ii-2009-ii
 
18763980 ccna-lab-manual-640802-ii-2009-ii
18763980 ccna-lab-manual-640802-ii-2009-ii18763980 ccna-lab-manual-640802-ii-2009-ii
18763980 ccna-lab-manual-640802-ii-2009-ii
 
18763980 ccna-lab-manual-640802-ii-2009-ii
18763980 ccna-lab-manual-640802-ii-2009-ii18763980 ccna-lab-manual-640802-ii-2009-ii
18763980 ccna-lab-manual-640802-ii-2009-ii
 
Open daylight and Openstack
Open daylight and OpenstackOpen daylight and Openstack
Open daylight and Openstack
 
ACI MultiPod 구성
ACI MultiPod 구성ACI MultiPod 구성
ACI MultiPod 구성
 
Embedded Recipes 2019 - Introduction to JTAG debugging
Embedded Recipes 2019 - Introduction to JTAG debuggingEmbedded Recipes 2019 - Introduction to JTAG debugging
Embedded Recipes 2019 - Introduction to JTAG debugging
 

Recently uploaded

Professional Resume Template for Software Developers
Professional Resume Template for Software DevelopersProfessional Resume Template for Software Developers
Professional Resume Template for Software DevelopersVinodh Ram
 
Hand gesture recognition PROJECT PPT.pptx
Hand gesture recognition PROJECT PPT.pptxHand gesture recognition PROJECT PPT.pptx
Hand gesture recognition PROJECT PPT.pptxbodapatigopi8531
 
Shapes for Sharing between Graph Data Spaces - and Epistemic Querying of RDF-...
Shapes for Sharing between Graph Data Spaces - and Epistemic Querying of RDF-...Shapes for Sharing between Graph Data Spaces - and Epistemic Querying of RDF-...
Shapes for Sharing between Graph Data Spaces - and Epistemic Querying of RDF-...Steffen Staab
 
Unveiling the Tech Salsa of LAMs with Janus in Real-Time Applications
Unveiling the Tech Salsa of LAMs with Janus in Real-Time ApplicationsUnveiling the Tech Salsa of LAMs with Janus in Real-Time Applications
Unveiling the Tech Salsa of LAMs with Janus in Real-Time ApplicationsAlberto González Trastoy
 
Salesforce Certified Field Service Consultant
Salesforce Certified Field Service ConsultantSalesforce Certified Field Service Consultant
Salesforce Certified Field Service ConsultantAxelRicardoTrocheRiq
 
why an Opensea Clone Script might be your perfect match.pdf
why an Opensea Clone Script might be your perfect match.pdfwhy an Opensea Clone Script might be your perfect match.pdf
why an Opensea Clone Script might be your perfect match.pdfjoe51371421
 
TECUNIQUE: Success Stories: IT Service provider
TECUNIQUE: Success Stories: IT Service providerTECUNIQUE: Success Stories: IT Service provider
TECUNIQUE: Success Stories: IT Service providermohitmore19
 
Active Directory Penetration Testing, cionsystems.com.pdf
Active Directory Penetration Testing, cionsystems.com.pdfActive Directory Penetration Testing, cionsystems.com.pdf
Active Directory Penetration Testing, cionsystems.com.pdfCionsystems
 
The Real-World Challenges of Medical Device Cybersecurity- Mitigating Vulnera...
The Real-World Challenges of Medical Device Cybersecurity- Mitigating Vulnera...The Real-World Challenges of Medical Device Cybersecurity- Mitigating Vulnera...
The Real-World Challenges of Medical Device Cybersecurity- Mitigating Vulnera...ICS
 
Diamond Application Development Crafting Solutions with Precision
Diamond Application Development Crafting Solutions with PrecisionDiamond Application Development Crafting Solutions with Precision
Diamond Application Development Crafting Solutions with PrecisionSolGuruz
 
DNT_Corporate presentation know about us
DNT_Corporate presentation know about usDNT_Corporate presentation know about us
DNT_Corporate presentation know about usDynamic Netsoft
 
Try MyIntelliAccount Cloud Accounting Software As A Service Solution Risk Fre...
Try MyIntelliAccount Cloud Accounting Software As A Service Solution Risk Fre...Try MyIntelliAccount Cloud Accounting Software As A Service Solution Risk Fre...
Try MyIntelliAccount Cloud Accounting Software As A Service Solution Risk Fre...MyIntelliSource, Inc.
 
HR Software Buyers Guide in 2024 - HRSoftware.com
HR Software Buyers Guide in 2024 - HRSoftware.comHR Software Buyers Guide in 2024 - HRSoftware.com
HR Software Buyers Guide in 2024 - HRSoftware.comFatema Valibhai
 
Software Quality Assurance Interview Questions
Software Quality Assurance Interview QuestionsSoftware Quality Assurance Interview Questions
Software Quality Assurance Interview QuestionsArshad QA
 
Short Story: Unveiling the Reasoning Abilities of Large Language Models by Ke...
Short Story: Unveiling the Reasoning Abilities of Large Language Models by Ke...Short Story: Unveiling the Reasoning Abilities of Large Language Models by Ke...
Short Story: Unveiling the Reasoning Abilities of Large Language Models by Ke...kellynguyen01
 
Unlocking the Future of AI Agents with Large Language Models
Unlocking the Future of AI Agents with Large Language ModelsUnlocking the Future of AI Agents with Large Language Models
Unlocking the Future of AI Agents with Large Language Modelsaagamshah0812
 
Clustering techniques data mining book ....
Clustering techniques data mining book ....Clustering techniques data mining book ....
Clustering techniques data mining book ....ShaimaaMohamedGalal
 

Recently uploaded (20)

Professional Resume Template for Software Developers
Professional Resume Template for Software DevelopersProfessional Resume Template for Software Developers
Professional Resume Template for Software Developers
 
Hand gesture recognition PROJECT PPT.pptx
Hand gesture recognition PROJECT PPT.pptxHand gesture recognition PROJECT PPT.pptx
Hand gesture recognition PROJECT PPT.pptx
 
Shapes for Sharing between Graph Data Spaces - and Epistemic Querying of RDF-...
Shapes for Sharing between Graph Data Spaces - and Epistemic Querying of RDF-...Shapes for Sharing between Graph Data Spaces - and Epistemic Querying of RDF-...
Shapes for Sharing between Graph Data Spaces - and Epistemic Querying of RDF-...
 
Unveiling the Tech Salsa of LAMs with Janus in Real-Time Applications
Unveiling the Tech Salsa of LAMs with Janus in Real-Time ApplicationsUnveiling the Tech Salsa of LAMs with Janus in Real-Time Applications
Unveiling the Tech Salsa of LAMs with Janus in Real-Time Applications
 
Salesforce Certified Field Service Consultant
Salesforce Certified Field Service ConsultantSalesforce Certified Field Service Consultant
Salesforce Certified Field Service Consultant
 
why an Opensea Clone Script might be your perfect match.pdf
why an Opensea Clone Script might be your perfect match.pdfwhy an Opensea Clone Script might be your perfect match.pdf
why an Opensea Clone Script might be your perfect match.pdf
 
TECUNIQUE: Success Stories: IT Service provider
TECUNIQUE: Success Stories: IT Service providerTECUNIQUE: Success Stories: IT Service provider
TECUNIQUE: Success Stories: IT Service provider
 
Active Directory Penetration Testing, cionsystems.com.pdf
Active Directory Penetration Testing, cionsystems.com.pdfActive Directory Penetration Testing, cionsystems.com.pdf
Active Directory Penetration Testing, cionsystems.com.pdf
 
Vip Call Girls Noida ➡️ Delhi ➡️ 9999965857 No Advance 24HRS Live
Vip Call Girls Noida ➡️ Delhi ➡️ 9999965857 No Advance 24HRS LiveVip Call Girls Noida ➡️ Delhi ➡️ 9999965857 No Advance 24HRS Live
Vip Call Girls Noida ➡️ Delhi ➡️ 9999965857 No Advance 24HRS Live
 
The Real-World Challenges of Medical Device Cybersecurity- Mitigating Vulnera...
The Real-World Challenges of Medical Device Cybersecurity- Mitigating Vulnera...The Real-World Challenges of Medical Device Cybersecurity- Mitigating Vulnera...
The Real-World Challenges of Medical Device Cybersecurity- Mitigating Vulnera...
 
Exploring iOS App Development: Simplifying the Process
Exploring iOS App Development: Simplifying the ProcessExploring iOS App Development: Simplifying the Process
Exploring iOS App Development: Simplifying the Process
 
Diamond Application Development Crafting Solutions with Precision
Diamond Application Development Crafting Solutions with PrecisionDiamond Application Development Crafting Solutions with Precision
Diamond Application Development Crafting Solutions with Precision
 
DNT_Corporate presentation know about us
DNT_Corporate presentation know about usDNT_Corporate presentation know about us
DNT_Corporate presentation know about us
 
Try MyIntelliAccount Cloud Accounting Software As A Service Solution Risk Fre...
Try MyIntelliAccount Cloud Accounting Software As A Service Solution Risk Fre...Try MyIntelliAccount Cloud Accounting Software As A Service Solution Risk Fre...
Try MyIntelliAccount Cloud Accounting Software As A Service Solution Risk Fre...
 
HR Software Buyers Guide in 2024 - HRSoftware.com
HR Software Buyers Guide in 2024 - HRSoftware.comHR Software Buyers Guide in 2024 - HRSoftware.com
HR Software Buyers Guide in 2024 - HRSoftware.com
 
CHEAP Call Girls in Pushp Vihar (-DELHI )🔝 9953056974🔝(=)/CALL GIRLS SERVICE
CHEAP Call Girls in Pushp Vihar (-DELHI )🔝 9953056974🔝(=)/CALL GIRLS SERVICECHEAP Call Girls in Pushp Vihar (-DELHI )🔝 9953056974🔝(=)/CALL GIRLS SERVICE
CHEAP Call Girls in Pushp Vihar (-DELHI )🔝 9953056974🔝(=)/CALL GIRLS SERVICE
 
Software Quality Assurance Interview Questions
Software Quality Assurance Interview QuestionsSoftware Quality Assurance Interview Questions
Software Quality Assurance Interview Questions
 
Short Story: Unveiling the Reasoning Abilities of Large Language Models by Ke...
Short Story: Unveiling the Reasoning Abilities of Large Language Models by Ke...Short Story: Unveiling the Reasoning Abilities of Large Language Models by Ke...
Short Story: Unveiling the Reasoning Abilities of Large Language Models by Ke...
 
Unlocking the Future of AI Agents with Large Language Models
Unlocking the Future of AI Agents with Large Language ModelsUnlocking the Future of AI Agents with Large Language Models
Unlocking the Future of AI Agents with Large Language Models
 
Clustering techniques data mining book ....
Clustering techniques data mining book ....Clustering techniques data mining book ....
Clustering techniques data mining book ....
 

Cannot observe ingress packets

  • 1. Copyright 2016 FUJITSU LABORATORIES LTD. Cannot observe ingress packets Kazuhiro Suzuki 2016/7/20 Fujitsu Laboratories Ltd. 0
  • 2. We cannot observe ingress packets on Monitor  Test Bet  Flow entries for Ingress packets defined in br-int. Copyright 2016 FUJITSU LABORATORIES LTD. 1. cookie=0x0, duration=601700.446s, table=0, n_packets=44, n_bytes=1848, idle_age=65534, hard_age=65534, priority=20,dl_vlan=1,dl_dst=01:00:00:00:00:00/01:00:00:00: 00:00 actions=NORMAL,mod_vlan_vid:3901,output:5 2. cookie=0x0, duration=599507.935s, table=0, n_packets=0, n_bytes=0, idle_age=65534, hard_age=65534, priority=20,dl_vlan=1,dl_dst=fa:16:3e:bd:77:8f actions=NORMAL,mod_vlan_vid:3901,output:5 VM1Monitor VM0 MAC:fa:16:3e:bd:77:8f br_int br_tapPort Mirroring ping 5 1
  • 3. We observed packets on Monitor VM  When VM0 and VM1 are running on the same host, we can observe only egress packets at the port of VM1, ingress packets cannot be observed. Copyright 2016 FUJITSU LABORATORIES LTD. $ tcpdump -e -n -i eth1 06:23:18.062505 fa:16:3e:bd:77:8f > fa:16:3e:8c:54:e3, ethertype 802.1Q (0x8100), length 102: vlan 2, p 0, ethertype IPv4, 192.168.1.3 > 192.168.1.6: ICMP echo reply, id 926, seq 12152, length 64 06:23:19.063943 fa:16:3e:bd:77:8f > fa:16:3e:8c:54:e3, ethertype 802.1Q (0x8100), length 102: vlan 2, p 0, ethertype IPv4, 192.168.1.3 > 192.168.1.6: ICMP echo reply, id 926, seq 12153, length 64 VM1Monitor VM0 br_int br_tapPort Mirroring ping 5 tcpdump 2
  • 4. Copyright 2016 FUJITSU LABORATORIES LTD.  We checked packets which go through VM0 port using tcpdump Packet observation in VM0 $ sudo tcpdump -n -e -i dummy0 14:52:57.774417 fa:16:3e:8c:54:e3 > fa:16:3e:bd:77:8f, ethertype 802.1Q (0x8100), length 102: vlan 1, p 0, ethertype IPv4, 192.168.1.6 > 192.168.1.3: ICMP echo request, id 926, seq 10334, length 64 14:52:57.774874 fa:16:3e:bd:77:8f > fa:16:3e:8c:54:e3, ethertype 802.1Q (0x8100), length 102: vlan 1, p 0, ethertype IPv4, 192.168.1.3 > 192.168.1.6: ICMP echo reply, id 926, seq 10334, length 64 VM1Monitor VM0 br_int br_tapPort Mirroring ping 5 tcpdump 3
  • 5.  We also checked packets at VM1  Both ingress packets observed at VM0 and VM1 have vlan id 1, but the flow entry for ingress packets is not evaluated. VM1Monitor VM0 br_int br_tapPort Mirroring ping 5 Copyright 2016 FUJITSU LABORATORIES LTD. Packet observation in VM1 $ sudo tcpdump -n -e -i dummy0 14:46:33.258666 fa:16:3e:8c:54:e3 > fa:16:3e:bd:77:8f, ethertype 802.1Q (0x8100), length 102: vlan 1, p 0, ethertype IPv4, 192.168.1.6 > 192.168.1.3: ICMP echo request, id 926, seq 9950, length 64 14:46:33.258901 fa:16:3e:bd:77:8f > fa:16:3e:8c:54:e3, ethertype 802.1Q (0x8100), length 102: vlan 1, p 0, ethertype IPv4, 192.168.1.3 > 192.168.1.6: ICMP echo reply, id 926, seq 9950, length 64 tcpdump 4
  • 6. We modified a flow entry of TapFlow  We can observe both direction(egress and ingress) on Monitor when “dl_vlan=1” is removed from the ingress flow entries. Copyright 2016 FUJITSU LABORATORIES LTD. $ tcpdump -e -n -i eth1 06:23:18.062505 fa:16:3e:bd:77:8f > fa:16:3e:8c:54:e3, ethertype 802.1Q (0x8100), length 102: vlan 2, p 0, ethertype IPv4, 192.168.1.3 > 192.168.1.6: ICMP echo reply, id 926, seq 12152, length 64 06:23:19.063943 fa:16:3e:bd:77:8f > fa:16:3e:8c:54:e3, ethertype 802.1Q (0x8100), length 102: vlan 2, p 0, ethertype IPv4, 192.168.1.3 > 192.168.1.6: ICMP echo reply, id 926, seq 12153, length 64 VM1Monitor VM0 br_int br_tapPort Mirroring ping 5 tcpdump 5