From: Ben Pfaff Date: Wed, 4 Sep 2013 20:36:40 +0000 (-0700) Subject: FAQ: Explain the two kinds of "promiscuous mode" and how to configure them. X-Git-Tag: sliver-openvswitch-2.0.90-1~16^2~30 X-Git-Url: http://git.onelab.eu/?a=commitdiff_plain;h=e253f7323f6ef7d4bab13e303c68db92ba7ce767;p=sliver-openvswitch.git FAQ: Explain the two kinds of "promiscuous mode" and how to configure them. Signed-off-by: Ben Pfaff --- diff --git a/FAQ b/FAQ index 75d90076b..a0eb1cd90 100644 --- a/FAQ +++ b/FAQ @@ -250,6 +250,40 @@ A: The following commands configure br0 with eth0 and tap0 as trunk ovs-vsctl clear bridge br0 mirrors +Q: Does Open vSwitch support configuring a port in promiscuous mode? + +A: Yes. How you configure it depends on what you mean by "promiscuous + mode": + + - Conventionally, "promiscuous mode" is a feature of a network + interface card. Ordinarily, a NIC passes to the CPU only the + packets actually destined to its host machine. It discards + the rest to avoid wasting memory and CPU cycles. When + promiscuous mode is enabled, however, it passes every packet + to the CPU. On an old-style shared-media or hub-based + network, this allows the host to spy on all packets on the + network. But in the switched networks that are almost + everywhere these days, promiscuous mode doesn't have much + effect, because few packets not destined to a host are + delivered to the host's NIC. + + This form of promiscuous mode is configured in the guest OS of + the VMs on your bridge, e.g. with "ifconfig". + + - The VMware vSwitch uses a different definition of "promiscuous + mode". When you configure promiscuous mode on a VMware vNIC, + the vSwitch sends a copy of every packet received by the + vSwitch to that vNIC. That has a much bigger effect than just + enabling promiscuous mode in a guest OS. Rather than getting + a few stray packets for which the switch does not yet know the + correct destination, the vNIC gets every packet. The effect + is similar to replacing the vSwitch by a virtual hub. + + This "promiscuous mode" is what switches normally call "port + mirroring" or "SPAN". For information on how to configure + SPAN, see "How do I configure a port as a SPAN port, that is, + enable mirroring of all traffic to that port?" + Q: How do I configure a VLAN as an RSPAN VLAN, that is, enable mirroring of all traffic to that VLAN?