4.2. Mirroring packet from a VM¶

This section describes a usage for mirroring from a VM to other VM through spp_mirror. Traffic from host2 is forwarded to each VM inside host1 thorough spp_vf. spp_vf is required in usecase to forward traffic from host NIC to each VM.

Fig. 4.6 Mirroring from a VM

4.2.1. Network Configuration¶

Detailed configuration of Fig. 4.6 is described in Fig. 4.7. In this senario, incoming packets though ring1 are mirrored. In spp_mirror process, worker thread mirror1 copies incoming packets and sends to orignal destination VM1 and new one VM3.

Fig. 4.7 Network configuration of mirroring

4.2.2. Setup SPP and VMs¶

Launch spp-ctl before launching SPP primary and secondary processes. You also need to launch spp.py if you use spp_vf from CLI. -b option is for binding IP address to communicate other SPP processes, but no need to give it explicitly if 127.0.0.1 or localhost although doing explicitly in this example to be more understandable.

$cd /path/to/spp

# Launch spp-ctl and spp.py
$ python3 ./src/spp-ctl/spp-ctl -b 127.0.0.1
$ python ./src/spp.py -b 127.0.0.1

Start spp_primary with core list option -l 1. It should be started with -n 16 for giving enough number of rings.

# Type the following in different terminal
$ sudo ./src/primary/x86_64-native-linuxapp-gcc/spp_primary \
    -l 1 -n 4 \
    --socket-mem 512,512 \
    --huge-dir=/run/hugepages/kvm \
    --proc-type=primary \
    -- \
    -p 0x03 -n 16 -s 127.0.0.1:5555

4.2.2.1. Launch spp_vf¶

Launch VM1 as described in Setup for VMs, and launch spp_vf with core list -l 0,2-14 in this usecase.

$ sudo ./src/vf/x86_64-native-linuxapp-gcc/spp_vf \
    -l 0,2-14 -n 4 --proc-type=secondary \
    -- \
    --client-id 1 \
    -s 127.0.0.1:6666 \
    --vhost-client

Start components in spp_vf.

# start components
spp > vf 1; component start classifier 2 classifier_mac
spp > vf 1; component start merger 3 merge
spp > vf 1; component start forwarder1 4 forward
spp > vf 1; component start forwarder2 5 forward
spp > vf 1; component start forwarder3 6 forward
spp > vf 1; component start forwarder4 7 forward

Add ports for started components.

# add ports
spp > vf 1; port add phy:0 rx classifier
spp > vf 1; port add phy:0 tx merger
spp > vf 1; port add ring:0 tx classifier
spp > vf 1; port add ring:1 tx classifier
spp > vf 1; port add ring:0 rx forwarder1
spp > vf 1; port add ring:1 rx forwarder2
spp > vf 1; port add ring:2 rx merger
spp > vf 1; port add ring:3 rx merger
spp > vf 1; port add ring:2 tx forwarder3
spp > vf 1; port add ring:3 tx forwarder4
spp > vf 1; port add vhost:0 tx forwarder1
spp > vf 1; port add vhost:1 rx forwarder3
spp > vf 1; port add vhost:2 tx forwarder2
spp > vf 1; port add vhost:3 rx forwarder4

Add classifier table entries.

# add classifier table entry
spp > vf 1; classifier_table add mac 52:54:00:12:34:56 ring:0
spp > vf 1; classifier_table add mac 52:54:00:12:34:58 ring:1

To capture incoming packets on VM1, use tcpdump for the interface, ens4 in this case.

# capture on ens4 of VM1
$ tcpdump -i ens4

You send packets from the remote host1 and confirm packets are received.

# spp-vm1 via NIC0 from host1
$ ping 192.168.140.21

4.2.2.2. Launch spp_mirror¶

Change directory to spp and confirm that it is already compiled.

$ cd /path/to/spp

Run secondary process spp_mirror.

$ sudo ./src/mirror/x86_64-native-linuxapp-gcc/app/spp_mirror \
  -l 0,15 -n 4 --proc-type=secondary \
  -- \
  --client-id 2 \
  -s 127.0.0.1:6666 \
  --vhost-client

Note

For SPP secondary processes, client id given with --client-id option should not be overlapped each otherand. It is also the same for core list -l.

Start mirror component with core ID 15.

# Start component of spp_mirror on coreID 15
spp > sec 2; component start mirror1 15 mirror

Add ring:0 as rx ports and add ring:8 and ring:9 as tx port to mirror.

# mirror1
spp > mirror 2; port add ring:0 rx mirror1
spp > mirror 2; port add ring:8 tx mirror1
spp > mirror 2; port add ring:9 tx mirror1

Start merger3 with core ID 14.

# Start component of spp_vf on coreID 14
spp > vf 1; component start merger3 14 forward

Add ring:9 as rx port of merger3 and vhost:4 as tx port of merger3.

# merger3
spp > vf 1; port add ring:9 rx merger3
spp > vf 1; port add vhost:4 tx merger3

Delete ring:0 as rx port of forwarder1 and ring:8 as rx port of forwarder1.

# forward1
spp > vf 1; port del ring:0 rx forwarder1
spp > vf 1; port add ring:8 rx forwarder1

4.2.2.3. Receive packet on VM3¶

You can capture incoming packets on VM3. If you capture packet on VM1, the same packet would be captured.

# capture on ens4 fo VM1 and VM3
$ tcpdump -i ens4

Now, you can send packet from the remote host1.

# spp-vm1 via NIC0 from host1
$ ping 192.168.140.21

4.2.2.4. Stop Mirroring¶

Firstly, delete ports for components.

Delete ports for components.

# Delete port for mirror1
spp > mirror 2; port del ring:0 rx mirror1
spp > mirror 2; port del ring:8 tx mirror1
spp > mirror 2; port del ring:9 tx mirror1

# Delete port for merger3
spp > vf 1; port del ring:9 rx merger3
spp > vf 1; port del vhost:4 tx merger3

# Delete port for forwarder1
spp > vf 1; port del ring:8 rx forwarder1

Next, stop components.

# Stop mirror
spp > mirror 2; component stop mirror1 15 mirror

# Stop merger
spp > vf 1; component stop merger3 14 forward

Add port from classifier_mac1 to VM1.

# Add port from classifier_mac1 to VM1.
spp > vf 1; port add ring:0 rx forwarder1