[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: R: Re: [Xen-users] bridge and tcpdump

To: "rmarfisi@xxxxxxxxx" <rmarfisi@xxxxxxxxx>
From: "Javier Guerra" <javier@xxxxxxxxxxx>
Date: Wed, 17 Sep 2008 12:01:43 -0500
Cc: nice@xxxxxxxxxxxxxxx, xen <xen-users@xxxxxxxxxxxxxxxxxxx>
Delivery-date: Wed, 17 Sep 2008 10:02:23 -0700
List-id: Xen user discussion <xen-users.lists.xensource.com>

On Wed, Sep 17, 2008 at 11:46 AM, rmarfisi@xxxxxxxxx <rmarfisi@xxxxxxxxx> wrote:
> is possible capture the traffic in the same mode we can
> sniffing a LAN?

even on a real LAN, if your sniffer is on a switch, you won't see any
traffic not intended for you.

most programmable switches let you set a 'monitor' port, that gets
copies of other port(s) at the cost of performance (in the extreme
case, if you want to monitor all ports, performance becomes equivalent
to a hub)

> if the bridge can't capable, in other way is possible?

from Dom0 you can watch on the bridge itself.  i think that would show
all traffic.

also, you can watch on the virtual interface associated to a DomU, and
it will show all traffic to/from that DomU, from 'outside'

there are some userlevel tools that emulates a switch or a hub,
replacing the bridge on Dom0 with one of those tools (i think UML
includes one) might let you establish a 'monitor' DomU


-- 
Javier

_______________________________________________
Xen-users mailing list
Xen-users@xxxxxxxxxxxxxxxxxxx
http://lists.xensource.com/xen-users

References:
- R: Re: [Xen-users] bridge and tcpdump
  - From: rmarfisi@xxxxxxxxx

Prev by Date: R: Re: [Xen-users] bridge and tcpdump
Next by Date: Re: RES: [Xen-users] SAN + XEN + FC + LVM question(s)
Previous by thread: R: Re: [Xen-users] bridge and tcpdump
Next by thread: [Xen-users] BMC Remedy on xen?
Index(es):
- Date
- Thread

Lists.xenproject.org is hosted with RackSpace, monitoring our
servers 24x7x365 and backed by RackSpace's Fanatical Support®.