cannot get promiscuous mode to work with xenserver

  • Hi everybody

    i have xenserver Host with 2 NIC, i installed 2 VM on it, i bridged the 2 PIF to one VM , this VM has now 2 VIF, VIF0 bridged with PIF0 and VIF1 bridged with PIF1,
    PIF0 is connected to the LAN, PIF1 is connected to a mirroring port on the switch (sniffing all traffic ti record voip calls)

    i have already execute the following command :

    xe pif-param-set uuid=<uuid_of_pif> other-config:promiscuous="true"
    xe pif-param-list uuid=<uuid_of_pif>

    xe vif-param-set uuid=<uuid_of_vif> other-config:promiscuous="true"
    xe vif-param-list uuid=<uuid_of_vif>

    xe vif-unplug uuid=<uuid_of_vif>
    xe vif-plug uuid=<uuid_of_vif>

    i tried both :
    xe-switch-network-backend bridge
    xe-switch-network-backend openvswitch

    it is so frustrating, i spend hours in this

  • knowing that PIF1 get the whole traffic (i checked that by tcpdump -i eth1)
    the problem reside in VIF1, PIF1 not mirroring the traffic ti VIF1,

  • also xenbr1 catch all traffic

  • something weird, i have only these interfaces :
    eth0 eth1 lo vif1 vif2 xenbr0 xenbr1

    i think normally i should have something like : vif0.1, vif0.2 bridged with eth0
    and vif1.1, vif1.2 bridged with eth1

  • tcpdump -i eth1
    sniff all traffic
    tcpdump -i xenbr1
    sniff all traffic
    tcpdump -i vif2
    tcpdump: vif2: No such device exists
    (SIOCGIFHWADDR: No such device)

  • ovs-vsctl show
    Bridge "xenbr0"
    fail_mode: standalone
    Port "vif1.0"
    Interface "vif1.0"
    Port "eth0"
    Interface "eth0"
    Port "vif2.0"
    Interface "vif2.0"
    Port "xenbr0"
    Interface "xenbr0"
    type: internal
    Bridge "xenbr1"
    fail_mode: standalone
    Port "xenbr1"
    Interface "xenbr1"
    type: internal
    Port "vif2.1"
    Interface "vif2.1"
    Port "eth1"
    Interface "eth1"
    Port "vif1.1"
    Interface "vif1.1"
    ovs_version: "2.1.3"

  • i still cannot get this done, after reading some documentation i realized that xenserver has promiscuous mode issue in 6.5 and people complaining about that in citrix official support website,
    i think it is time to shift to vmware ESXI, i hope i can manage myself with it

  • Sorry that none of us have run into this issue. Why do you need promiscuous mode?

  • because i have an application that record voip calls, it need to catch the whole traffic, i configured a mirroring port on my switch that send all traffic to this VM, but unfortunately i was unable to get promiscuous mode working

  • I don't know if you've read these but they may be of assistance.


    The second link has a full How-To for setting promiscuous mode.

  • Here is a response from a rather versed XenServer guide on their forums, even pointing to the same article.

    "Tobias Kreidl MEMBERS

    16,019 posts
    Posted 14 March 2015 - 03:30 AM
    Is this what you are looking for?:


  • Thank you @DustinB3403 , but unfortunately i have tried all of this before and maybe more than this but without any result