cannot get promiscuous mode to work with xenserver



  • Hi everybody

    i have xenserver Host with 2 NIC, i installed 2 VM on it, i bridged the 2 PIF to one VM , this VM has now 2 VIF, VIF0 bridged with PIF0 and VIF1 bridged with PIF1,
    PIF0 is connected to the LAN, PIF1 is connected to a mirroring port on the switch (sniffing all traffic ti record voip calls)

    i have already execute the following command :

    xe pif-param-set uuid=<uuid_of_pif> other-config:promiscuous="true"
    xe pif-param-list uuid=<uuid_of_pif>

    xe vif-param-set uuid=<uuid_of_vif> other-config:promiscuous="true"
    xe vif-param-list uuid=<uuid_of_vif>

    xe vif-unplug uuid=<uuid_of_vif>
    xe vif-plug uuid=<uuid_of_vif>

    i tried both :
    xe-switch-network-backend bridge
    xe-switch-network-backend openvswitch

    it is so frustrating, i spend hours in this



  • knowing that PIF1 get the whole traffic (i checked that by tcpdump -i eth1)
    the problem reside in VIF1, PIF1 not mirroring the traffic ti VIF1,



  • also xenbr1 catch all traffic



  • something weird, i have only these interfaces :
    eth0 eth1 lo vif1 vif2 xenbr0 xenbr1

    i think normally i should have something like : vif0.1, vif0.2 bridged with eth0
    and vif1.1, vif1.2 bridged with eth1
    ???



  • tcpdump -i eth1
    sniff all traffic
    tcpdump -i xenbr1
    sniff all traffic
    tcpdump -i vif2
    tcpdump: vif2: No such device exists
    (SIOCGIFHWADDR: No such device)



  • ovs-vsctl show
    e3f94405-fc77-4be7-8e5d-85f824f24ac1
    Bridge "xenbr0"
    fail_mode: standalone
    Port "vif1.0"
    Interface "vif1.0"
    Port "eth0"
    Interface "eth0"
    Port "vif2.0"
    Interface "vif2.0"
    Port "xenbr0"
    Interface "xenbr0"
    type: internal
    Bridge "xenbr1"
    fail_mode: standalone
    Port "xenbr1"
    Interface "xenbr1"
    type: internal
    Port "vif2.1"
    Interface "vif2.1"
    Port "eth1"
    Interface "eth1"
    Port "vif1.1"
    Interface "vif1.1"
    ovs_version: "2.1.3"



  • i still cannot get this done, after reading some documentation i realized that xenserver has promiscuous mode issue in 6.5 and people complaining about that in citrix official support website,
    i think it is time to shift to vmware ESXI, i hope i can manage myself with it


  • Service Provider

    Sorry that none of us have run into this issue. Why do you need promiscuous mode?



  • because i have an application that record voip calls, it need to catch the whole traffic, i configured a mirroring port on my switch that send all traffic to this VM, but unfortunately i was unable to get promiscuous mode working



  • I don't know if you've read these but they may be of assistance.

    http://support.citrix.com/content/dam/supportWS/kA560000000Ts7qCAC/XenServer_6.5.0_Technical_FAQ.pdf

    and

    http://support.citrix.com/article/CTX121729

    The second link has a full How-To for setting promiscuous mode.



  • Here is a response from a rather versed XenServer guide on their forums, even pointing to the same article.

    "Tobias Kreidl MEMBERS
    #4

    16,019 posts
    Posted 14 March 2015 - 03:30 AM
    Is this what you are looking for?: http://support.citrix.com/article/CTX116493

    -=Tobias"



  • Thank you @DustinB3403 , but unfortunately i have tried all of this before and maybe more than this but without any result



Looks like your connection to MangoLassi was lost, please wait while we try to reconnect.