[Bro] Software frontend
Tyler T. Schoenke
Tyler.Schoenke at colorado.edu
Tue Dec 7 12:34:54 PST 2010
> Even if this does forward the packet to the eth1 interface (sending out
> of eth1 I assume), we haven't done the part where the packet goes from
> the interface to the right worker machine (which is done by rewriting
> the MAC address on the packet I suppose).
>
I had written a config to do that, but never tested it. Here are the
basics.
AddressInfo(mymac 10.0.0.1/8 1:1:1:1:1:1);
AddressInfo(worker1 10.0.0.2/8 2:2:2:2:2:2);
AddressInfo(worker2 10.0.0.3/8 3:3:3:3:3:3);
my_switch :: HashSwitch(26, 8);
FromDevice(eth1, PROMISC true, BURST 8 ) -> my_switch;
todevice1::ToDevice(eth2, ALLOW_NONEXISTENT true);
todevice2::ToDevice(eth3, ALLOW_NONEXISTENT true);
//example: my_switch[0] -> EtherEncap(0x0800, 1:1:1:1:1:1, 2:2:2:2:2:2)
-> Queue -> ToDevice(eth2, ALLOW_NONEXISTENT true);
my_switch[0] -> EtherEncap(0x0800, mymac, worker1) -> Queue -> todevice1;
my_switch[1] -> EtherEncap(0x0800, mymac, worker2) -> Queue -> todevice2;
or if you just want to bypass the MAC rewrite to test that traffic is
being load balanced:
my_switch[0] -> Queue -> todevice1;
mymac would be the MAC of the interface receiving the traffic, worker1
and worker2 need to be set to the MAC of the worker machines. I was
hoping this would take in the traffic, load-balance, rewrite the MAC and
send it out to several interfaces. I think this is where I was getting
a kernel crash and didn't have time to upgrade the kernel. I think it
was on CentOS 5.3, and I saw patch references to the kernel error I was
getting.
Tyler
More information about the Bro
mailing list