[Bro] Software frontend

Sunjeet Singh sstattla at gmail.com
Tue Dec 7 13:50:36 PST 2010 

Hi Tyler,

Can you please help me troubleshoot here? I did what you said (on Linux 
so some function option-parameters are gone), and here's what my click 
script looks like (currently testing with one frontend machine and one 
worker machine)-

AddressInfo(mymac <IP add. of frontend/8> <mac add of eth0>);
AddressInfo(worker1 <IP add. of worker1/8> <mac add of worker eth0>);
AddressInfo(worker2 <IP add. of worker1/8> <mac add of eth1>);
AddressInfo(worker3 <IP add. of worker1/8> <mac add of eth2>);

my_switch :: HashSwitch(26, 8);

FromDevice(eth4, PROMISC true) -> my_switch;
todevice1 :: ToDevice(eth0);
todevice2 :: ToDevice(eth1);
todevice3 :: ToDevice(eth2);

my_switch[0] -> EtherEncap(0x0800, mymac, worker1) -> Queue -> todevice1;
my_switch[1] -> EtherEncap(0x0800, mymac, worker2) -> Queue -> todevice2;
my_switch[2] -> EtherEncap(0x0800, mymac, worker3) -> Queue -> todevice3;


When I run the script with the command "sudo click try.click", it starts 
executing and gives no messages. To test it,
I used tcpdump to first see if any of the interfaces on worker1 is 
receiving any traffic -> No.
Then I checked if any traffic is going out of eth0, eth1 or eth2 on 
frontend -> No.
Checked if eth4 is receiving the packets I sent through tcpreplay -> Yes.

How can I go about debugging this?

Thanks,
Sunjeet


On 10-12-07 12:34 PM, Tyler T. Schoenke wrote:
>
>> Even if this does forward the packet to the eth1 interface (sending out
>> of eth1 I assume), we haven't done the part where the packet goes from
>> the interface to the right worker machine (which is done by rewriting
>> the MAC address on the packet I suppose).
>>
> I had written a config to do that, but never tested it.  Here are the 
> basics.
>
> AddressInfo(mymac 10.0.0.1/8 1:1:1:1:1:1);
> AddressInfo(worker1 10.0.0.2/8 2:2:2:2:2:2);
> AddressInfo(worker2 10.0.0.3/8 3:3:3:3:3:3);
>
> my_switch :: HashSwitch(26, 8);
>
> FromDevice(eth1, PROMISC true, BURST 8 ) -> my_switch;
> todevice1::ToDevice(eth2, ALLOW_NONEXISTENT true);
> todevice2::ToDevice(eth3, ALLOW_NONEXISTENT true);
>
>
> //example:  my_switch[0] -> EtherEncap(0x0800, 1:1:1:1:1:1, 
> 2:2:2:2:2:2) -> Queue -> ToDevice(eth2, ALLOW_NONEXISTENT true);
> my_switch[0] -> EtherEncap(0x0800, mymac, worker1) -> Queue -> todevice1;
> my_switch[1] -> EtherEncap(0x0800, mymac, worker2) -> Queue -> todevice2;
>
> or if you just want to bypass the MAC rewrite to test that traffic is 
> being load balanced:
>
> my_switch[0] -> Queue -> todevice1;
>
> mymac would be the MAC of the interface receiving the traffic, worker1 
> and worker2 need to be set to the MAC of the worker machines.  I was 
> hoping this would take in the traffic, load-balance, rewrite the MAC 
> and send it out to several interfaces.   I think this is where I was 
> getting a kernel crash and didn't have time to upgrade the kernel.  I 
> think it was on CentOS 5.3, and I saw patch references to the kernel 
> error I was getting.
>
> Tyler
>
>

More information about the Bro mailing list