[Bro] Software frontend
Sunjeet Singh
sstattla at gmail.com
Tue Dec 7 13:50:36 PST 2010
Hi Tyler,
Can you please help me troubleshoot here? I did what you said (on Linux
so some function option-parameters are gone), and here's what my click
script looks like (currently testing with one frontend machine and one
worker machine)-
AddressInfo(mymac <IP add. of frontend/8> <mac add of eth0>);
AddressInfo(worker1 <IP add. of worker1/8> <mac add of worker eth0>);
AddressInfo(worker2 <IP add. of worker1/8> <mac add of eth1>);
AddressInfo(worker3 <IP add. of worker1/8> <mac add of eth2>);
my_switch :: HashSwitch(26, 8);
FromDevice(eth4, PROMISC true) -> my_switch;
todevice1 :: ToDevice(eth0);
todevice2 :: ToDevice(eth1);
todevice3 :: ToDevice(eth2);
my_switch[0] -> EtherEncap(0x0800, mymac, worker1) -> Queue -> todevice1;
my_switch[1] -> EtherEncap(0x0800, mymac, worker2) -> Queue -> todevice2;
my_switch[2] -> EtherEncap(0x0800, mymac, worker3) -> Queue -> todevice3;
When I run the script with the command "sudo click try.click", it starts
executing and gives no messages. To test it,
I used tcpdump to first see if any of the interfaces on worker1 is
receiving any traffic -> No.
Then I checked if any traffic is going out of eth0, eth1 or eth2 on
frontend -> No.
Checked if eth4 is receiving the packets I sent through tcpreplay -> Yes.
How can I go about debugging this?
Thanks,
Sunjeet
On 10-12-07 12:34 PM, Tyler T. Schoenke wrote:
>
>> Even if this does forward the packet to the eth1 interface (sending out
>> of eth1 I assume), we haven't done the part where the packet goes from
>> the interface to the right worker machine (which is done by rewriting
>> the MAC address on the packet I suppose).
>>
> I had written a config to do that, but never tested it. Here are the
> basics.
>
> AddressInfo(mymac 10.0.0.1/8 1:1:1:1:1:1);
> AddressInfo(worker1 10.0.0.2/8 2:2:2:2:2:2);
> AddressInfo(worker2 10.0.0.3/8 3:3:3:3:3:3);
>
> my_switch :: HashSwitch(26, 8);
>
> FromDevice(eth1, PROMISC true, BURST 8 ) -> my_switch;
> todevice1::ToDevice(eth2, ALLOW_NONEXISTENT true);
> todevice2::ToDevice(eth3, ALLOW_NONEXISTENT true);
>
>
> //example: my_switch[0] -> EtherEncap(0x0800, 1:1:1:1:1:1,
> 2:2:2:2:2:2) -> Queue -> ToDevice(eth2, ALLOW_NONEXISTENT true);
> my_switch[0] -> EtherEncap(0x0800, mymac, worker1) -> Queue -> todevice1;
> my_switch[1] -> EtherEncap(0x0800, mymac, worker2) -> Queue -> todevice2;
>
> or if you just want to bypass the MAC rewrite to test that traffic is
> being load balanced:
>
> my_switch[0] -> Queue -> todevice1;
>
> mymac would be the MAC of the interface receiving the traffic, worker1
> and worker2 need to be set to the MAC of the worker machines. I was
> hoping this would take in the traffic, load-balance, rewrite the MAC
> and send it out to several interfaces. I think this is where I was
> getting a kernel crash and didn't have time to upgrade the kernel. I
> think it was on CentOS 5.3, and I saw patch references to the kernel
> error I was getting.
>
> Tyler
>
>
More information about the Bro
mailing list