| .TH "Mirror/redirect action in tc" 8 "11 Jan 2015" "iproute2" "Linux" |
| |
| .SH NAME |
| mirred - mirror/redirect action |
| .SH SYNOPSIS |
| .in +8 |
| .ti -8 |
| .BR tc " ... " "action mirred" |
| .I DIRECTION ACTION |
| .RB "[ " index |
| .IR INDEX " ] " |
| .BI dev " DEVICENAME" |
| |
| .ti -8 |
| .IR DIRECTION " := { " |
| .BR ingress " | " egress " }" |
| |
| .ti -8 |
| .IR ACTION " := { " |
| .BR mirror " | " redirect " }" |
| .SH DESCRIPTION |
| The |
| .B mirred |
| action allows packet mirroring (copying) or redirecting (stealing) the packet it |
| receives. Mirroring is what is sometimes referred to as Switch Port Analyzer |
| (SPAN) and is commonly used to analyze and/or debug flows. |
| .SH OPTIONS |
| .TP |
| .B ingress |
| .TQ |
| .B egress |
| Specify the direction in which the packet shall appear on the destination |
| interface. |
| .TP |
| .B mirror |
| .TQ |
| .B redirect |
| Define whether the packet should be copied |
| .RB ( mirror ) |
| or moved |
| .RB ( redirect ) |
| to the destination interface. |
| .TP |
| .BI index " INDEX" |
| Assign a unique ID to this action instead of letting the kernel choose one |
| automatically. |
| .I INDEX |
| is a 32bit unsigned integer greater than zero. |
| .TP |
| .BI dev " DEVICENAME" |
| Specify the network interface to redirect or mirror to. |
| .SH EXAMPLES |
| Limit ingress bandwidth on eth0 to 1mbit/s, redirect exceeding traffic to lo for |
| debugging purposes: |
| |
| .RS |
| .EX |
| # tc qdisc add dev eth0 handle ffff: ingress |
| # tc filter add dev eth0 parent ffff: u32 \\ |
| match u32 0 0 \\ |
| action police rate 1mbit burst 100k conform-exceed pipe \\ |
| action mirred egress redirect dev lo |
| .EE |
| .RE |
| |
| Mirror all incoming ICMP packets on eth0 to a dummy interface for examination |
| with e.g. tcpdump: |
| |
| .RS |
| .EX |
| # ip link add dummy0 type dummy |
| # ip link set dummy0 up |
| # tc qdisc add dev eth0 handle ffff: ingress |
| # tc filter add dev eth0 parent ffff: protocol ip \\ |
| u32 match ip protocol 1 0xff \\ |
| action mirred egress mirror dev dummy0 |
| .EE |
| .RE |
| |
| Using an |
| .B ifb |
| interface, it is possible to send ingress traffic through an instance of |
| .BR sfq : |
| |
| .RS |
| .EX |
| # modprobe ifb |
| # ip link set ifb0 up |
| # tc qdisc add dev ifb0 root sfq |
| # tc qdisc add dev eth0 handle ffff: ingress |
| # tc filter add dev eth0 parent ffff: u32 \\ |
| match u32 0 0 \\ |
| action mirred egress redirect dev ifb0 |
| .EE |
| .RE |
| |
| .SH SEE ALSO |
| .BR tc (8), |
| .BR tc-u32 (8) |