Why cant I see the SRIOV traffic in tcpdump?

asked 2020-01-21 23:57:38 -0500

gsm.asad
11 ●3 ●3 ●4

Hello there

I have 64 VFs (virtual functions) running on a Physical SRIOV nic. When I put a tcpdump on the physical interface (say ens5f0) then I dont see any traffic that is running on virtual functions like icmp, arp, etc. However, I can see some other traffic that is related to physical NIC only. I want to understand why I am not able to see the traffic of VFs on the physical NIC because it must be going via physical NICs only

answered 2020-01-22 00:23:44 -0500

piyushsrivastava

141 ●4 ●10 https://www.openstack....

Hello

Create port mirror (say ens5f0) and try to tcpdump on respective compute server where VM sit.

edit flag offensive delete link

Comments

Actually this is not possible because the interface is running 64 virtual functions (i.e. 64 VMs) traffic on a single physical interface. Mirroring will create a huge load of packets on CPU.

Main query is - why I am not able to see it?

gsm.asad ( 2020-01-23 07:11:31 -0500 )edit

It’s all depends which NICs you are using, couple of NICs supports tcpdump on hypervisor but most of common sriov nics you can’t filter tcpdump on sriov VF NICs , data goes from additional driver vf pci and there is separation between physical function and virtual functions.

piyushsrivastava ( 2020-01-23 14:36:33 -0500 )edit

I think you're right because we are using Mellanox NICs whose driver does not have this capability

gsm.asad ( 2020-01-25 02:53:31 -0500 )edit

add a comment

Why cant I see the SRIOV traffic in tcpdump?

1 answer

Comments

Get to know Ask OpenStack

Question Tools

Stats

Related questions

Feedback About This Page

OpenStack

Community

Documentation

Branding & Legal

Why cant I see the SRIOV traffic in tcpdump? edit

1 answer

Comments

Get to know Ask OpenStack

Question Tools

Stats

Related questions

Feedback About This Page

OpenStack

Community

Documentation

Branding & Legal

Why cant I see the SRIOV traffic in tcpdump?