/var/net/sys/admin/blog
| More

Objective: to copy/send or tee packets coming from enp3s4f1 and send to a destination IP via the enp3s4f0 management/data port
ServerA = enp3s4f1 (connected to a switch1 span port) (no IP address)
enp3s4f0  (connected to switch2 as management/data port)
(IP is 192.168.100.99)
ServerB destination IP = 192.168.100.100  (same IP range)

This is based on commer’s post in LQ below:

http://www.linuxquestions.org/questions/linux-networking-3/how-to-route-forward-packets-in-promiscuous-mode-832698/

  1. Configure  the bridge interface and bind enp3s4f1  into it. Disable Spanning Tree Protocol (STP) if necessary. Bring up the bridge interface

#brctl addbr br0
#brctl stp br0 off
# brctl addif br0 enp3s4f1
#ifconfig br0 up

2. Use ebtables to redirect the mac addresses of incoming packets to machine’s physical device

#ebtables -t broute -A BROUTING -i enp3s4f1 -j redirect –redirect-target DROP

3. Configure static route all expected incoming IP address/subnets
e.g.

#ip route add 192.168.20.192/27 dev enp3s4f1
#ip route add 192.168.20.224/27 dev enp3s4f1

4. Tee the packets (sample filter DCHP packets) and send to 192.168.100.100

#iptables -t mangle -A PREROUTING -i enp3s4f1 -p udp –dport 67:68 –sport 67:68 ! -d 192.168.100.0/24 -j TEE –gateway 192.168.100.100

Note: I configured exceptions on the same destination IP range to avoid double tee
use the command “iptables -t mangle -L -v” to see if tee packets are incrementing

Tested working using CentOS 7

Share

Leave a comment

Name: (Required)

E-mail: (Required)

Website:

Comment:

 

About FLT

This site is dedicated to everyone who likes to learn and explore the beautiful world of Linux. If you have comments and suggestions, please feel free to email at freelinuxtutorials@gmail.com. I am happy to serve and share things esp. that is free and enjoyable as Linux.