Mailing List Archive: NTop: Misc

PF_RING and hardware filtering

Index | Next | Previous | View Threaded

peter.bates at ucl

Jun 25, 2012, 6:17 AM

Post #1 of 5 (385 views)
Permalink

PF_RING and hardware filtering

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Hello all

I've been looking at the code for 'pfcount_82599'
and trying it on my box with ixgbe driver (PF_RING aware, not DNA) loaded:

./pfcount_82599 -i eth6
Capturing from eth6
Using PF_RING v.5.4.3
# Device RX channels: 8
# Polling threads: 1
### Perfect Rule Example ###
pfring_add_hw_rule(0) succeeded: dropping TCP traffic 192.168.30.207:*
- -> *
pfring_add_hw_rule(1) succeeded: dropping UDP traffic 192.168.30.207:*
- -> *

While I see the above, 'ethtool -u' shows no rules have been set, and
I don't understand the purpose of the other 5 lines that look to be
setting 82599 hw filters - as they don't appear to execute.

Am I missing something obvious here, and is there a simple way to test
the adding and deleting of hw filters?

Thanks.

- --
Peter Bates
Senior Computer Security Officer Phone: +44(0)2076792049
Information Services Division Internal Ext: 32049
University College London
London WC1E 6BT

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v2.0.17 (MingW32)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/

iQEcBAEBAgAGBQJP6GTiAAoJELhVoVpEMS6RUJYIAIFZ3a9NYyOpBMjauQs0tCtH
+0RPN0e10B8Gbl1xPOp61a9MZ12FC46jrMJLH5UjCwTiBU+pOHLrLyFvIQrHTb93
B+TEUgEd8+qrz84rlc80rvFP0EN39RLWZQ/Csv4rmgIA/sc8/VwtYojhixE2HS9u
6hFGXIg5xrAvhil+NpXrnDJMaQRBfgbmwUnWC7LNChcNqrDFqi5yBhlrn8U6d+Wl
/TH0b8uIrvtz7ebCMuOBN7Du1sAQVZzd3B5qdKuFFOqrZPwhROBOxVbw3IyfW8JC
ehZkk3JtWuh5pb6cS6/r4Fm9J+3pVOQbHz6OrV2zGo///Bi6MoBpKiRVORkgiOY=
=5wp1
-----END PGP SIGNATURE-----

_______________________________________________
Ntop-misc mailing list
Ntop-misc [at] listgateway
http://listgateway.unipi.it/mailman/listinfo/ntop-misc

cardigliano at ntop

Jun 25, 2012, 6:41 AM

Post #2 of 5 (365 views)
Permalink

Re: PF_RING and hardware filtering [In reply to]

Peter
sorry but hw filters are currently supported by the ixgbe-DNA driver only

Regards
Alfredo

On Jun 25, 2012, at 3:17 PM, Peter Bates wrote:

> -----BEGIN PGP SIGNED MESSAGE-----
> Hash: SHA1
>
>
> Hello all
>
> I've been looking at the code for 'pfcount_82599'
> and trying it on my box with ixgbe driver (PF_RING aware, not DNA) loaded:
>
> ./pfcount_82599 -i eth6
> Capturing from eth6
> Using PF_RING v.5.4.3
> # Device RX channels: 8
> # Polling threads: 1
> ### Perfect Rule Example ###
> pfring_add_hw_rule(0) succeeded: dropping TCP traffic 192.168.30.207:*
> - -> *
> pfring_add_hw_rule(1) succeeded: dropping UDP traffic 192.168.30.207:*
> - -> *
>
> While I see the above, 'ethtool -u' shows no rules have been set, and
> I don't understand the purpose of the other 5 lines that look to be
> setting 82599 hw filters - as they don't appear to execute.
>
> Am I missing something obvious here, and is there a simple way to test
> the adding and deleting of hw filters?
>
> Thanks.
>
> - --
> Peter Bates
> Senior Computer Security Officer Phone: +44(0)2076792049
> Information Services Division Internal Ext: 32049
> University College London
> London WC1E 6BT
>
> -----BEGIN PGP SIGNATURE-----
> Version: GnuPG v2.0.17 (MingW32)
> Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/
>
> iQEcBAEBAgAGBQJP6GTiAAoJELhVoVpEMS6RUJYIAIFZ3a9NYyOpBMjauQs0tCtH
> +0RPN0e10B8Gbl1xPOp61a9MZ12FC46jrMJLH5UjCwTiBU+pOHLrLyFvIQrHTb93
> B+TEUgEd8+qrz84rlc80rvFP0EN39RLWZQ/Csv4rmgIA/sc8/VwtYojhixE2HS9u
> 6hFGXIg5xrAvhil+NpXrnDJMaQRBfgbmwUnWC7LNChcNqrDFqi5yBhlrn8U6d+Wl
> /TH0b8uIrvtz7ebCMuOBN7Du1sAQVZzd3B5qdKuFFOqrZPwhROBOxVbw3IyfW8JC
> ehZkk3JtWuh5pb6cS6/r4Fm9J+3pVOQbHz6OrV2zGo///Bi6MoBpKiRVORkgiOY=
> =5wp1
> -----END PGP SIGNATURE-----
>
> _______________________________________________
> Ntop-misc mailing list
> Ntop-misc [at] listgateway
> http://listgateway.unipi.it/mailman/listinfo/ntop-misc

_______________________________________________
Ntop-misc mailing list
Ntop-misc [at] listgateway
http://listgateway.unipi.it/mailman/listinfo/ntop-misc

peter.bates at ucl

Jun 25, 2012, 7:02 AM

Post #3 of 5 (370 views)
Permalink

Re: PF_RING and hardware filtering [In reply to]

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Hello all

On 25/06/2012 14:41, Alfredo Cardigliano wrote:
> Peter sorry but hw filters are currently supported by the ixgbe-DNA
> driver only

Okay, that explains things.

One more silly question from me - if my ixgbe card has two ports, does
running the DNA driver mean I can only use one, or are they still
seperate devices, dna0 and dna1?

- --
Peter Bates
Senior Computer Security Officer Phone: +44(0)2076792049
Information Services Division Internal Ext: 32049
University College London
London WC1E 6BT

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v2.0.17 (MingW32)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/

iQEcBAEBAgAGBQJP6G9+AAoJELhVoVpEMS6RpQcH/3T+9bme3mRHeP/DDVGyVXLd
SArVvrtV0HufdRCi46ry5caNKInToHc6rCEaq6P0dnm3OaX+gHYncmmQGxfWr8zJ
JhzoczmIPqm0yb2JnvSfukNii7tilPPpzu20pkqDeSfNAWSiF2UTpJMghNUqPFqf
4QYrKtQr2FnyJpnyy6gyaZWdxvyjaA/wXS0d8TfpWbJuxnhmkhSp9iAV3/fRccUt
IvvWzQNYGkr4mx/MRbKswD3s0kL9Qm6MT0J/2smsaTe73wr8bp12NCATYW2Znm5c
XURyvW91IvGtdV3vgEJTMm46xvwvWMpA8wlPozqILZMCmyvZQupVzbE8leAwlEo=
=Bx91
-----END PGP SIGNATURE-----

_______________________________________________
Ntop-misc mailing list
Ntop-misc [at] listgateway
http://listgateway.unipi.it/mailman/listinfo/ntop-misc

yuri at ntop

Jun 25, 2012, 7:14 AM

Post #4 of 5 (374 views)
Permalink

Re: PF_RING and hardware filtering [In reply to]

You can enable dna on a per mac-address basis, so you could have dna0 and dna1.

Regards, Yuri

###############################################
Yuri Francalacci - yuri [at] ntop - http://www.ntop.org
"Simplicity is the ultimate sophistication" - Leonardo da Vinci
###############################################

On Jun 25, 2012, at 4:02 PM, Peter Bates wrote:

> -----BEGIN PGP SIGNED MESSAGE-----
> Hash: SHA1
>
>
> Hello all
>
> On 25/06/2012 14:41, Alfredo Cardigliano wrote:
>> Peter sorry but hw filters are currently supported by the ixgbe-DNA
>> driver only
>
> Okay, that explains things.
>
> One more silly question from me - if my ixgbe card has two ports, does
> running the DNA driver mean I can only use one, or are they still
> seperate devices, dna0 and dna1?
>
> - --
> Peter Bates
> Senior Computer Security Officer Phone: +44(0)2076792049
> Information Services Division Internal Ext: 32049
> University College London
> London WC1E 6BT
>
>
> -----BEGIN PGP SIGNATURE-----
> Version: GnuPG v2.0.17 (MingW32)
> Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/
>
> iQEcBAEBAgAGBQJP6G9+AAoJELhVoVpEMS6RpQcH/3T+9bme3mRHeP/DDVGyVXLd
> SArVvrtV0HufdRCi46ry5caNKInToHc6rCEaq6P0dnm3OaX+gHYncmmQGxfWr8zJ
> JhzoczmIPqm0yb2JnvSfukNii7tilPPpzu20pkqDeSfNAWSiF2UTpJMghNUqPFqf
> 4QYrKtQr2FnyJpnyy6gyaZWdxvyjaA/wXS0d8TfpWbJuxnhmkhSp9iAV3/fRccUt
> IvvWzQNYGkr4mx/MRbKswD3s0kL9Qm6MT0J/2smsaTe73wr8bp12NCATYW2Znm5c
> XURyvW91IvGtdV3vgEJTMm46xvwvWMpA8wlPozqILZMCmyvZQupVzbE8leAwlEo=
> =Bx91
> -----END PGP SIGNATURE-----
>
> _______________________________________________
> Ntop-misc mailing list
> Ntop-misc [at] listgateway
> http://listgateway.unipi.it/mailman/listinfo/ntop-misc

c.d.wakelin at reading

Jun 25, 2012, 7:15 AM

Post #5 of 5 (369 views)
Permalink

Re: PF_RING and hardware filtering [In reply to]

On 25/06/12 15:02, Peter Bates wrote:
>
> Hello all
>
> On 25/06/2012 14:41, Alfredo Cardigliano wrote:
>> Peter sorry but hw filters are currently supported by the
>> ixgbe-DNA driver only
>
> Okay, that explains things.
>
> One more silly question from me - if my ixgbe card has two ports,
> does running the DNA driver mean I can only use one, or are they
> still seperate devices, dna0 and dna1?

They are separate devices, and you don't need to enable DNA on them
both; I've got mine enabled on just one of the two with:

insmod ixgbe.ko adapters_to_enable=00:1b:21:xx:xx:xx RSS=8,8
num_rx_slots=4096 num_tx_slots=0 mtu=1522

The other appears as eth2.

I think libzero can do clever things like combine the two into one
virtual interface.

Best Wishes,
Chris

--
--+---+---+---+---+---+---+---+---+---+---+---+---+---+---+---+---+---+-
Christopher Wakelin, c.d.wakelin [at] reading
IT Services Centre, The University of Reading, Tel: +44 (0)118 378 2908
Whiteknights, Reading, RG6 6AF, UK Fax: +44 (0)118 975 3094

_______________________________________________
Ntop-misc mailing list
Ntop-misc [at] listgateway
http://listgateway.unipi.it/mailman/listinfo/ntop-misc

Index | Next | Previous | View Threaded

Interested in having your list archived? Contact Gossamer Threads