[Netkit.users] How to better sniff traffic in Netkit?
Marco
listaddr at katamail.com
Sat Dec 5 15:33:40 CET 2009
Let me try to explain better.
Currently, as far as I can tell the only way to capture network traffic
between netkit hosts in a lab is to run tcpdump in a virtual host, either
looking at the traffic in real time, or saving it to a pcap file that can be
inspected later.
What I'd like to be able to do is to connect a tap interface on the real host
to an arbitray running uml_switch (ie to one of the broadcast domains), so I
could directly run tcpdump or wireshark on the host to see the traffic in that
broadcast domain.
Currently, the so-called "tap collision domain" does not provide that kind of
functionality, and furthermore using a tap collision domain requires root
access, and it automatically runs a number of steps which might or might not
be necessary, like enabling NAT, adding routes, enabling routing, etc., which
imho would be better controlled directly by the user rather than performed
automatically.
In other words, a tap collision domain is not necessarily used to connect
netkit to the Internet, which is what you assume currently.
The above issues in the past led me to (badly) hack netkit's scripts to be
able to do what I wanted, but it would be great if native support was added to
netkit.
What I'm suggesting is to add the possibility to specify the name of a
(perhaps already-existing) tap interface to be connected to a given collision
domain (ie, a uml_switch) at lab startup, maybe with the option of creating it
if it doesn't exist already (and that would require root access of course).
Once that is in place, the user can choose how to use that. For example, he
can just attach tcpdump to the tap interface from the host to sniff traffic,
or he may give it an IP address, enable routing, etc. to connect the netkit
lab to some other network or the Internet, etc.
In my opinion this would be much more flexible than the current tap support.
On a slightly related note, is vde support planned in netkit?
Thank you very much.
Marco
More information about the Netkit.users
mailing list