You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
A shadow cube is associated with a Linux network namespace;
80
+
81
+
The parameters between the shadow cube and the namespace are aligned;
82
+
83
+
A port defined on a shadow cube is also visible from the network namespace:
84
+
- the user can decide to configure the ports using Linux (e.g. ifconfig or the ip command) or polycubectl;
85
+
86
+
for example: "``polycubectl <cubename> ports <PortName> set ip=<IpAddress>``" it is the same as "``ip netns exec pcn-<cubename> ifconfig <PortName> <IpAddress>``".
87
+
- the developer can let Linux handle some traffic by sending it to the namespace (e.g. ARP, ICMP, but in general all those protocols able to be managed by a tool running inside the namespace);
@@ -177,3 +215,19 @@ These primitives allow to associate transparent cubes to standard cube's ports o
177
215
polycubectl attach firewall1 r1:port2
178
216
179
217
polycubectl attach firewall0 veth1
218
+
219
+
220
+
Span Mode
221
+
---------
222
+
223
+
The shadow cubes have a mode called **span**.
224
+
225
+
The span mode when activated shows all the traffic seen by the service also to the namespace.
226
+
- To activate the span mode the command used is "``polycubectl <cubename> set span=true``".
227
+
228
+
Span mode is very useful for debugging; On a shadow cube in span mode programs such as Wireshark or Tcpdump can sniff the traffic.
229
+
230
+
However, the span mode consumes many resources when it is active, so it is disabled by default and it is recommended to use it only when necessary.
231
+
232
+
N.B. Span mode duplicates traffic so that it is shown by the namespace, the cube continues to handle traffic.
233
+
For this reason, for example, if we have a shadow router with active span mode we should not have Ip forwarding active on Linux, otherwise the router service forwards packets and copies them to the namespace, the namespace forwards again packets and there will be duplications.
Copy file name to clipboardExpand all lines: Documentation/developers/controlplane.rst
+3-1Lines changed: 3 additions & 1 deletion
Display the source diff
Display the rich diff
Original file line number
Diff line number
Diff line change
@@ -95,6 +95,8 @@ Generating PacketOut events
95
95
96
96
The ``Port`` class contains the ``send_packet_out(EthernetII &packet, bool recirculate = false)`` method that allows to inject packets into the datapath, the recirculate parameter allows to specify if the packet should be sent out of the port (`recirculate = false`) or received through the port (`recirculate = true`).
97
97
98
+
Only in shadow services the ``Port`` class contains the ``send_packet_ns(EthernetII &packet)`` method that allows to send packets into the service namespace.
99
+
98
100
A reference to a port can be got using the `get_port` function of the Cube base class.
Copy file name to clipboardExpand all lines: Documentation/developers/datapath.rst
+2-1Lines changed: 2 additions & 1 deletion
Display the source diff
Display the rich diff
Original file line number
Diff line number
Diff line change
@@ -22,6 +22,8 @@ Polycube architecture adds a wrapper around the user's code, this wrapper calls
22
22
23
23
- **pcn_pkt_controller_with_metadata(struct __sk_buff *skb, struct pkt_metadata *md, u16 reason, u32 metadata[3])**: Sends the packet to the custom code running in the control path. In addition to the reason the user can also send some additional medatada.
24
24
25
+
- **pcn_pkt_redirect_ns(struct __sk_buff *skb, struct pkt_metadata *md, u16 port)**: (it is only available for shadow services) sends the packet to the namespace as if it came from the port indicated as parameter
0 commit comments