{"id":3691,"date":"2022-12-20T17:19:47","date_gmt":"2022-12-20T20:19:47","guid":{"rendered":"http:\/\/lode.uno\/linux-man\/index.php\/2022\/12\/20\/mirror-redirect-action-in-tc-man8\/"},"modified":"2022-12-20T17:19:47","modified_gmt":"2022-12-20T20:19:47","slug":"mirror-redirect-action-in-tc-man8","status":"publish","type":"post","link":"https:\/\/lode.uno\/linux-man\/2022\/12\/20\/mirror-redirect-action-in-tc-man8\/","title":{"rendered":"Mirror\/redirect action in tc (man8)"},"content":{"rendered":"<h1 align=\"center\">Mirror\/redirect action in tc<\/h1>\n<p> <a href=\"#NAME\">NAME<\/a><br \/> <a href=\"#SYNOPSIS\">SYNOPSIS<\/a><br \/> <a href=\"#DESCRIPTION\">DESCRIPTION<\/a><br \/> <a href=\"#OPTIONS\">OPTIONS<\/a><br \/> <a href=\"#EXAMPLES\">EXAMPLES<\/a><br \/> <a href=\"#SEE ALSO\">SEE ALSO<\/a> <\/p>\n<hr>\n<h2>NAME <a name=\"NAME\"><\/a> <\/h2>\n<p style=\"margin-left:11%; margin-top: 1em\">mirred &#8211; mirror\/redirect action<\/p>\n<h2>SYNOPSIS <a name=\"SYNOPSIS\"><\/a> <\/h2>\n<p style=\"margin-left:23%; margin-top: 1em\"><b>tc<\/b> &#8230; <b>action mirred<\/b> <i>DIRECTION ACTION<\/i> [ <b>index<\/b> <i>INDEX<\/i> ] <b>dev<\/b> <i>DEVICENAME<\/i><\/p>\n<p style=\"margin-left:23%; margin-top: 1em\"><i>DIRECTION<\/i> := { <b>ingress<\/b> | <b>egress<\/b> }<\/p>\n<p style=\"margin-left:23%; margin-top: 1em\"><i>ACTION<\/i> := { <b>mirror<\/b> | <b>redirect<\/b> }<\/p>\n<h2>DESCRIPTION <a name=\"DESCRIPTION\"><\/a> <\/h2>\n<p style=\"margin-left:11%; margin-top: 1em\">The <b>mirred<\/b> action allows packet mirroring (copying) or redirecting (stealing) the packet it receives. Mirroring is what is sometimes referred to as Switch Port Analyzer (SPAN) and is commonly used to analyze and\/or debug flows.<\/p>\n<h2>OPTIONS <a name=\"OPTIONS\"><\/a> <\/h2>\n<p style=\"margin-left:11%; margin-top: 1em\"><b>ingress<\/b><\/p>\n<table width=\"100%\" border=\"0\" rules=\"none\" frame=\"void\" cellspacing=\"0\" cellpadding=\"0\">\n<tr valign=\"top\" align=\"left\">\n<td width=\"11%\"><\/td>\n<td width=\"9%\">\n<p><b>egress<\/b><\/p>\n<\/td>\n<td width=\"2%\"><\/td>\n<td width=\"78%\">\n<p>Specify the direction in which the packet shall appear on the destination interface.<\/p>\n<\/td>\n<\/tr>\n<tr valign=\"top\" align=\"left\">\n<td width=\"11%\"><\/td>\n<td width=\"9%\">\n<p><b>mirror<\/b><\/p>\n<\/td>\n<td width=\"2%\"><\/td>\n<td width=\"78%\"> <\/td>\n<\/tr>\n<\/table>\n<p style=\"margin-left:11%;\"><b>redirect<\/b><\/p>\n<p style=\"margin-left:22%;\">Define whether the packet should be copied (<b>mirror<\/b>) or moved (<b>redirect<\/b>) to the destination interface.<\/p>\n<p style=\"margin-left:11%;\"><b>index<\/b> <i>INDEX<\/i><\/p>\n<p style=\"margin-left:22%;\">Assign a unique ID to this action instead of letting the kernel choose one automatically. <i>INDEX<\/i> is a 32bit unsigned integer greater than zero.<\/p>\n<p style=\"margin-left:11%;\"><b>dev<\/b> <i>DEVICENAME<\/i><\/p>\n<p style=\"margin-left:22%;\">Specify the network interface to redirect or mirror to.<\/p>\n<h2>EXAMPLES <a name=\"EXAMPLES\"><\/a> <\/h2>\n<p style=\"margin-left:11%; margin-top: 1em\">Limit ingress bandwidth on eth0 to 1mbit\/s, redirect exceeding traffic to lo for debugging purposes:<\/p>\n<p style=\"margin-left:22%; margin-top: 1em\"># tc qdisc add dev eth0 handle ffff: ingress <br \/> # tc filter add dev eth0 parent ffff: u32 <\/p>\n<table width=\"100%\" border=\"0\" rules=\"none\" frame=\"void\" cellspacing=\"0\" cellpadding=\"0\">\n<tr valign=\"top\" align=\"left\">\n<td width=\"8%\"><\/td>\n<td width=\"7%\"><\/td>\n<td width=\"85%\">\n<p>match u32 0 0 <\/p>\n<\/td>\n<\/tr>\n<tr valign=\"top\" align=\"left\">\n<td width=\"8%\"><\/td>\n<td width=\"7%\"><\/td>\n<td width=\"85%\">\n<p>action police rate 1mbit burst 100k conform-exceed pipe <\/p>\n<\/td>\n<\/tr>\n<tr valign=\"top\" align=\"left\">\n<td width=\"8%\"><\/td>\n<td width=\"7%\"><\/td>\n<td width=\"85%\">\n<p>action mirred egress redirect dev lo<\/p>\n<\/td>\n<\/tr>\n<\/table>\n<p style=\"margin-left:11%; margin-top: 1em\">Mirror all incoming ICMP packets on eth0 to a dummy interface for examination with e.g. tcpdump:<\/p>\n<p style=\"margin-left:22%; margin-top: 1em\"># ip link add dummy0 type dummy <br \/> # ip link set dummy0 up <br \/> # tc qdisc add dev eth0 handle ffff: ingress <br \/> # tc filter add dev eth0 parent ffff: protocol ip <\/p>\n<table width=\"100%\" border=\"0\" rules=\"none\" frame=\"void\" cellspacing=\"0\" cellpadding=\"0\">\n<tr valign=\"top\" align=\"left\">\n<td width=\"8%\"><\/td>\n<td width=\"92%\">\n<p>u32 match ip protocol 1 0xff <\/p>\n<\/td>\n<\/tr>\n<tr valign=\"top\" align=\"left\">\n<td width=\"8%\"><\/td>\n<td width=\"92%\">\n<p>action mirred egress mirror dev dummy0<\/p>\n<\/td>\n<\/tr>\n<\/table>\n<p style=\"margin-left:11%; margin-top: 1em\">Using an <b>ifb<\/b> interface, it is possible to send ingress traffic through an instance of <b>sfq<\/b>:<\/p>\n<p style=\"margin-left:22%; margin-top: 1em\"># modprobe ifb <br \/> # ip link set ifb0 up <br \/> # tc qdisc add dev ifb0 root sfq <br \/> # tc qdisc add dev eth0 handle ffff: ingress <br \/> # tc filter add dev eth0 parent ffff: u32 <\/p>\n<table width=\"100%\" border=\"0\" rules=\"none\" frame=\"void\" cellspacing=\"0\" cellpadding=\"0\">\n<tr valign=\"top\" align=\"left\">\n<td width=\"8%\"><\/td>\n<td width=\"92%\">\n<p>match u32 0 0 <\/p>\n<\/td>\n<\/tr>\n<tr valign=\"top\" align=\"left\">\n<td width=\"8%\"><\/td>\n<td width=\"92%\">\n<p>action mirred egress redirect dev ifb0<\/p>\n<\/td>\n<\/tr>\n<\/table>\n<h2>SEE ALSO <a name=\"SEE ALSO\"><\/a> <\/h2>\n<p style=\"margin-left:11%; margin-top: 1em\"><b>tc<\/b>(8), <b>tc-u32<\/b>(8)<\/p>\n<hr>\n","protected":false},"excerpt":{"rendered":"<p>  mirred &#8211; mirror\/redirect action <\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[2],"tags":[5,52,4,803],"class_list":["post-3691","post","type-post","status-publish","format-standard","hentry","category-8-administracion-del-sistema","tag-5","tag-administracion","tag-man8","tag-tc-mirred"],"gutentor_comment":0,"_links":{"self":[{"href":"https:\/\/lode.uno\/linux-man\/wp-json\/wp\/v2\/posts\/3691","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/lode.uno\/linux-man\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/lode.uno\/linux-man\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/lode.uno\/linux-man\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/lode.uno\/linux-man\/wp-json\/wp\/v2\/comments?post=3691"}],"version-history":[{"count":0,"href":"https:\/\/lode.uno\/linux-man\/wp-json\/wp\/v2\/posts\/3691\/revisions"}],"wp:attachment":[{"href":"https:\/\/lode.uno\/linux-man\/wp-json\/wp\/v2\/media?parent=3691"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/lode.uno\/linux-man\/wp-json\/wp\/v2\/categories?post=3691"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/lode.uno\/linux-man\/wp-json\/wp\/v2\/tags?post=3691"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}