iptables_tee_port_mirror
Differences
This shows you the differences between two versions of the page.
| Both sides previous revisionPrevious revision | Last revisionBoth sides next revision | ||
| iptables_tee_port_mirror [2017/12/31 09:16] – [PCEngines APU2 - iptables tee / clone packets] admin | iptables_tee_port_mirror [2017/12/31 09:17] – [PCEngines APU2 - iptables tee / clone packets] admin | ||
|---|---|---|---|
| Line 3: | Line 3: | ||
| __From the manual:__ The TEE target will clone a packet and redirect this clone to another machine on the **local** network segment. In other words, the nexthop must be the target, or you will have to configure the nexthop to forward it further if so desired. | __From the manual:__ The TEE target will clone a packet and redirect this clone to another machine on the **local** network segment. In other words, the nexthop must be the target, or you will have to configure the nexthop to forward it further if so desired. | ||
| - | If you don't have a switch with mirror / span ports, you can use iptables to clone the packets to another machine on the same subnet. That monitor box needs to be on the layer 3 network, it needs to be reachable by IP address. | + | If you don't have a switch with mirror / span ports, you can use iptables to clone the packets to another machine on the same subnet. That monitor box needs to be on the same layer 2 network, |
| ====Overview==== | ====Overview==== | ||
iptables_tee_port_mirror.txt · Last modified: 2021/10/09 15:14 by 127.0.0.1