Hi,
I currently use PVE 3.2 it just runs PFSense and does my routing. I really like the setup but I want to add IDS (securityonion) and eventually add my VMWare servers to this network. I think OVS is what I need to mirror all the adapters to the IDS bridge and drop any traffic sent directly to the IDS bridge. It sounds straight forward but I am having trouble. The PVE 3.2 servers have 4 external adapters eth0 - eth3.
vmbr0 is mgmt traffic, vmbr1 is LAN traffic, vmbr100 is WAN traffic and I want vmbr101 to be the SPAN port.
I have attempted to adapt this http://openvswitch.org/cgi-bin/ovsma...%2Fovs-vsctl.8 to my network and while OVS looks to be setup right prox does not recognize the bridge I created. I assume I have to modify /interfaces but I am not quite sure what I should be looking into. Any advice or guidance would be great. Here is my current config.
/etc/network/interfaces
I currently use PVE 3.2 it just runs PFSense and does my routing. I really like the setup but I want to add IDS (securityonion) and eventually add my VMWare servers to this network. I think OVS is what I need to mirror all the adapters to the IDS bridge and drop any traffic sent directly to the IDS bridge. It sounds straight forward but I am having trouble. The PVE 3.2 servers have 4 external adapters eth0 - eth3.
vmbr0 is mgmt traffic, vmbr1 is LAN traffic, vmbr100 is WAN traffic and I want vmbr101 to be the SPAN port.
I have attempted to adapt this http://openvswitch.org/cgi-bin/ovsma...%2Fovs-vsctl.8 to my network and while OVS looks to be setup right prox does not recognize the bridge I created. I assume I have to modify /interfaces but I am not quite sure what I should be looking into. Any advice or guidance would be great. Here is my current config.
/etc/network/interfaces
Code:
iface eth0 inet manual
iface eth1 inet manual
iface eth3 inet manual
iface eth2 inet manual
auto vmbr0
iface vmbr0 inet static
address 192.168.100.2
netmask 255.255.255.0
gateway 192.168.100.1
bridge_ports eth0
bridge_stp off
bridge_fd 0
auto vmbr1
iface vmbr1 inet manual
bridge_ports eth1
bridge_stp off
bridge_fd 0
auto vmbr100
iface vmbr100 inet manual
bridge_ports eth3
bridge_stp off
bridge_fd 0
auto vmbr101
iface vmbr101 inet static
address 192.168.11.2
netmask 255.255.255.0
ovs_type OVSBridge