Open rjarry opened 6 months ago
Instead of a built-in tcpdump, what about adding a mirroring node instead ? As we should be able to add dynamically a tap port, we can then run a standard tcpdump command.
That sounds like a better idea :)
I'll adjust the title and description.
Ack that port mirroring and tcpdump, depending on context, are different requirements, but this may be achievable already with the use of dpdk-dumpcap (secondary process)
Allow mirroring traffic from a port to a linux tap interface so that we can run regular
tcpdump
on it.Example: