2nd NIC for network monitor

graylion

graylion

Dabbler
Joined
Dec 28, 2019
Messages
32
Hi all

I would like to run a network monitor as a VM. The VM would have 2 NICs, one regular and one running in promiscuous mode for analysing netword traffic from a SPAN port on a switch. The way I am thinking of building this is:

SPAN port --> 2nd NIC on Host --> dedicated bridge -> 2nd NIC on VM.

Could this work?

Thanks!
 
jgreco

jgreco

Resident Grinch
Joined
May 29, 2011
Messages
18,680
Well, no, because a bridge is not a span port. It won't handle unicast packets in the way you would need.

This is why you would normally use a virtual function if you were virtualizing a network monitor of some sort on a hypervisor like ESXi. It gives you access to the actual ethernet hardware.
 
jgreco

jgreco

Resident Grinch
Joined
May 29, 2011
Messages
18,680
So then you've made me explain to you some of the same things explained in the first answer there, but didn't bother mentioning that you were also considering using some weird hacky solution in addition to a bridge, to fix the obvious problem with using just a bridge.

In any case, I already gave you the technologically better and non-hacky answer to your question.
 
jgreco

jgreco

Resident Grinch
Joined
May 29, 2011
Messages
18,680
graylion said:
Does TrueNAS provide this function?
Click to expand...

Am I to do your homework for you? I have no idea. It theoretically could, but TrueNAS SCALE is relatively immature, so who knows if it actually works.

graylion said:
I am aware of ESXi.
Click to expand...

Then perhaps you should use it, as modern TrueNAS generally virtualizes just fine on modern ESXi, and you can definitely get a variety of passthru ethernet options as long as all the components support it.
 
graylion

graylion

Dabbler
Joined
Dec 28, 2019
Messages
32
jgreco said:
Am I to do your homework for you? I have no idea. It theoretically could, but TrueNAS SCALE is relatively immature, so who knows if it actually works.



Then perhaps you should use it, as modern TrueNAS generally virtualizes just fine on modern ESXi, and you can definitely get a variety of passthru ethernet options as long as all the components support it.
Click to expand...

I am asking the community. As one does.
 
You must log in or register to reply here.

Similar threads

DaAwesomeP
Attach VM to Kubernetes Network
Replies
0
Views
1K
DaAwesomeP
DaAwesomeP
Ralphie
NIC Link is Down after turning off monitor
Replies
2
Views
1K
Ralphie
Ralphie
Europa2010AD
IP forwarding between NICs for Tailscale
Replies
0
Views
1K
Europa2010AD
Europa2010AD
cfcaballero
2nd NIC for FreeNAS VM on ESXi 6.5 (AiO)
Replies
15
Views
6K
Crashdodson
C
Z
Faster NIC for VM
Replies
0
Views
825
Zain
Z
Top