Hi folks,
I’m trying to set up a physical server that will be used to evaluate cyber security tools like Zeek, Snort and Suricata. All of these need to be attached to a port in promiscuous mode. I’d like to use OVS as the network fabric, but for the life of me, I can’t figure out how to create a mirror and output port (have that part, I think) and then attach an LXC container to that output port. Is there an easier way of doing this?
I’m hoping the OVS mirror port is faster than the traditional linux bridge.
Physical host is running Ubuntu Server 22.04, and the containers are running a mix of 1804 and 2204 depending on the application, but that should not make any real difference.