lurkio Posted October 22, 2018 Share Posted October 22, 2018 I have two nics on my unraid box, one is the configured management interface, the other I have enabled with no ip address. I use that port as a tap interface, as my switch mirrors the routers uplink port to it, I used to run QRadar on this machine. When I tcpdump the interface on unraid's shell I see all the traffic I expect. However, when I dump that interface with just CentOS minimal installed in a vm and both interfaces passed to the vm (br0, and br1) I see only broadcast traffic. Why? tldr; unraid tcpdump br1 = everything vm tcpdump br1 = broadcasts only help Quote Link to comment
lurkio Posted October 24, 2018 Author Share Posted October 24, 2018 (edited) Surely someone has run into this besides me. I'd pass the NIC through to the VM, but System Information page says my IOMMU is disabled. I haven't found a way to enable IOMMU on this old HP 8300 Elite just yet. Edit: Assuming that IOMMU relies on VT-d then it's my CPU that prevents passing the NIC through to bypass the problem. I've got a i5-3450, and that feature is not included until you reach the i5-3550 or i5-3570. But the bridge interface not passing TCP traffic is still an issue. Edited October 24, 2018 by lurkio update and formatting Quote Link to comment
lurkio Posted October 24, 2018 Author Share Posted October 24, 2018 We're 90% of the way there, but I likely need someone who knows unRAID better than I to get me that last 10%. Basically, I was trying to run Security Onion in a VM, great tool if you haven't used it. The issue is that a linux bridge acts just like a hardware bridge (ie, switch), it won't forward frames that aren't destined for the correct interface MAC. There is a way around this: brctl setageing br1 0 brctl setfd br1 0 This essentially turns the bridge into a hub, blindly forwarding all packets. Great! Now how do I get that to survive reboot? Should this somehow end up in the flash/config/network.cfg? Can I execute bridge-control (brctl) commands there? I'm thinking not. Help! Quote Link to comment
saarg Posted October 25, 2018 Share Posted October 25, 2018 Add it in the go file in the config folder of the flash drive. Quote Link to comment
lurkio Posted October 26, 2018 Author Share Posted October 26, 2018 Thanks saarg, much appreciated! Quote Link to comment
imyourdaddy Posted June 27, 2019 Share Posted June 27, 2019 Did this get you fully up and running? I'm looking into getting a SecOnion VM on my Unraid box, and I want to know if it's fully possible or not. If not, I'll just keep it running on a dedicated box. Quote Link to comment
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.
Note: Your post will require moderator approval before it will be visible.