Port mirroring using bpf_clone_redirect

Kanthi P


I am trying a port mirroring use case that basically mirrors traffic from host1 to host2. On host 1 I have two interfaces eth0 and eth1 and have configured vxlan interface on eth1. I have used bpf_clone_redirect on both ingress/egress of eth0 and mirrored them to vxlan1(on eth1). This vxlan tunnel is ending on host2. So I am actually seeing all the packets on host2, but the order of the packets is too jumbled. Could this be because clone_and_redirect on ingress/egress is just redirecting both in parallel? But strangely the packet capture on host1’s ethernet interface is all fine in the order.

Appreciate your inputs!