Creating span interface using 'dup-to' option

[Kristof Provost]

On 2015-11-07 21:36:28 (+0100), Miłosz Kaniewski <milosz.kaniewski at gmail.com> wrote:
> 2015-10-12 16:28 GMT+02:00 David DeSimone <ddesimone at verio.net>:
> But unfortunately I still have a problem with 'dup-to' option. I hope you
> don't
> mind if I will describe it here, as it is still connected with network
> scheme I
> used in my first post.
> 
> As I explained 'dup-to' option is useful only when it is used with next-hop
> parameter. So in my configuration from first post I made these changes:
> 
> pass out on em0 dup-to (em2 10.0.0.1) no state
> pass out on em1 dup-to (em2 10.0.0.1) no state
> 
> IP address 10.0.0.1 is accessible through em2 interface. And with that
> configuration everything works fine and duplicated packets are send through
> em2
> interface without any problems. But I tried to make a little change and used
> one stateful rule:
> 
> pass out on em1 dup-to (em2 10.0.0.1)
> 
> And with that configuration something strange is happening. Packets are
> still
> duplicated and correctly sent through em2 interface but there are too much
> of
> them. It looks like some of the packets are duplicated to many times. Lets
> say
> I send ICMP ping that goes through em1. On em2 i should see two packets:
> ICMP
> request and ICMP reply. But I see two identical ICMP requests and one ICMP
> reply. So there are 3 packets instead of two.

Yeah, I see the same thing in my test setup. I'll try to investigate it
soon.

> I don't want to fill bug report yet. First I would like to hear your opinion
> about this behaviour. And it would be great if someone would check similar
> situation and confirm that this problem really exists.
> 
It certainly looks wrong. I can also reproduce your observation that
this doesn't happen when 'no state' is added to the rule.

Regards,
Kristof