[libvirt-users] Question about use libvirt

Laine Stump laine at redhat.com
Wed Oct 13 05:31:34 UTC 2010 

  On 10/12/2010 08:40 PM, Mike Hall wrote:
> Original message:
> For a new system to develop, I need to know if I can use libvirt for 
> to get (listen) the information that pass trought the lan (vlan) of 
> the each VM.
> Marcela's perfect Spanish:
> quiero saber si utilizando esta libreria, puedo utilizar alguna 
> función que me permita capturar los mensajes que se envian 
> aplicaciones paralelas de paso de mensajes que se ejecutan en las 
> máquinas virtuales.
> Mike's imperfect translation:
> "I need to know if, using this library (libvirt), I can use a function 
> that allows me to capture information sent by applications in parallel 
> to/in addition to information passed by virtual machines"
> I'm no expert, but I don't think libvirt has access, via virtual 
> networking, to data sent by applications running in virtual machines. 
> My guess is that such data would be accessible in the same way as with 
> physical machines on a physical network (eg tcpdump?).

Correct.

Libvirt just sets up the network plumbing, but never sees any of the 
traffic (that would be extremely inefficient). In the case of user-mode 
networking (everything except a virtio network device in the new 
vhost-net mode) the qemu process does have access to all the data, but I 
don't know of any mechanism it provides to monitor that data (and 
besides, when vhost-net is used, everything stays down at kernel level 
anyway).

As you suggest, the most straightforward way to monitor the network 
traffic of guests is with libpcap, or one of the applications that uses 
libpcap, such as tcpdump or wireshark. You can simply direct it towards 
the virtual bridge created by libvirt for the network the guest(s) are 
connected to (eg, virbr0)

(You could also monitor the vnetX interface created for a particular 
guest, but the name of that device is automatically re-generated every 
time the guest is started, so you would want to parse it out of the xml 
for the guest prior to starting the monitoring each time, and would need 
to restart the monitor process if the guest was restarted)

More information about the libvirt-users mailing list