ovs-vsctl: no row in table Port

[caparomula]

Howdy,

I stumbled on your work here while researching how to set up a security onion vm to monitor traffic on my proxmox Open vSwitch virtual network. I tried your method, but when I use ovs-vsctl to mirror traffic to the tap port created for the vm (tap105i1), I get the following error:

root@hlab:~# ovs-vsctl -- --id=@p get port tap105i1 -- --id=@m create mirror name=span1 select-all=true output-port=@p -- set bridge vmbr1 mirrors=@m
ovs-vsctl: no row "tap105i1" in table Port

But this interface does exist:

root@hlab:~# ip link |grep tap105i1
17: tap105i1: <BROADCAST,MULTICAST,PROMISC,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast master fwbr105i1 state UNKNOWN mode DEFAULT group default qlen 1000

Do you have any thoughts on why this might be? I'm using proxmox 6.1-3, ovs version 2.10.1? What versions are you using?

Thanks!

Chris

[caparomula]

Okay, I discovered that the tap interfaces on my proxmox box are being created in linux bridges, not ovs bridges. Now I just need to figure out why...

root@hlab:~# brctl show | grep tap105i1
                                                        tap105i1

[caparomula]

I discovered that a guest machine's tap interface will be created within a linux bridge if the firewall option is enabled for the network device. After unchecking the firewall box on the network device popup editor under the hardware settings for my guest vm, the tap interface was created within the ovs bridge instead.