====== Traffic Mirroring to External Platforms ======
{{indexmenu_n>19}}

A part of the traffic can be mirror from the common channel and transmitted for analysis and processing to external platforms.

{{ :dpi:dpi_components:platform:dpi_divert_spec:sent_traffic_to_vas.png?600 |}}

===== TAP Interfaces Configuration =====
  * TAP0 - is used for  traffic diversion
  * TAP1 - server side port that receives traffic
  * Tunnel is created between TAP0 and TAP1 to transmit traffic to an external platform
  * mac learning is disabled on the TAP0 interface

Run the following commands from the console:
<code bash>
ip tuntap add tap0 mode tap
ip tuntap add tap1 mode tap

ip link set dev tap0 up
ip link set dev tap1 up

ip link add br0 type tunnel

ip link set tap0 master br0
bridge link set dev tap0 learning off
ip link set tap1 master br0

ifconfig tap0 192.168.4.20 up
ifconfig tap1 192.168.4.21 up
ifconfig br0 up
</code>
<note warning>Warning: TAP interfaces must be started after server restart!</note>

===== Traffic Diversion Configuration =====
Set up traffic diversion (the variant with the named profile):
<code bash>
  fdpi_ctrl load profile --service 14 --profile.name radius_accounting  --profile.json '{ "typedev" : "tap","dev" : "tap0","udp" : [ 1813 ] }' --outformat=json 
  fdpi_ctrl load --service 14 --profile.name radius_accounting --ip 10.16.252.11
</code> 
here "typedev" : "tap" - type of device foк traffic diversion (TAP)
    "dev" : "tap0" - the name of the network interface to which traffic is diverted
    "udp" : [ 1813 ] - protocol and port number of the diverted traffic
      
 An example of use can be found in the section [[en:dpi:dpi_components:radius:radius_config|Radius Configuration Example #2]]  
<html></div></html>

===== Autorun Setup =====
To configure the traffic diversion interfaces at system startup, you have to:
  - Add to the file **/etc/rc.d/rc.local**: \\ <code bash> ip tuntap add tap0 mode tap
ip tuntap add tap1 mode tap

ip link set dev tap0 up
ip link set dev tap1 up

ip link add br0 type tunnel

ip link set tap0 master br0
bridge link set dev tap0 learning off
ip link set tap1 master br0

ifconfig tap0 192.168.4.20 up
ifconfig tap1 192.168.4.21 up
ifconfig br0 up </code>
  - Add **rc.local** processing permission: <code bash> chmod +x /etc/rc.d/rc.local </code>
  - Change the file **/usr/lib/systemd/system/rc-local.service**: \\ <code bash> [Unit]
Description=/etc/rc.d/rc.local Compatibility
Documentation=man:systemd-rc-local-generator(8)
ConditionFileIsExecutable=/etc/rc.d/rc.local
After=network.target network-online.target

[Service]
Type=forking
ExecStart=/etc/rc.d/rc.local start
TimeoutSec=0
RemainAfterExit=yes
GuessMainPID=no

[Install]
WantedBy=multi-user.target </code>
  - Enable **rc.local**, so that it starts every time after reboot: \\ <code bash> systemctl enable rc-local </code>