Packet Broker Application
Packet Broker is a containerized traffic visibility application on AsterNOS (SONiC). It aggregates, filters, replicates, and load-balances monitor traffic from TAP and SPAN sources so security and analytics tools receive the right packets at the right ports—without dedicating standalone broker hardware.
The stack combines a Web UI for policy design, npbd for REST-to-SONiC translation, and npbsyncd for configuration persistence in the SONiC database. Other SONiC modules subscribe to those changes to program ACLs, forwarding groups, and exporter targets.
What you can deploy
Section titled “What you can deploy”| Capability | Typical use |
|---|---|
| Ingress aggregation | Combine multiple TAP/SPAN sources |
| Filtering & replication | Rule-based permit/deny and fan-out to tools |
| Load balancing | Distribute flows across monitoring ports |
| Tunnel handling | Strip or match encapsulations (GRE, ERSPAN, MPLS, VxLAN, …) |
| Automation | Ansible playbooks and exporter integration |
Documentation map
Section titled “Documentation map”| Section | Start here |
|---|---|
| Concepts | Packet Broker overview |
| Web UI | WebUI overview → forwarding policy, interfaces, SNMP |
| CLI | Command-line reference |
| Automation | Ansible tool guide · Exporter configuration |
Recommended path
Section titled “Recommended path”- Read the overview to understand Web UI → npbd → npbsyncd flow.
- Install and log in via login configuration.
- Define forwarding policies and interface bindings.
- Integrate with your monitoring pipeline using the exporter guide or Ansible where needed.
Related product lines
Section titled “Related product lines”- Data Center & AI Fabric — switching platforms that often host TAP/SPAN sources.
- Get Started — AsterNOS platform overview.