Nexus 1000v ERSPAN

Answered Question
Feb 4th, 2011

Greeting Gents

I`m actually designing an implementation for nexus 1000v and i`d like to know if i can dedicate a port for ERSPAN traffic (inter and intra VMs) and how it`s done

In doc from cisco they state the following after setting up the port-profile for ERSPAN

The port profile name is used to configure the VMKNIC that is required on  each of the ESX hosts.

Any help please

I appreciate it

I have this problem too.
0 votes
Correct Answer by dersoz about 3 years 2 months ago

Hi,

Once the VMKnic is configured, it would be used to source the ERSPAN (IP/GRE) packets from (you could just think this as configuring a VM's Veth and it's IP, but instead it would be the VMKnic). So, the VMKnic IP would be the source IP of the ERSPAN packets generated from that VEM/host. And the VLAN should be configured such that the configured IP could reach the gateway.

Let us know if you have further questions.

Thanks,

Deniz

Correct Answer by mmehta about 3 years 2 months ago

Hi,

The "vmknic" configuration on the ESX host is required to route the ERSPAN frames to an IP addressable destination. Assigning a port-profile with "capability l3control" command configures the VEM to start using the "vmknic" for routing the ERSPAN frames out to the destination. In addition to this, you need to configure ERSPAN session on VSM for your monitoring. The ERSPAN session consist of "sources" i.e. Vethernet ports, VLANs, or a port-profile (from SV1(4) only) release. Afterwards, you need to configure ERSPAN destination IP address and the identifier for this session. Once the session is setup, N1K VEMs will copy the frames you are interested in monitoring and send them to IP destination using ERSPAN frame format.

I didnt completely understand the deployment scenario from your note below. Could you please elaborate more on how you plan to setup the ERSPAN and we can help review it.

thanks,

Munish.

  • 1
  • 2
  • 3
  • 4
  • 5
Average Rating: 5 (2 ratings)
Correct Answer
mmehta Sat, 02/05/2011 - 06:04

Hi,

The "vmknic" configuration on the ESX host is required to route the ERSPAN frames to an IP addressable destination. Assigning a port-profile with "capability l3control" command configures the VEM to start using the "vmknic" for routing the ERSPAN frames out to the destination. In addition to this, you need to configure ERSPAN session on VSM for your monitoring. The ERSPAN session consist of "sources" i.e. Vethernet ports, VLANs, or a port-profile (from SV1(4) only) release. Afterwards, you need to configure ERSPAN destination IP address and the identifier for this session. Once the session is setup, N1K VEMs will copy the frames you are interested in monitoring and send them to IP destination using ERSPAN frame format.

I didnt completely understand the deployment scenario from your note below. Could you please elaborate more on how you plan to setup the ERSPAN and we can help review it.

thanks,

Munish.

Seifeddine-Tlili Sun, 02/06/2011 - 16:38

Thanks Metha actually we are deploying the Erspan to capture traffic for different sources and basically I'm concerned to understand the vlan that we setup and the Ip address for the vmknic is used for what purpose and what's the actual meaning of that

I really appreciate your answer

Sent from Cisco Technical Support iPhone App

Correct Answer
dersoz Mon, 02/07/2011 - 11:13

Hi,

Once the VMKnic is configured, it would be used to source the ERSPAN (IP/GRE) packets from (you could just think this as configuring a VM's Veth and it's IP, but instead it would be the VMKnic). So, the VMKnic IP would be the source IP of the ERSPAN packets generated from that VEM/host. And the VLAN should be configured such that the configured IP could reach the gateway.

Let us know if you have further questions.

Thanks,

Deniz

Actions

Login or Register to take actions

This Discussion

Posted February 4, 2011 at 8:31 AM
Stats:
Replies:3 Avg. Rating:5
Views:2128 Votes:0
Shares:0
Tags: No tags.

Discussions Leaderboard