02-04-2011 08:31 AM
Greeting Gents
I`m actually designing an implementation for nexus 1000v and i`d like to know if i can dedicate a port for ERSPAN traffic (inter and intra VMs) and how it`s done
In doc from cisco they state the following after setting up the port-profile for ERSPAN
The port profile name is used to configure the VMKNIC that is required on each of the ESX hosts.
Any help please
I appreciate it
Solved! Go to Solution.
02-05-2011 06:04 AM
Hi,
The "vmknic" configuration on the ESX host is required to route the ERSPAN frames to an IP addressable destination. Assigning a port-profile with "capability l3control" command configures the VEM to start using the "vmknic" for routing the ERSPAN frames out to the destination. In addition to this, you need to configure ERSPAN session on VSM for your monitoring. The ERSPAN session consist of "sources" i.e. Vethernet ports, VLANs, or a port-profile (from SV1(4) only) release. Afterwards, you need to configure ERSPAN destination IP address and the identifier for this session. Once the session is setup, N1K VEMs will copy the frames you are interested in monitoring and send them to IP destination using ERSPAN frame format.
I didnt completely understand the deployment scenario from your note below. Could you please elaborate more on how you plan to setup the ERSPAN and we can help review it.
thanks,
Munish.
02-07-2011 11:13 AM
Hi,
Once the VMKnic is configured, it would be used to source the ERSPAN (IP/GRE) packets from (you could just think this as configuring a VM's Veth and it's IP, but instead it would be the VMKnic). So, the VMKnic IP would be the source IP of the ERSPAN packets generated from that VEM/host. And the VLAN should be configured such that the configured IP could reach the gateway.
Let us know if you have further questions.
Thanks,
Deniz
02-05-2011 06:04 AM
Hi,
The "vmknic" configuration on the ESX host is required to route the ERSPAN frames to an IP addressable destination. Assigning a port-profile with "capability l3control" command configures the VEM to start using the "vmknic" for routing the ERSPAN frames out to the destination. In addition to this, you need to configure ERSPAN session on VSM for your monitoring. The ERSPAN session consist of "sources" i.e. Vethernet ports, VLANs, or a port-profile (from SV1(4) only) release. Afterwards, you need to configure ERSPAN destination IP address and the identifier for this session. Once the session is setup, N1K VEMs will copy the frames you are interested in monitoring and send them to IP destination using ERSPAN frame format.
I didnt completely understand the deployment scenario from your note below. Could you please elaborate more on how you plan to setup the ERSPAN and we can help review it.
thanks,
Munish.
02-06-2011 04:38 PM
Thanks Metha actually we are deploying the Erspan to capture traffic for different sources and basically I'm concerned to understand the vlan that we setup and the Ip address for the vmknic is used for what purpose and what's the actual meaning of that
I really appreciate your answer
Sent from Cisco Technical Support iPhone App
02-07-2011 11:13 AM
Hi,
Once the VMKnic is configured, it would be used to source the ERSPAN (IP/GRE) packets from (you could just think this as configuring a VM's Veth and it's IP, but instead it would be the VMKnic). So, the VMKnic IP would be the source IP of the ERSPAN packets generated from that VEM/host. And the VLAN should be configured such that the configured IP could reach the gateway.
Let us know if you have further questions.
Thanks,
Deniz
Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: