Introduction This document describes conditions and configuration to capture traffic in Nexus 1000v. In Nexus 1000v the Virtual Supervisor Module (VSM) manages the Cisco Nexus 1000V Series switch VEMs. The Virtual Ethernet Module (VEM) executes inside the Cisco Nexus 1000V Series switch hypervisor. A set of dual redundant VSMs and managed VEMs form a single Nexus 1000v switch domain.
Description Traffic capturing is common to monitor application performance and for troubleshooting issues. Nexus 1000v allows to capture traffic flowing through it, based on rules, and forward it to a monitoring application. In our case the monitoring application is running as a VM connected to the Nexus 1000v switch. Since the traffic which is required to be captured and the monitoring VM interface are on same switch we can configure a simple span session on the Nexus 1000v switch.
The monitoring application VM would use a 1000v port-profile to get a vEthernet port on the switch. The requirement for configuring a span session is that the source and destination ports should be on same line card. This means we will need to deploy the monitoring application VM on same ESX host as the VM whose traffic needs to be captured.
Configuration To capture traffic we need to setup span session on Nexus 1000v. Mention all the vlans for which you need to capture traffic in same span session. No need to create seperate span sessions for multiple vlans unless your design asks for it or you need it that way. The commands to configure a span session are simple and are as follows:
monitor session 1 description Monitoring app POC source vlan 1690,1700-1720 rx //mention all vlans for which you need to capture traffic destination interface Vethernet367 //this is the destination interface where the captured traffic will be sent no shut
Once the configuration is completed ensure that the span session is working by giving the following command
VSM01# show monitor session 1
session 1 --------------- description : Monitoring app POC type : local state : up source intf : rx : tx : both : source VLANs : rx : 1690,1700-1720 tx : both : source port-profile : rx : tx : both : filter VLANs : filter not specified destination ports : Veth367 destination port-profile :