Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. If you'd prefer to explore, try our test area to get started. And see here for current known issues.

New Member

Nexus 1000v ERSPAN

Greeting Gents

I`m actually designing an implementation for nexus 1000v and i`d like to know if i can dedicate a port for ERSPAN traffic (inter and intra VMs) and how it`s done

In doc from cisco they state the following after setting up the port-profile for ERSPAN

The port profile name is used to configure the VMKNIC that is required on  each of the ESX hosts.

Any help please

I appreciate it

2 ACCEPTED SOLUTIONS

Accepted Solutions
Cisco Employee

Re: Nexus 1000v ERSPAN

Hi,

The "vmknic" configuration on the ESX host is required to route the ERSPAN frames to an IP addressable destination. Assigning a port-profile with "capability l3control" command configures the VEM to start using the "vmknic" for routing the ERSPAN frames out to the destination. In addition to this, you need to configure ERSPAN session on VSM for your monitoring. The ERSPAN session consist of "sources" i.e. Vethernet ports, VLANs, or a port-profile (from SV1(4) only) release. Afterwards, you need to configure ERSPAN destination IP address and the identifier for this session. Once the session is setup, N1K VEMs will copy the frames you are interested in monitoring and send them to IP destination using ERSPAN frame format.

I didnt completely understand the deployment scenario from your note below. Could you please elaborate more on how you plan to setup the ERSPAN and we can help review it.

thanks,

Munish.

Cisco Employee

Re: Nexus 1000v ERSPAN

Hi,

Once the VMKnic is configured, it would be used to source the ERSPAN (IP/GRE) packets from (you could just think this as configuring a VM's Veth and it's IP, but instead it would be the VMKnic). So, the VMKnic IP would be the source IP of the ERSPAN packets generated from that VEM/host. And the VLAN should be configured such that the configured IP could reach the gateway.

Let us know if you have further questions.

Thanks,

Deniz

3 REPLIES
Cisco Employee

Re: Nexus 1000v ERSPAN

Hi,

The "vmknic" configuration on the ESX host is required to route the ERSPAN frames to an IP addressable destination. Assigning a port-profile with "capability l3control" command configures the VEM to start using the "vmknic" for routing the ERSPAN frames out to the destination. In addition to this, you need to configure ERSPAN session on VSM for your monitoring. The ERSPAN session consist of "sources" i.e. Vethernet ports, VLANs, or a port-profile (from SV1(4) only) release. Afterwards, you need to configure ERSPAN destination IP address and the identifier for this session. Once the session is setup, N1K VEMs will copy the frames you are interested in monitoring and send them to IP destination using ERSPAN frame format.

I didnt completely understand the deployment scenario from your note below. Could you please elaborate more on how you plan to setup the ERSPAN and we can help review it.

thanks,

Munish.

New Member

Re: Nexus 1000v ERSPAN

Thanks Metha actually we are deploying the Erspan to capture traffic for different sources and basically I'm concerned to understand the vlan that we setup and the Ip address for the vmknic is used for what purpose and what's the actual meaning of that

I really appreciate your answer

Sent from Cisco Technical Support iPhone App

Cisco Employee

Re: Nexus 1000v ERSPAN

Hi,

Once the VMKnic is configured, it would be used to source the ERSPAN (IP/GRE) packets from (you could just think this as configuring a VM's Veth and it's IP, but instead it would be the VMKnic). So, the VMKnic IP would be the source IP of the ERSPAN packets generated from that VEM/host. And the VLAN should be configured such that the configured IP could reach the gateway.

Let us know if you have further questions.

Thanks,

Deniz

2211
Views
0
Helpful
3
Replies