Tek-Tips is the largest IT community on the Internet today!

Members share and learn making Tek-Tips Forums the best source of peer-reviewed technical information on the Internet!

  • Congratulations strongm on being selected by the Tek-Tips community for having the most helpful posts in the forums last week. Way to Go!

Port Mirroring in VMware

Status
Not open for further replies.

tomcotton

Technical User
Dec 19, 2007
175
Hi All,

I've got a requirement to mirror a port to a virtual server running off a Cisco 3020 switch. As it's a VMWare blade based environment the server could end up connecting on any one of the 16 ports on that switch. Obviously I don't want to pass the traffic to all 16 ports so:
Is there a command that would enable me to only pass mirrored traffic to a certain host?? Or anything similar?
 
Use RSPAN to put the traffic onto a VLAN.

eg,
monitor session 1 source interface g1/0/1
monitor session 1 destination remote vlan 100 reflector-port g1/0/2

Extend the VLAN into your virtual environment.

Now, all you have to do is figure out how to configure the virtual switch to create a destination port for the mirrored traffic off this VLAN:

eg, on Cisco:
monitor session 1 source remote vlan 100
monitor session 1 destination interface g1

 
Hi Vince,

Thanks for your reply, although normal RSPAN will not work as the blade server isn't connected on to a static port. With it being in a blade server chassis it could end up connecting to any one of the 16 ports in the switch, so I need a method to only mirror traffic from one IP address to another regardless of it's position on a specific switch. Is there a way??
 
Hi, the Cisco 3020 switche is in im presuming HP C7000 chassis and as far as I remember to connect to a virtual port on the 3020 corelating to the slot number, I.E If slot 1, Port 1 etc. you should be able to simply span the virtual port on the 3020 to a physical port on the 3020, I.E Fa0/1 to a spare port on the front?

Can you so a "show inter status" on the 3020 and let me know which slot your server is in? of course if the server is in eg slot 3 and this server is running ESX with multiple VM`s for example you are going to see all of the server traffic, but at least it can be filtered.

Lee.



LEEroy
CCNP,CCIP
 
What you are asking for is not possible without some manual intervention each time the VM Guest moves. You could maybe write a script that did this for you (i.e. locate the VM's MAC address and then modify the monitor session destination). Not something I'd be keen on doing....
Do you VM guests move that often that you need this?

Andy
 
Ahh after Reading ADB100s reply I understand what your asking, sorry.

You could create a unique vlan just for this server with its own subnet(even if its a /30) and place this server in that vlan(presuming you will use .1q tagging to the blade servers). That way you could span the vlan as a source? otherwise as ADB100 said, its going to be difficult keeping track of that servers blade location.

Lee.

LEEroy
CCNP,CCIP
 
I think I'll go down the physical server route as we need this call recording solution to be rock solid from day 1 and the above method could have a few teething issues. Thanks a lot for your replies anyway guys
 
With it being in a blade server chassis it could end up connecting to any one of the 16 ports in the switch, so I need a method to only mirror traffic from one IP address to another regardless of it's position on a specific switch. Is there a way"

I think I understand your problem. I seem to recall being involved with virtualised environments which had one virtual host that HAD to run on one physical host and no other. Probably for a similar reason.
 
Status
Not open for further replies.

Part and Inventory Search

Sponsor

Back
Top