ERSPAN: EVPN BGP overlay

Gomez · ‎06-15-2022

Hi,

I have the following topology. The underlay is OSPF , overlay is EVPN BGP.

Suppose I want to mirror all traffic going through the uplinks to a device connected to a leaf. Can i use ERSPAN for this?

According to documentation ERSPAN over VXLAN overlay is not supported.

Cisco Nexus 9000 Series NX-OS System Management Configuration Guide, Release 7.x - Configuring ERSPAN [Cisco Nexus 9000 Series Switches] - Cisco

How can I accomplish this without taps and using SPAN?

Sergiu.Daniluk · ‎06-15-2022

Hi @Gomez

"I want to mirror all traffic going through the uplinks to a device connected to a leaf" - it's not clear if you want to mirror traffic from the same device where the "span receiver" is connected or from all leafs from vxlan fabric. Which one it is?

If it's the first (mirror only local traffic - On leaf101 you mirror traffic from uplinks to another local port) then its ok - supported and working

If it's the second (mirror all vxlan encapsulated traffic from all leafs to a device connected to one leaf) then yes this is not supported.

Stay safe,

Sergiu

Gomez · ‎06-22-2022

Hi Sergiu,

Apologies for the late reply did not see your reaction.

It is the last option I want:

If it's the second (mirror all vxlan encapsulated traffic from all leafs to a device connected to one leaf) then yes this is not supported.

For the first option i would need to many connection running into the capture device, of course using special hardware for this would be my prefered option but due to budget constraints this will not be possible.

Another argument to switch to ACI I guess.

Sergiu.Daniluk · ‎06-22-2022

"Another argument to switch to ACI I guess." -> I couldn't say better