I'm trying to decide which option is better to capture all the traffic inside vmware (vswitch), so far the solution will include a virtual machine per host which then it will forward all the traffic to an IP (example 22.214.171.124) on an isolated VLAN.
The question is: do I want that IP and VLAN on all the switches or on a dedicated switch.
The goal is to minimize the impact on any of the uplinks and potential problems due misconfiguration.
I would like to have comments about either design.
Rolando A. Valenzuela
So you looking all VM's traffic to be monitor, After traffic span to Arista, what is the device you going to use to capture this mirrored traffic ? do you have TAP ?
Instead of extending Esxi to another switch, why not consider created inside Esxi, create VM to capture that information for you.
example of this guide :
yes, since original post was asked only Esxi environment i have give the approach how we can do, if you have other infrastrucutre that also need to be monitor.
you have option.
Since you have mentioned you want to send traffic to Asrista and there you going to monitor, then go with that plan as you are comfortable.
Also look at the kind of traffic you monitor.