12-06-2019 03:18 PM
I'm trying to figure out if you can and how you would connect a passive packet broker to the fabric. I want to use this for l4-l7 copy service to an IDS connected to the packet broker. The packet broker itself is not an endpoint; there is no IP address on it and no mac for the interface that receives traffic (it would never transmit on this interface). It seems relatively straightforward (in that i have read the guide 100 times and seems like it's possible) to set up a copy service, but I cannot find anything on how you'd actually physically connect and configure the access policy for the packet broker physical port. I find some vague references to l4-l7 devices needing to be learned as endpoints, but I don't understand how that would be possible if the device isn't doing any data plan functions. In a traditional switching environment, it'd basically be a span destination. And it needs to be l4-l7 service because i want to be able to selectively copy from various contracts. And even potentially service chain with PBR l4-l7 (which I do have working).
I have read in the Cisco Application Centric Infrastructure Policy-Based Redirect Service Graph Design White Paper that this would be conceptually possible, but it's lacking in detail on how you actually do it (or at least details I understand).
Is anyone else finding the Cisco documentation somewhat lacking when it comes to configuring real use cases?
I'm running 4.2.