Re: How can I do ERSPAN on Cisco Nexus 9000 for VLAN serment?

a.hmedali58ik · ‎11-23-2021

I need to capture traffic in local VLAN on Nexus9000K, start wireshark on my laptop, ip address of this laptoop is 9.9.9.9. Also I want to capture only icmp and src host 10.0.0.0/24. I try to do this: Website

switch(config)# monitor session 10 type erspan-source ?
switch(config-erspan-src)# erspan-id 10
switch(config-erspan-src)# source interface ethernet 1/1
switch(config-erspan-src)# destination ip 9.9.9.9
switch(config-erspan-src)# vrf default
switch(config-erspan-src)# exit

switch(config)# ip access-list match_10_pkts
switch(config-acl)# permit icmp 10.0.0.0 0.0.0.255 any

switch(config-acl)# vlan access-map erspan_filter 5
switch(config-access-map)# match ip address match_10_pkts
switch(config-access-map)# action forward
switch(config-access-map)# exit

switch(config)#  monitor session 10 type erspan-source
switch(config-erspan-src)# filter access-group erspan_filter
**ERROR: ACL/VLAN filter not supported for Tx direction.**

How can I do this capture in right way? Or this can be achieved by classic SPAN technology only?

marce1000 · ‎11-23-2021

- You may find this document useful :

https://www.cisco.com/c/en/us/td/docs/switches/datacenter/nexus9000/sw/92x/system-management/b-cisco-nexus-9000-series-nx-os-system-management-configuration-guide-92x/b-cisco-nexus-9000-series-nx-os-system-management-configuration-guide-92x_chapter_0...

M.

-- Each morning when I wake up and look into the mirror I always say ' Why am I so brilliant ? '
When the mirror will then always repond to me with ' The only thing that exceeds your brilliance is your beauty! '