@jalejand Does SDA support ERSPAN session across the fabric between two ENs? I have conducted several tests, but not getting expected results.  My test case platform info: Both ENs are C9300-48UXM running 17.03.04

Yes it does. Here's a config snip from my lab that works. Please open TAC case if it doesn't. Note below something is replacing the word a d d r e s s with **bleep**, seem it's being erroneously flagged as a swear word, sorry, nothing I can do about it.

SDA EN1 - ERSPAN source

monitor session 10 type erspan-source

source interface Gi1/0/23 - 24

destination

  erspan-id 101

  ip **bleep** 10.180.4.81

  origin ip **bleep** 10.180.4.80

SDA EN2 - ERSPAN destination

monitor session 10 type erspan-destination

destination interface Gi1/0/23

source

  erspan-id 101

  ip **bleep** 10.180.4.81

Would this ERSPAN solution work from an SDA enabled EN to a non fabric router? For example, an ERSPAN session from an EN at multiple sites, back to a single ERSPAN aggregator connected to a DC switch?

Thanks,

J

it will assuming there is end-2-end connectivity bw src & dst.

The config snip I shared above would, yes. Replace "SDA EN2 - ERSPAN destination" with whatever ERSPAN capable device, including a device that is outside the fabric e.g. a non-SDA C9K switch.

Based on the destination not being a destination switch, Am i right in thinking that there is only the source switch configuration to consider in this instance?

As the ERSPAN destination is an appliance, that appliance will simply receive the traffic and the routed network in between will just pass the encapsulated traffic to the device configured as the ERSPAN destination.

Thanks,

J

it's something i 'm still curios of erspan's destination formula :0)
1) if "destination interface X" is set & attached to it TAP will consume/analyse traffic w/o problem why config need "source/ip **bleep** address"?
2) what is the purpose of "source/ip **bleep** address" at all if analyser IP is already defined in ERSPAN-Source switch?
In real life i've always been using remote wireshar machine w/o any ERSPAN Destination switch

I think the source IP is just for the tunnel configuration for GRE on the receiving switch. 

When you setup a typical GRE tunnel you specify the src/dst IP or interface, i imagine under the hood, the ERSPAN session also requires the same information to ensure that the sessions' associated tunnel can establish. I'm not sure if you could in theory use the same session ID on multiple source switches to the same destination switch, which would then need the source IP address of the tunnel as the differentiator.

I'm also curious.

lets take erspan-id as base here. u may have number of taps with number of src switches (erspan source) pointing to different or the same destination. 
Then u configure on the erspan-src switch:

monitor session X type erspan-source

source interface <variable>

destination

  erspan-id <Constant>

  ip **bleep** <variable>
to have taps to catch traffic of interest. & it will work
Q: why on the tap adjacent switch we need to configure something different from "destination interface X,Y,Z"?
especially

source

  erspan-id <Constant>

  ip **bleep** <something_already_defined_on_the_Erspan_src_switch>
?

I think you have to go for a upgrade of your DNAC.

At least DNAC Version 2.2.3.4 brings the following support.