Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
748
Views
3
Helpful
3
Replies

Configuring ERSPAN between NEXUS 7000 and 5000

N3t W0rK3r
Level 3
Level 3

‎01-24-2017 10:43 AM - edited ‎03-08-2019 09:02 AM

We are attempting to configure ERSPAN with an N5K as source and one of our N7Ks as destination.

I understand the process of configuring ERSPAN on both devices, but what I do not understand is the selection of source and destination ip addresses.  The Cisco docs that I've read do not really explain this very well.

Our N5K is layer 2 only so it currently has an IP in the management VRF and an IP in the default VRF, both of which are in the same subnet (our net management subnet).  The N5Ks are directly connected to our N7Ks (which act as our core routers/switches).

The N7Ks have multple VLAN interfaces configured as well as an mgmt0 interface configured. This mgmt0 interface is on the same subnet as the two interfaces on the N5Ks.

So, can I simply use these device mgmt addresses as the source and destination addresses in the ERSPAN configuration?  Or do I need to use/create some other interfaces? Loopbacks?

I'm sorry, but this part of the config is very unclear to me.

Thanks in advance.

John

Labels:
0 Helpful
3 Replies 3

raymondcoward
Level 1
Level 1

‎01-24-2017 03:55 PM

Hi John

Just out of curiosity are these devices connected using a L2 Trunk? If so, wouldn't RSPAN work?

Cheers

N3t W0rK3r
Level 3
Level 3
In response to raymondcoward

‎01-25-2017 06:24 AM

Hi Raymond,

They are connected by L2 trunk, BUT the Nexus 5000 doesn't support RSPAN from what I could see.  I tried that to begin with, but there was no "remote vlan" option for the monitor session command.

Thanks.

John

0 Helpful

raymondcoward
Level 1
Level 1
In response to N3t W0rK3r

‎01-26-2017 04:26 PM

Hi John

Ahh ok. So i think this is how it works. The ERSPAN source on your 5K is whatever source interface/vlan you want to monitor the ingress/egress/both traffic of and the destination is going to be the L3 IP address of your 7K that you want to receive the ERSPAN traffic from. On the 7K the source is the IP address specified as the destination on the 5K, and the destination is the interface that is connected to your sniffer software.

This link might help

http://www.cisco.com/c/en/us/support/docs/switches/nexus-5000-series-switches/113501-nexus5000-erspan-config.html

That link has the same setup as you with a Nexus 5k and 7k connecting via a L2 Trunk

Cheers

0 Helpful
Customers Also Viewed These Support Documents