Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
2230
Views
0
Helpful
5
Replies

how to configure SPAN port scenario !?

Go to solution
mohammed hashim
Level 1
Level 1

‎08-06-2016 02:58 AM - edited ‎03-08-2019 06:54 AM

hi,

I want to configure both Core Switches to mirror traffic according the the following:

                                                                   |-- Host 1

Core1------------Core2-------------------ESXi ---  Host 2

    |            X         |                                      |-- Host 3

Distribution     Distribution

    |            X         |

Access             Access 

as you see Hosts 1, 2 and 3 are Virtual Machines running on ESXi server.

so what I want is, all traffic across all Vlans passing through both Core switches to be only mirrored to Host 1. Host 1 is packet sniffer and I do not want other Hosts to receive this traffic.

how to do SPAN for this scenario ?

also is there any consideration for the link between Core2 and ESXi server that it could be Trunk or Access Port !?

thanks,

1 person had this problem
Labels:
0 Helpful
1 Accepted Solution

Accepted Solutions

Go to solution
ahmedshoaib
Level 4
Level 4
In response to mohammed hashim

‎08-06-2016 06:09 AM

Hi Hashim;

The issue is that whenever you configure SPAN, RSPAN or ERSPAN for destination Server you need to configure the interface as monitor & monitoring interface will not received any traffic. In this case you can forward the traffic toward Host 1 but due to monitoring interface your host 2 & 3 will also be out network.

Thanks & Best regards;

View solution in original post

0 Helpful
5 Replies 5

Go to solution
ahmedshoaib
Level 4
Level 4

‎08-06-2016 04:44 AM

Hi;

If monitoring Server is physical then you can configure SPAN & RSPAN on your network to forward the traffic to monitoring server.

You need to check on ESXi whether they support RSPAN or not. If yes then we can configure RSPAN on Cisco switches and extend the vlan till ESXi virtual switch and from there we can forward mirroring traffic to ESXi host1.

Thanks & Best regards

0 Helpful

Go to solution
mohammed hashim
Level 1
Level 1
In response to ahmedshoaib

‎08-06-2016 05:18 AM

Hi ahmed,

thanks for this idea,

I will have a look into ESXi option,

I do not have experience with ERSPAN, do you think it can be used in this scenario?

0 Helpful

Go to solution
ahmedshoaib
Level 4
Level 4
In response to mohammed hashim

‎08-06-2016 06:09 AM

Hi Hashim;

The issue is that whenever you configure SPAN, RSPAN or ERSPAN for destination Server you need to configure the interface as monitor & monitoring interface will not received any traffic. In this case you can forward the traffic toward Host 1 but due to monitoring interface your host 2 & 3 will also be out network.

Thanks & Best regards;

0 Helpful

Go to solution
mohammed hashim
Level 1
Level 1
In response to ahmedshoaib

‎08-06-2016 06:39 AM

Hi Ahmed,

thanks for your reply,

in this case, I am thinking as best solution is to install new physical NIC on ESXi and connect it to the switch and create virtual NIC on Host 1 and link it to this physical NIC card.
and then use RSPAN on the switch.
I need to test this,


thanks again. 

0 Helpful

Go to solution
ahmedshoaib
Level 4
Level 4
In response to mohammed hashim

‎08-06-2016 07:19 AM

Hi Hashim;

In this way you can achieve the traffic to mirror on HOST1 of EXSi Server.

Thanks & Best regards;

0 Helpful
Customers Also Viewed These Support Documents