Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
1267
Views
0
Helpful
2
Replies

Port Mirroring and vPC

Scorpion687
Level 1
Level 1

‎03-13-2023 01:40 PM

Hello world,

I'm trying to wrap my head around port-mirroring related to vPC.
say I have the setup below, and setup port mirror on SW1 to mirror all traffic on a vlan and send it out the green SPAN port, would that capture traffic traversing through SW2, if that switches are in a vPC?
or would it be wise to setup another port-mirror  for the up-link and down-link on SW2, send that over to a new port on SW1 and add that port to the source of the port mirror on SW1?
Please advise, thanks.

Scorpion687_0-1678739009881.png

 

Labels:
0 Helpful
2 Replies 2

M02@rt37
VIP
VIP

‎03-15-2023 03:44 AM

Hello @Scorpion687 

In a vPC setup, both switches operate as a single logical entity, so the port-mirroring setup can be done on either switch, and it will capture all the traffic that passes through that particular VLAN on both switches.

In your scenario, if you set up a port mirror on SW1 to mirror all traffic on a VLAN and send it out the green SPAN port, it will capture all the traffic passing through that particular VLAN on both SW1 and SW2. So you don't need to set up another port-mirror on SW2.

However, if you want to capture traffic that only passes through SW2, you can set up another port-mirror on SW2 to mirror the uplink and downlink traffic, and send it to a new port on SW1. Then you can add that port to the source of the port-mirror on SW1. This way, you can capture traffic that is going through SW2 only.

If you want to capture all traffic passing through a particular VLAN, setting up port mirror on either switch in a vPC will suffice. If you want to capture traffic passing through a specific switch, you can set up a port mirror on that switch and send it to the other switch, and then add that port to the source of the port mirror on the other switch.

Best regards
.ı|ı.ı|ı. If This Helps, Please Rate .ı|ı.ı|ı.
0 Helpful

balaji.bandi
Hall of Fame
Hall of Fame

‎03-15-2023 04:09 AM

Its all depends on how the Router take path to reach destination. (how your routing in place).

If you hve sw between Router and nexus vPC - if they are not participated in vPC you unlikely see the traffic of nexus Sw2

best is you can mirror locally for the SW1 and SW2 use ERSPAN  to SW1 port is best i guess (in my views).

 

BB

***** Rate All Helpful Responses *****

How to Ask The Cisco Community for Help

0 Helpful
Customers Also Viewed These Support Documents