Scribd Logo
Fazer o upload

Bem-vindo(a) ao Scribd!

  • UCS 7 09 Nexus1000v ESPAN

    Enviado por

    Umair Alam
    25 visualizações5 páginas
    nnnn

    Título original

    UCS_7_09_Nexus1000v_ESPAN

    Direitos autorais

    © © All Rights Reserved

    Formatos disponíveis

    PDF, TXT ou leia online no Scribd

    Você considera este documento útil?

    Este conteúdo é inapropriado?

    Denunciar este documento
    nnnn

    Direitos autorais:

    © All Rights Reserved
    Baixe no formato PDF, TXT ou leia online no Scribd
    Sinalizar o conteúdo como inadequado
    25 visualizações5 páginas

    UCS 7 09 Nexus1000v ESPAN

    Enviado por

    Umair Alam
    nnnn

    Direitos autorais:

    © All Rights Reserved
    Baixe no formato PDF, TXT ou leia online no Scribd
    Sinalizar o conteúdo como inadequado
    de 5

    UCS Technology Labs Nexus 1000v on UCS

    ERSPAN in Nexus 1000v


    Last updated: April 11, 2013

    Task
    Set up a ERSPAN session that allows Server1 on N5K1 (or 3, 5, or 7, depending on your rack) to
    see all packets Tx or Rx to/from Win2k8-www-3.
    Ping from Win2k8-www-2 to Win2k8-www-3 and capture the packets in Wireshark on Server1.

    Configuration
    We can see that Win2k8-www-3 is running on ESXi1 or VEM 3.

    Let's find the Veth port number in N1Kv.

    FEEDBACK

    N1Kv-01# sh int status


    ------------------------------------------------------------------------------Port

    Name

    Status

    Vlan

    Duplex Speed

    Type

    ------------------------------------------------------------------------------mgmt0

    --

    up

    routed

    full

    1000

    --

    Eth3/1

    --

    up

    trunk

    full

    1000

    --

    Eth3/2

    --

    up

    trunk

    full

    1000

    --

    Eth3/3

    --

    up

    trunk

    full

    unknown --

    Eth3/4

    --

    up

    trunk

    full

    unknown --

    Eth3/5

    --

    up

    trunk

    full

    unknown --

    Eth4/1

    --

    up

    trunk

    full

    1000

    --

    Eth4/2

    --

    up

    trunk

    full

    1000

    --

    Eth4/3

    --

    up

    trunk

    full

    unknown --

    Eth4/4

    --

    up

    trunk

    full

    unknown --

    Eth4/5

    --

    up

    trunk

    full

    unknown --

    Po1

    --

    up

    trunk

    full

    1000

    --

    Po2

    --

    up

    trunk

    full

    1000

    --

    Po3

    --

    up

    trunk

    full

    unknown --

    Po4

    --

    up

    trunk

    full

    unknown --

    Veth1

    VMware VMkernel, v up

    115

    auto

    auto

    --

    Veth2

    VMware VMkernel, v up

    116

    auto

    auto

    --

    Veth3

    N1Kv-01-VSM-2, Net up

    120

    auto

    auto

    --

    Veth4

    N1Kv-01-VSM-2, Net up

    121

    auto

    auto

    --

    Veth5

    N1Kv-01-VSM-2, Net up

    120

    auto

    auto

    --

    Veth6

    Win2k8-www-1, Netw up

    110

    auto

    auto

    --

    Veth7

    VMware VMkernel, v up

    115

    auto

    auto

    --

    Veth8

    VMware VMkernel, v up

    116

    auto

    auto

    --

    Veth9

    N1Kv-01-VSM-1, Net up

    120

    auto

    auto

    --

    Veth10

    N1Kv-01-VSM-1, Net up

    121

    auto

    auto

    --

    Veth11

    N1Kv-01-VSM-1, Net up

    120

    auto

    auto

    --

    Veth12

    Win2k8-www-2, Netw up

    110

    auto

    auto

    --

    Veth13

    Win2k8-www-3, Netw up

    Veth14

    vCenter, Network A up

    auto

    auto

    --

    control0

    --

    routed

    full

    1000

    --

    up

    110

    auto

    auto

    --

    N1Kv-01#

    To provide ERSPAN, we need UDP packetization, and therefore capability l3control on our
    VMKernel interface from which the ERSPAN packets will originate. This also provides the
    source address for the ERSPAN. Set up the ERSPAN session to send to the destination of
    N5K1's SVI for the same VLAN that the VMKernel is running on (this can easily be a different
    VLAN if routing is properly configured).

    port-profile type vethernet VMKernel


    capability l3control
    vmware port-group
    switchport mode access
    switchport access vlan 115
    no shutdown
    system vlan 115
    state enabled
    monitor session 2 type erspan-source
    source interface Vethernet12 both
    destination ip 10.0.115.51
    erspan-id 2
    ip ttl 64
    mtu 1500
    header-type 2
    no shut

    On N5K1:

    interface vlan 115


    ip address 10.0.115.51
    no shut
    interface e1/1
    switchport
    switchport monitor
    no shut
    monitor session 2 type erspan-destination
    source ip 10.0.115.12
    destination interface e1/1
    erspan-id 2
    vrf default
    no shut

    Verification
    On N1Kv:

    N1Kv-01# sh monitor session 2


    session 2
    --------------type

    : erspan-source

    state

    : up

    source intf

    rx

    : Veth12

    tx

    : Veth12

    both

    : Veth12

    source VLANs

    rx

    tx

    both

    source port-profile :
    rx

    tx

    both

    filter VLANs

    : filter not specified

    destination IP

    : 10.0.115.51

    ERSPAN ID

    :2

    ERSPAN TTL

    : 64

    ERSPAN IP Prec.

    :0

    ERSPAN DSCP

    :0

    ERSPAN MTU

    : 1500

    ERSPAN Header Type: 2


    N1Kv-01#

    And looking on the linecard directly.

    N1Kv-01(config-erspan-src)# module vem 4 execute vemcmd show span


    VEM SOURCE IP: 10.0.115.12
    HW SSN ID

    ERSPAN ID

    HDR VER

    RX Sources :55,
    TX Sources :55,
    Source Filter RX :110,
    Source Filter TX:110,
    N1Kv-01#

    Let's send our ping from Win2k8-www-2.

    DST LTL/IP
    10.0.115.51

    We should see it on Server1 off N5K1.

    ^ back to top

    Disclaimer (http://www.ine.com/feedback.htm) | Privacy Policy (http://www.ine.com/resources/)


    Inc., All Rights Reserved (http://www.ine.com/about-us.htm)

    2013 INE

    Você também pode gostar