Hi Yves - I got this from my TAM.
Using VMware functionality for the port mirroring has proven difficult in our case. Before we installed NSX, we used the dSwitch port mirroring, and that worked fine. If you try to do the same with NSX installed (two VLANs, send them to a NIC on a tap VM), all traffic on the NSX segments configured with the source VLANs is blocked. Yes I know, this sounds wierd, and it is.
So I asked my TAM how they recommend we configure this (keep in mind - we're on VLAN backed segments for NSX, so no overlay or geneva tunneling - we only use NSX for its DFW, currently). He recommended we solve this on Cisco.
That proved to be a challenge as well, as the Cisco port mirroring needs a physical port to send the traffic to. In a vSphere environment, you don't want to remove an uplink from any hosts and dedicate for port mirroring, as this impacts redundancy and constency across the cluster, and introduces a set of risks.
Right now we're looking at Netscout as a possible solution.
Original Message:
Sent: Nov 14, 2024 03:17 AM
From: Yves Hertoghs
Subject: Alternatives to port mirroring in a vSphere + NSX environment
Hi, where exactly do you read that VMware does not recommend port mirroring and pointing to Cisco ?
NSX also has a packet copy feature, which uses the DFW function to duplicate a packet and send it out to a service VM running locally. Eg GIGAMON or NETSCOUT.
Yves