VMware vSphere

 View Only

  • 1.  Port mirroring on standard switch

    Posted Feb 18, 2015 11:14 PM

    Is there anyway to make port mirroring / SPAN work on a standard switch in 5.0 either supported or unsupported?

    Thanks!



  • 2.  RE: Port mirroring on standard switch

    Posted Feb 18, 2015 11:32 PM

    Port Mirror is a feature present only on Distributed switch, a workaround for vSwitch is use Promiscuous Mode like described on this blog post: http://www.routereflector.com/2014/07/port-mirroring-on-vmware-vswitchdvswitch-dvmirror/



  • 3.  RE: Port mirroring on standard switch

    Posted Feb 19, 2015 12:44 AM

    Thanks - if I use promiscuous mode on a standard switch:

    -How can I prevent Vms on that switch that I don't want to mirror to from seeing the mirrored traffic?

    -How can I send that traffic to a collector with a destination IP outside my subnet that requires going over a router?



  • 4.  RE: Port mirroring on standard switch

    Posted Feb 19, 2015 01:18 AM

    -How can I prevent Vms on that switch that I don't want to mirror to from seeing the mirrored traffic?

    All VMs on the same port group will see this traffic, but remember that if you don't have a sniffer listening on promiscuous mode on the Guest OS, the traffic not destined to the VMAs will be ignored.

    -How can I send that traffic to a collector with a destination IP outside my subnet that requires going over a router?

    Unless I'm missing something, you can't since the router will forward only the traffic directly destined to the remote IP.



  • 5.  RE: Port mirroring on standard switch

    Posted Apr 06, 2016 08:38 PM

    We tried the promiscuous mode option and that port group then sees all the traffic from the other port groups in the vSwitch.

    VMware KB: How promiscuous mode works at the virtual switch and portgroup levels

    Luckily we have some spare NICs we can light up so we're creating a new vSwitch and portgroup for the VM we need to monitor and the receiver NIC.