OS10 Enterprise Edition User Guide Release 10.4.0E(R3)

PDF

Remote port monitoring on VLT

In a network, devices configured with peer VLT nodes are considered as a single device. You can apply remote port monitoring (RPM) on the VLT devices in a network.

In a failover case, the monitored traffic reaches the packet analyzer connected to the TOR through the VLT interconnect link.

  • NOTE:
    • In VLT devices configured with RPM, when the VLT link is down, the monitored packets might drop for some time. The time is equivalent to the VLT failover recovery time (delay restore).
    • ERPM does not work on VLT devices.

RPM on VLT scenarios

Consider a simple VLT setup where two VLT devices are connected using VLTi and a top-of-rack (TOR) switch is connected to both the VLT peers using VLT LAGs in a ring topology. In this setup, the following table describes the possible scenarios when RPM is used to mirror traffic.

  • NOTE: The ports that are connected to the VLT domain, but not part of the VLT-LAG, are called orphan ports.
Table 1. RPM on VLT scenarios. RPM on VLT scenarios
Scenario Recommendation
Mirror an orphan port or VLT LAG or VLTi member port to VLT LAG. The packet analyzer is connected to the TOR switch.

The following is an example of recommended configuration on the peer VLT device:

  1. Create RSPAN VLAN
    !
                                                       interface vlan 100
                                                       no shutdown
                                                       remote-span
                                                       !
                                                    
  2. Create an L2 ACL for the RSPAN VLAN - RSPAN session and attach it to VLTi LAG interface.
    !
                                                       mac access-list rspan
                                                       seq 10 permit any any capture session 10 vlan 100
                                                       !
                                                       
                                                       interface ethernet 1/1/1
                                                       no shutdown
                                                       switchport access vlan 1
                                                       mac access-group rspan in
                                                       !
                                                    
  3. Create a flow based RSPAN session on the peer VLT device to monitor the VLTi LAG interface as source.
    !
                                                       monitor session 10 type rspan-source
                                                       destination remote-vlan 100
                                                       flow-based enable
                                                       source interface ethernet1/1/1 (ICL lag member)
                                                       !
                                                    
Mirror a VLAN with VLTi LAG as member to any orphan port on the same VLT device. The packet analyzer is connected to the local VLT device through the orphan port.

The following is an example of recommended configuration on the VLT device:

  1. Create an L2 ACL for the local session and attach it to the VLTi LAG interface.
    !
                                                       mac access-list span
                                                       seq 10 permit any any capture session 10
                                                       !
                                                       
                                                       interface ethernet 1/1/1
                                                       no shutdown
                                                       switchport access vlan 1
                                                       mac access-group span in
                                                       !
                                                    
  2. Create a flow based local session on the VLT device to monitor VLTi LAG interface member (ethernet 1/1/1) as source.
    !
                                                       monitor session 10 type
                                                       destination interface ethernet 1/1/10 flow-based enable
                                                       source interface ethernet1/1/1
                                                       no shut
                                                       !
                                                    
Mirror a VLAN with VLTi LAG as member to VLT LAG on the same VLT device. The packet analyzer is connected to the TOR switch.
Mirror VLT LAG of TOR, or any port in the TOR to any orphan port in the VLT device. Configure VLT nodes as intermediate device. The packet analyzer is connected to the TOR switch.
Mirror VLT LAG to any orphan port on the same VLT device. The packet analyzer is connected to the local VLT device through the orphan port. If the packet analyzer is directly connected to the VLT peer in which the source session is configured, use local port monitoring instead of RPM.
Mirror an orphan port in primary VLT device to any orphan port on secondary VLT device through VLTi. The packet analyzer is connected to the secondary VLT device through the orphan port. In this case, the mirroring packets are duplicated.
Mirror VLT LAG of the primary VLT device to any orphan port on secondary VLT device through VLTi. The packet analyzer is connected to the secondary VLT device through the orphan port.
Mirror a member port of VLTi LAG or VLT LAG to any orphan port in the same device. The packet analyzer is connected to the local VLT device through the orphan port. If the packet analyzer is directly connected to the VLT peer in which the source session is configured, use local port monitoring instead of RPM.
Mirror a member port of VLTi LAG to VLT LAG on the same VLT device. The packet analyzer is connected to the TOR switch.
Mirror VLT LAG or VLT member port as part of source VLAN and destination VLAN. The packet analyzer is connected to the TOR switch.

Rate this content

Accurate
Useful
Easy to understand
Was this article helpful?
0/3000 characters
  Please provide ratings (1-5 stars).
  Please provide ratings (1-5 stars).
  Please provide ratings (1-5 stars).
  Please select whether the article was helpful or not.
  Comments cannot contain these special characters: <>()\