Few days back I wrote an article on DMZ Packet visibility solution where we had to rely/depend on Cisco Nexus 1000v for this. But now with the new release of vSphere 5.1, we can use native vDS to achieve this functionality.
DVMirror is VMware’s port mirroring feature which is similar to Cisco’s SPAN/RSPAN/ERSPAN and HP’s port mirroring.
Port mirroring duplicates a port’s packets and send them to another port, for monitoring, troubleshooting, etc.
DVMirror mirrors Virtual Machines traffic in two traffic directions:
Ingress traffic - from VM to vDS
Egress traffic – from vDS to VM
We have already seen the v1 in vSphere 5.0 release, but with the new release of vSphere 5.1, VMware brought some changes to this feature on table. Let us see what are the changes in DVMirror v2.
DVMirror v2 has the following enhancements:
Sampling rate - Number of packets mirrored
Improved User Interface
More assistant information
Now, I will talk about how it works for Mirror to RSPAN Destination, Mirron from RSPAN Source and ERSPAN Source.
Mirror to RSPAN Destination
A network administrator possibly wants to use a physical device (such as a small Physical Destop) to monitor a VM’s traffic.
The physical device is connected to a physical switch and configured as RSPAN destination.
The traffic of VM 1 is mirrored to an uplink, and then encapsulated by a dedicated RSPAN VLAN. These packets travel across the intermediate switches, and finally arrive at the destination.
Mirror from RSPAN source
A network administrator possibly wants to use a VM or a vmknic to monitor a physical device’s traffic.
The physical device is connected to a physical switch and configured as RSPAN source.
The traffic of the physical device is mirrored to the vDS via the intermediate switches, encapsulated by a dedicated RSPAN VLAN.
A network administrator possibly wants to use a physical device (such as a Physical Desktop) to monitor a VM that is located in another layer-3 subnet.
The DVPort that the VM is connected to is configured as the source of a ERMirror source session, and the physical box’s IP is configured as destination.