You can use port mirroring to analyze network traffic for debugging or troubleshooting purposes. Port mirroring allows you to copy all network packets or specific packets that are seen on the segment port (or an entire segment) to another segment port.
Procedure
- With admin privileges, log in to NSX Manager.
- Select Plan & Troubleshoot > Port Mirroring.
- Select Add Session > Remote L3 Span or Add Session > Logical Span.
- Enter a name and optionally a description.
- Configure the properties of the port mirroring session.
Session Type Properties Remote L3 Span - Direction - Select Bidirectional, Ingress, or Egress.
- TCP/IP Stack - Select Default or Mirror. To use Mirror, you must bind the vmknic to the mirror stack in vSphere.
- Snap Length - Specify the number of bytes to capture from a packet. If this parameter is specified, the packet is truncated to the specified length. If not specified, the entire packet is mirrored. Supported range of values is 60–65535.
- Encapsulation Type - Select GRE, ERSPAN TWO, or ERSPAN THREE.
- GRE Key - Specify a 32-bit GRE key if encapsulation type is GRE.
- ERSPAN ID - Specify an ERSPAN ID if encapsulation type is ERSPAN TWO or ERSPAN THREE. Supported range of values is 0–1023. The physical switch uses the ERSPAN ID to forward the mirrored traffic.
Logical Span - Direction - Select Bidirectional, Ingress, or Egress.
- Snap Length - Specify the number of bytes to capture from a packet. If this parameter is specified, the packet is truncated to the specified length. If not specified, the entire packet is mirrored. Supported range of values is 60–65535.
- Click Set in the Source column to set a source.
For a Logical Span session, the available sources are:
- Segment port
- Group of virtual machines
- Group of virtual network interfaces
For a Remote L3 Span session, the available sources are:- Segment
- Segment port
- Group of virtual machines
- Group of virtual network interfaces
The following restrictions apply when you select a group of VMs or a group of virtual network interfaces:- The group can have a maximum of six VMs that are statically added.
- The group can have a maximum of six virtual network interfaces that are statically added.
- Click Set in the Destination column to set a destination.
For a Logical Span session, the available destinations are:
- Group of virtual machines
- Group of virtual network interfaces
The following restrictions apply when you select a group of VMs or a group of virtual network interfaces:- The group can have a maximum of three VMs that are statically added.
- The group can have a maximum of three virtual network interfaces that are statically added.
For a Remote L3 Span session, the available destination is an IP Addresses Only group. The group can have a maximum of three IPs.
- (Optional) Instead of mirroring all the network packets from the source, you can filter the packets that are captured for port mirroring.
- Expand the Advanced Mirroring Filters section.
- Select an Action.
Action Description Include Packets that match the filter are mirrored. Exclude Packets that do not match the filter are mirrored. - Next to Filters, click Set, and then click Add Filter.
- Specify the filter properties.
Only one filter is supported.
Property Description Protocol
The transport protocol that is used to filter the packets. Available options are TCP, UDP.
Source IPs
The source IP address, IP range, or IP prefix that is used to filter the packets.
Source Port
The source port or port range that is used to filter the packets.
Destination IPs
The destination IP address, IP range, or IP prefix that is used to filter the packets.
Destination Port
The destination port or port range that is used to filter the packets.
- Click Save.
