Solved: Basic questions about Vsphere port mirror

morganyang1982 · ‎07-22-2014

I am working to put together a light weight VM that would process inter-VM traffic. To do so, I wish to enable port mirroring between VM's.

I have ESXi 5.5 update 1 installed, running Vsphere client (not webclient). I do not see any port mirroring capabilities on my Vsphere Client

I have some very fundamental questions:

(1) All the documentation I've read involving "Port Mirror" are done via Vsphere web client. But Vsphere is packaged with Vcenter (please correct me if I'm wrong)

(2) Port mirroring only functions with "Distributed Virtual Switch", not "vSphere Standard Switch". How I can enable "Distributed Virtual Switch"? What products should I download/install and try (assume I'm going to user a 60 day license)

(3) What API's are available to enable/disable/setup Port mirroring?

rcporto · ‎07-22-2014

(1) All the documentation I've read involving "Port Mirror" are done via Vsphere web client. But Vsphere is packaged with Vcenter (please correct me if I'm wrong)

Since port mirror requires a Distributed Switch, you will need vCenter Server, and once in vCenter Server you can user the vSphere Web Client or the vSphere Client (c# version).

(2) Port mirroring only functions with "Distributed Virtual Switch", not "vSphere Standard Switch". How I can enable "Distributed Virtual Switch"? What products should I download/install and try (assume I'm going to user a 60 day license)

You can download the vCenter Server (60 day trial) and you will need a Enterprise Plus version for your vSphere ESXi host.

(3) What API's are available to enable/disable/setup Port mirroring?

Check the comments of this blog post: http://blogs.vmware.com/vsphere/2013/01/vsphere-5-1-vds-feature-enhancements-port-mirroring-part-1.h...

---

Richardson Porto
Senior Infrastructure Specialist
LinkedIn: http://linkedin.com/in/richardsonporto

View solution in original post

rcporto · ‎07-22-2014

(1) All the documentation I've read involving "Port Mirror" are done via Vsphere web client. But Vsphere is packaged with Vcenter (please correct me if I'm wrong)

Since port mirror requires a Distributed Switch, you will need vCenter Server, and once in vCenter Server you can user the vSphere Web Client or the vSphere Client (c# version).

(2) Port mirroring only functions with "Distributed Virtual Switch", not "vSphere Standard Switch". How I can enable "Distributed Virtual Switch"? What products should I download/install and try (assume I'm going to user a 60 day license)

You can download the vCenter Server (60 day trial) and you will need a Enterprise Plus version for your vSphere ESXi host.

(3) What API's are available to enable/disable/setup Port mirroring?

Check the comments of this blog post: http://blogs.vmware.com/vsphere/2013/01/vsphere-5-1-vds-feature-enhancements-port-mirroring-part-1.h...

---

Richardson Porto
Senior Infrastructure Specialist
LinkedIn: http://linkedin.com/in/richardsonporto

vfk · ‎07-22-2014

If you are using a single host to perform all your testing, then you don't need to configure anything on your external switch. You can do it all a single host.

--- If you found this or any other answer helpful, please consider the use of the Helpful or Correct buttons to award points. vfk Systems Manager / Technical Architect VCP5-DCV, VCAP5-DCA, vExpert, ITILv3, CCNA, MCP

JPM300 · ‎07-23-2014

Like vfk said if you are keeping the VM's you want to port mirror on a single host you don't need to do anything on your physical switches, however you will need vCenter running and you will need a Virtual Distributed Switch(VDS)

morganyang1982 · ‎07-23-2014

Hi Vfk:

I'm only interested in monitoring traffic between VM's that are co-located on the same hypervisor, but I can't seem to figure out how to enable port mirror for "standard vswitch" from either the Vsphere GUI (not web) client and the power CLI. The only other way is to set the switch in promiscuous mode, but that won't work for my use cases (i have at least two virtual switching groups, each with 2~4 VM's). Can you point me to the direction on how to do it on a single host?

Thanks

rcporto · ‎07-23-2014

Like I said on the post above, the Port Mirror feature is available only on Distributed Switch and vDS needs the vCenter Server and ESXi Enterprise Plus.

The following blog post shows how to create a port mirror session: vSphere 5.1 – VDS Feature Enhancements - Port Mirroring - Part 1 | VMware vSphere Blog - VMware Blog...

---

Richardson Porto
Senior Infrastructure Specialist
LinkedIn: http://linkedin.com/in/richardsonporto

JPM300 · ‎07-23-2014

Hey,

Not to hijack vfk's help, but you will need a VDS to do port mirroing on a Virtual Switch. Standard Virtual Switches Don't allow it. So if you don't want to setup a VDS you will need to set this up on your physical switches.

Here is a really great hands on lab about VDS and two of the lab activities in it are setting up VDS and port mirroring

VMware - NEE

Click on the Focus: Networking
Select vSphere Distributed Switch from A to Z and just skip to the LACP part. It has some pretty neat new interesting options

Here are some additional links:

How to use Port-Mirroring feature of VDS for monitoring virtual machine traffic? | VMware vSphere Bl...

How to setup a vSphere 5 Port Mirror - YouTube

If you find this usefull shoot vfk the points as he was the one helping you out.

Cheers

morganyang1982 · ‎07-23-2014

Thank you for you and vfk for the pointers. Looks like I must use VDS, i'll go ahead and get a 60 day trail license. I have been working largely with KVM and OVS, so not much product based restrictions.