VMware Cloud Community
calamittyjane
Contributor
Contributor
‎12-26-2014 04:10 AM

Promiscuous mode on ESXi 5.1 dist. vSwitch....

Greetings -- This works fine on our development ESXi system because it uses a Standard-Switch.   Our production environment uses a Distributed vSwitch.  I need to put WireShark on a host to see network traffic.   I *can* put the 'sniffer' and the vm that is sending the 'interesting' traffic on the same physical ESXi host (we have a cluster running).   The option to enable Promiscuous Mode is greyed-out on our Distributed vSwitch, but it's a valid option on our ESXi deployment with the Standard-Switch.    What am I missing?   Without Promiscuous mode running, all I see is my own traffic, and broadcast traffic...

Reply
0 Kudos
5 Replies
rcporto
Leadership
Leadership
‎12-26-2014 06:48 AM

You're trying enable the Promiscuous Mode on Distributed Port Group or Uplink Port Group ? Can you please share a print screen ?

---

Richardson Porto
Senior Infrastructure Specialist
LinkedIn: http://linkedin.com/in/richardsonporto
Reply
0 Kudos
vervoortjurgen
Hot Shot
Hot Shot
‎12-26-2014 08:36 AM

hello

i had the same problem

so i switch to standard switch again for management cluster

i think you can only enabled promiscuous mode on a VM kernel port not on a dv port group

but im not sure

didn't got it working also

kind regards Vervoort Jurgen VCP6-DCV, VCP-cloud http://www.vdssystems.be
Reply
0 Kudos
calamittyjane
Contributor
Contributor
‎12-27-2014 05:22 PM

Thanks for helping out..   --This is a Distributed Port Group where we need Promiscuous Mode.  We have one single VLAN in that Port Group, and we're trying to sniff the traffic on that VLAN.    This Port Group actually has no physical uplink to an external NIC  --This is by design; we're running virtual firewalls that route traffic to/from the VLANS, to other VLANS.  -alex

Reply
0 Kudos
calamittyjane
Contributor
Contributor
‎12-31-2014 10:12 AM

Unfortunately, re-configuring our Distributed switch to a Standard switch isn't an option.   ----Does anyone know if enabling Promiscuous Mode on a Distributed Switch is even possible?  I haven't been able to find any info on it....

Reply
0 Kudos
ClintColding
Enthusiast
Enthusiast
‎12-31-2014 10:35 AM

From what I understand, you want to enable Promiscuous mode on the entire dvSwitch however the option is grayed out?

Are any of the port groups within the dvSwitch explicitly set to disable Promiscuous mode? Can you screen shot your dvSwitch configuration?

Reply
0 Kudos