VMware Cloud Community
stanj
Enthusiast
Enthusiast

Setting up TAPs in vSphere

We have a new test/dev project starting that will be looking to use
some of the latest vSphere Software including NSX, Horizon View, etc.  Part of the new project is to investigate and
use a physical tap as well as virtual taps for testing a data center
deployment. We will be ordering new hardware to support the testing but need to
spec the hardware for number of physical NICs. RAM, etc

In the meantime, we have a few dell R620s in a vphere 6.0 cluster we
are testing with. We have an old tap called Gigabit Copper Aggregator nTap (image below) we are using..

We will be getting a Net Optics iLink Agg 1u physical tap

We will want to capture traffic at various points coming into the datacenter

From the physical switch(s)

Traffic from a firewall or IDS

Traffic between VMs

Traffic between ESXi Hosts

Etc.

I have no experience in taps in the vSphere environment. 

The questions I have are

   what are the total number of physical nics required for using taps on an ESXi host

   the proper way to set up a physical tap and

   the proper way to set up a virtual taps

I am not sure this is correct, but as a test for physical tap, I currently
have created three virtual switches, A1 , B1, and C1 tied to three physical nics on one of the ESXi servers.

Each switch has promiscuous mode enabled.

There are VMs on the A1 and B1 switches.  In the attached diagram on the mTap, I have
switch A1 going to Port A on the nTap, switch B1 going to Port B on the nTAP,
and switch C1 going to Port A/B on the nTap.
Would this filter all traffic from A1 and B1 to C1?  How is the traffic gathered – I assume by
wireshark or some appliance?

Can I remove the nTap and set up a virtual taps so I capture traffic on C1?

ntap.jpg

Reply
0 Kudos
2 Replies
AishR
VMware Employee
VMware Employee

I recommend to contact the hardware vendor for known issues and implementing best practices. Also, see the Monitoring Network Connection and Traffic section of the vSphere 6.5 Networking Guide - https://docs.vmware.com/en/VMware-vSphere/6.5/vsphere-esxi-vcenter-server-65-networking-guide.pdf

Reply
0 Kudos
Nick_Andreev
Expert
Expert

When you say "attached diagram", what are you referring to? Can only see the picture of the Net Optics device.

---
If you found my answers helpful please consider marking them as helpful or correct.
VCIX-DCV, VCIX-NV, VCAP-CMA | vExpert '16, '17, '18
Blog: http://niktips.wordpress.com | Twitter: @nick_andreev_au
Reply
0 Kudos