Latest

Home / Cisco / Datacenter / Datacenter: Configuring ERSPAN on Nexus 7K Switch

Datacenter: Configuring ERSPAN on Nexus 7K Switch

April 22, 2020 ,

Datacenter: Configuring ERSPAN on Nexus 7K Switch

ERSPAN Stands for Encapsulated Remote Switched Port Analyzer. As a result, your source port and destination port will be on separate switches, with Layer 3 separating these switches. This is the advanced state of Remote SPAN. It copies traffic from the source to the destination server, allowing analysis using Wireshark or Ethereal for analyzing the logs.

ERSPAN uses GRE tunnel in background to transfer traffic from source switch to destination. Kindy Note that If you are using Nexus 7K for ERSPAN then you need to configure one ERSPAN command in Admin VDC. While It is not required in case you are using 5K switches for ERSPAN.

Here in this article we are going to configure the ERSPAN port on Nexus 7K switches

Fig 1.1- ERSPAN

Step 1: Lets configured the Source SPAN on Nexus 7K1

NDNA_N7K1#config t
NDNA_N7K1(config)# interface eth1/2
NDNA_N7K1(config-if)# ip address 10.10.10.1/24
NDNA_N7K1(config-if)# no shutdown
NDNA_N7K1(config-if)# end
NDNA_N7K1#config t
NDNA_N7K1(config)# monitor session 1 type erspan-source
NDNA_N7K1(config-erspan-src)#erspan-id 10
NDNA_N7K1(config-erspan-src)# vrf default
NDNA_N7K1(config-erspan-src)# source interface eth1/1 both
NDNA_N7K1(config-erspan-src)# destination ip 10.10.10.2
NDNA_N7K1(config-erspan-src)# no shut
NDNA_N7K1(config-erspan-src)# end
NDNA_N7K1#config t

Step 2: Now configure this on admin VDC on Nexus 7K.

NDNA_N7K1#
NDNA_N7K1#config t
NDNA_N7K1(config)# monitor erspan origin ip-address 10.10.10.1 global
NDNA_N7K1(config)# end
NDNA_N7K1#

Step 3: Verify ERSPAN monitor session on Nexus 7K1.

NDNA_N7K1# show monitor session 1 brief
session 1
---------------
type              : erspan-source
state             : up
erspan-id         : 10
vrf-name          : default
ip-ttl            : 255
ip-dscp           : 0
destination-ip    : 10.10.10.2
origin-ip         : 10.10.10.1 (global)
source intf       :
    rx            : Eth1/1
    tx            : Eth1/1
    both          : Eth1/1
source Execption  :

Step 4: Lets configured the destination SPAN on Nexus 7K2

NDNA_N7K2#config t
NDNA_N7K2(config)# interface eth2/1
NDNA_N7K2(config-if)# ip address 10.10.10.2/24
NDNA_N7K2(config-if)# no shutdown
NDNA_N7K2(config-if)# end
NDNA_N7K2#config t
NDNA_N7K2(config)# monitor session 1 type erspan-destination
NDNA_N7K2(config-erspan-src)#erspan-id 10
NDNA_N7K2(config-erspan-src)# vrf default
NDNA_N7K2(config-erspan-src)# destination interface eth2/2 
NDNA_N7K2(config-erspan-src)# source ip 10.10.10.2
NDNA_N7K2(config-erspan-src)# no shut
NDNA_N7K2(config-erspan-src)# end
NDNA_N7K2#

Step 5: Verify ERSPAN monitor session on Nexus 7K2.

session 1
---------------
type              : erspan-destination
state             : up
erspan-id         : 10
vrf-name          : default
source-ip         : 10.10.10.2
destination port  : Eth2/1