i need some help mirroring a port through a couple of switches to a vmware virtual machine, if possible. some light reading suggests RSPAN is the way to do this, but i do not do enough networking to be comfortable without asking for some help first.
we have a security vendor that uses linux to run their IDS software
In some offices we have a physical linux PC with 2 NICs configured to handle this. I connect it to the core switch, and create a mirror session from the router/switch uplink port to a port connecting the 2nd nic in the pc [both ports on the same switch].
in one site, however, we have 1 vmware server with some VMs. it has 4 NICs, but only 3 are in use right now. it makes sense to me to try and use a linux vm for this, if possible.
the topology is: router > core switch 3750; core switch 3750 > server rack switch 3560g ; server rack switch 3560g > vmware server
we'd like to mirror the traffic from the connection {router > core switch 2750} across the 3560 to a VM. can this be done? or should we just get another physical pc for this site and do it the way we have everywhere else?
we have a security vendor that uses linux to run their IDS software
In some offices we have a physical linux PC with 2 NICs configured to handle this. I connect it to the core switch, and create a mirror session from the router/switch uplink port to a port connecting the 2nd nic in the pc [both ports on the same switch].
in one site, however, we have 1 vmware server with some VMs. it has 4 NICs, but only 3 are in use right now. it makes sense to me to try and use a linux vm for this, if possible.
the topology is: router > core switch 3750; core switch 3750 > server rack switch 3560g ; server rack switch 3560g > vmware server
we'd like to mirror the traffic from the connection {router > core switch 2750} across the 3560 to a VM. can this be done? or should we just get another physical pc for this site and do it the way we have everywhere else?
Facebook
Twitter