Re: Monitor VTEP packet

gghpe000 · ‎10-21-2016

This is not quite SDN question but still closely related to SDN because when we are talking about the concept of "SDN via hypervisor virtualization", then topic of VTEP constantly is touched.

I am wondering what is the way to analyze the VTEP (VXLAN etc.,) packet. I initially thought about doing through ESXi host but with ESXi is being so restrictive, I thought use linux.

Since linux has kvm virtualization support and also can easily setup and run wireshark for me it appears to be a natural. The only uncertainty is i have never tried to setup two linux virtualization host managed from same multi-host client (like vSphere) and not sure if this is possible. I would not get into Hyper-v because specially with multiple virtualization host, it just too complicated.

Once I setup to linux virtualization host setup and create VM-s on each and starts sending packets to each other, I am presuming that I can capture the VTEP packet and analyze.

Will it work?

Thanks.,

Gerhard Roets · ‎10-25-2016

Hi

Agreed SDN via overlays is very popular in the datacenter space since it really lends itself to its use with hypervisors. I would suggest that you not capture from the hypervisor itself, even though it is possible. Set up an external linux system that you can use to mirror the packets toward. Then you can simply capture with tcpdump or wireshark and set the capture length nice and big. It might be a good idea to enable jumbo frames on your nic on the capture client ( Just in case ).

Wireshark can decode vxlan quite well.

Once you have this going you can deploy the same logic to your KVM hypervisor, and then figure out where to capture since it would really depend on the point where you encapsulate in vxlan where you need to capture.

Hope This Helps

Gerhard Roets

HPE SDN CoE

Re: Monitor VTEP packet

Monitor VTEP packet

Re: Monitor VTEP packet

Hewlett Packard Enterprise International