Which approach could the administrator use to configure the network to capture all traffic from the Linux virtual machine?

A vSphere administrator needs to perform packet tracing from a Linux virtual machine. The virtual
machine is attached to a vSphere Standard Switch configured with several VLANs.
Which approach could the administrator use to configure the network to capture all traffic from the
Linux virtual machine?

A vSphere administrator needs to perform packet tracing from a Linux virtual machine. The virtual
machine is attached to a vSphere Standard Switch configured with several VLANs.
Which approach could the administrator use to configure the network to capture all traffic from the
Linux virtual machine?

A.
Configure the virtual switch with VLAN Trunking and specify each VLANs on the port group
containing the virtual machine.

B.
Configure a vSphere Distributed Switch with VLAN Trunking. Create a port group and configure
it with Promiscuous Mode. Connect the virtual machine to that port group.

C.
Configure the port group containing the virtual machine for Promiscuous Mode. Set the port
group to use VLAN 1.

D.
Configure a vSphere Distributed Switch with VLAN Trunking. Connect the virtual machine to the
switch and enable Port Mirroring on the port group containing the virtual machine.

Explanation:



Leave a Reply to J4ni Cancel reply7

Your email address will not be published. Required fields are marked *

five × three =


Gary Gravity

Gary Gravity

B Kents!

andp75

andp75

‘B’ but it appears the question is specifically about standard v-switch, i.e. DVS might be not an option if, for example, the license is anything less than Enterprise Plus.

J4ni

J4ni

why B, why not C?

But I still do not understand what the VLAN 1 is here for, why not just enable promiscous mode, which will direct the traffic of the whole vSwitch to the VM in the promiscous-enabled port group…

J.

J4ni

J4ni

witch B my problem is, that:
-who said, that vDS is an option (licensing)
-promiscous mode is not activated on vDS, it is a setting of the distributed port group
-same as above for VM settigs, configured on the dport group, not on the distributed switch

Snoopy

Snoopy

D could also be valid, and even more secure, because you redirect traffic only to Linux server, not to all other ports. But D says “connect the virtual machine to the switch”. You connect machines to portgroups, therefore according to brilliant Vmware logic, it is wrong.

Shannon

Shannon

A. Configure the virtual switch with VLAN Trunking and specify each VLANs on the port group containing the virtual machine. (Modifying what VLAN doesnt allow monitoring)

B. Configure a vSphere Distributed Switch with VLAN Trunking. Create a port group and configure it with Promiscuous Mode. Connect the virtual machine to that port group. (This is the only functional answer)

C. Configure the port group containing the virtual machine for Promiscuous Mode. Set the port group to use VLAN 1. (Again VLAN tosses this one out the window)

D. Configure a vSphere Distributed Switch with VLAN Trunking. Connect the virtual machine to the switch and enable Port Mirroring on the port group containing the virtual machine. (Port mirroring isnt an option for port group, but is on a physical switch. Some details left out here, but youd have to get the virtual port to a real life port, setup port mirroring, etc…)