An administrator wishes to send traffic from a vNetwork Distributed Switch to a collector virtual machine for analysis. vSphere 5 has been deployed in the datacenter. Which two configurations will enable the functionality? (Choose two)
A.
The source and target virtual machines must be on the same vNetwork Switch.
B.
The source and target virtual machines must both be on a vNetwork Distributed Switch, but can be on any vDS in the datacenter.
C.
The port group on the distributed port must have Promiscuous Mode enabled.
D.
The port group on distributed port must have NetFlow enabled.
Explanation:
Page 72 from vsphere-esxi-vcenter-server-50-networking-guide.pdf
Configure NetFlow Settings
NetFlow is a network analysis tool that you can use to monitor network monitoring and virtual machine traffic.
NetFlow is available on vSphere distributed switch version 5.0.0 and later.
…
With an IP address to the vSphere distributed switch, the NetFlow collector can interact with the vSphere distributed switch as a single switch, rather than interacting with a separate, unrelated switch for each associated host.
And again, NetFlow has NOTHING to do w/ aggregating or “collecting” traffic. B and C are the correct answers; you’re trying to aggregate all VM traffic to one machine for analysis. NetFlow will only give you information -about- the traffic, but wont actually span the traffic TO -that- VM.
I.e. you want to run wireshark for deep packet analysis, or to trace a TCP session. That traffic must be replicated or “spanned” to this VM for analysis.
NetFlow will NOT get the traffic there. It will only give you statistical counters ABOUT the traffic.
See here’s whats killing me. The question says “An administrator wishes to send TRAFFIC to a collector virtual machine for analysis”
NOT “stats about the traffic” but the TRAFFIC itself. That means he wants to port span. NetFlow will do nothing for you.
vSphere 5 New Networking Features – NetFlow
http://blogs.vmware.com/vsphere/2011/08/vsphere-5-new-networking-features-netflow.html
NetFlow
NetFlow is a networking protocol that collects IP traffic information as records and sends them to a collector such as CA NetQoS for traffic flow analysis
……………….
so B and D