Sessions

This chapter has details of the sessions created on the Cisco Nexus Data Broker.

Span Sessions

The Span Sessions tab displays details of the span sessions of the NDB controller.

A span session is the link between the span destination of span devices, and the input port of an NDB device. A span session is partially outside the NDB network, and defines the path of the packets from the span destination to the monitoring tool port.

A table is displayed with the following details:

Table 1. Span Sessions

Column Name

Description

Status

The status of a SPAN session depends on the operational status of the session in ACI / NX-OS device and the status of the connection attached to it. Click the displayed status icon to view the details of the session and connection. The factors impacting session status are—span destination, source (NX-OS/ ACI device), input port, monitoring tool port, ISL links(if any).

The available statuses are:

  • Green—session is successful

  • Yellow—session is partially successful

  • Red—session has failed

  • Gray—session has not been installed

Span Session

Span session name.

This field is a hyperlink. Click the SPAN session name and a new pane is displayed on the right. The following additional actions can be performed here:

IP Address

IP address of the span session source (span device).

Span Sources

The number of source ports for the span session.

Note

 

In case of VLAN, the source ports are EPGs on the ACI device.

Span Destination

The number of span destination(s) for the session.

Note

 

Only ACI devices can have multiple SPAN destinations If there are more than one span destination, then, internal sessions are created. These internal sessions are created based on the availability of source ports.

Nexus devices support only one span destination per session.

Connection

Name(s) of connection(s) associated to the span session.

Created By

User who created the span session.

Last Modified By

User who last modified the span session.

The following actions can be performed from the Span Sessions tab:

  • Add Span Session—Use this action to add a span session, see Adding a SPAN Session.

  • Synchronize Span Session / Destination—Use this action to synchronize the information on the production switch or APIC with the NDB controller. In case the span session information is deleted /removed on the switch or APIC, this action synchronizes span destination configuration and span session configuration on the switch or controller with the configuration on the NDB controller.

  • Toggle Install —Use this action to install/ uninstall a span session. You can install a span session on the switch / APIC uninstall a span session without removing it from the NDB controller. The SPAN session is uninstalled from the switch/ controller, but remains saved on the NDB controller for future use.

  • Delete Span Session(s)—Select the span session to be deleted by checking the check box which is available at the beginning of the row and then click Actions > Delete Span Session(s). The selected span session is deleted. If you choose the delete action without selecting a check box, an error is displayed. You will be prompted to select a span session.

Adding a Span Session

Use this procedure to add a span session.


Note

You can add a maximum of 4 active span sessions for a Nexus switch.

Before you begin

Add an ACI/ NX-OS device before setting up a span session.

Procedure

Step 1

Navigate to Sessions > Span Sessions.

Step 2

From the Actions drop-down list, select Add Span Session.

Step 3

In the Add Span Session dialog box, enter the following details:

Table 2. Add Span Session

Field

Description

Span Session Name

Enter a name for the span session.

Span Sources

Select a Span Source.

Select ACI or NX-OS.

Each of these have a unique set of fields, which are discussed in the subsequent rows.

Span Source: ACI

After selecting the ACI fabric, you can either select the Leaf Ports source type or EPG/AAEP source type.

ACI Fabric

Click Select ACI Fabric and select an ACI fabric in the Select ACI Fabric window. Click Select.

Leaf Ports

Select Leaf Ports to add a leaf port to capture the traffic from multiple leaf ports.

Click Select Leaf Ports. In the Select Leaf Port(s) window that is displayed, select a Pod. The devices in the selected pod are displayed. Select a Device and Port(s) of the device.

EPG/ AAEP

Select EPG/ AAEP to add an EPG/ AAEP source.

Click Select EPG/ AAEP. In the Select EPG/ AAEP window that is displayed, select a Tenant, Profile , EPG and EPG Members. The displayed EPG members are- Dynamic, Static, AAEP. When you select, Dynamic or Static, the member details are displayed on the right. When you select AAEP as an EPG Member, in the Select AAEP column, select an AAEP.

Note

 

EPG interfaces work only when all the ports are within the same leaf switch.

If an EPG is spread across multiple switches, select the corresponding SPAN destination on all the leaf switches.

Span Source: NX-OS

You can either select the Interface source type or the VLAN source type.

Interface

Click Select NX-OS Interface . and select a Device and Port(s).

The selected device and port(s) are used in the session.

VLAN

Click Select NX-OS Device and select a device. Enter a VLAN ID.

The device matching the VLAN ID is used in the session.

Direction

Indicates traffic for the session source port of the ACI/ NX-OS device.

Select from one of these options:

  • Incoming

  • Outgoing

  • Both

SPAN Destination

Click Select SPAN Destination and select span destination.

If directly connected to the NDB device, select a local span destination, else select remote span destination.

To install ACI SPAN session, NDB controller lists the SPAN destination(s) created in ACI.

To install NX-OS SPAN session, NDB controller lists the SPAN destination(s) created for the NX-OS devices.

Apply Connection

Select a connection for the session.

You can associate an existing connection to the span session or create a new connection for the span session.

Note

 

All span destinations which are part of a session should be a part of a connection too, to direct traffic to the monitoring tool.

Click the button to enable addition of a connection to the span session. Click Select Connection and select a connection from the Select Connectionwindow that is displayed.

Note

 

For EPG:

  • For EPG selection, if an EPG is selected, by default, the NDB controller listens for the changes in the statically or dynamically configured interfaces of the selected EPG. If there is any change, it is applied to the SPAN session. The web socket connection is not secured with the certificates. To disable the event listening,add enableWebSocketHandle=false in the config.ini file under ndb/configuration folder.

  • When new EPG members are added in APIC, if there is no SPAN destination on the leaf switch that matches the newly added EPG member as part of the configured SPAN session, NDB ignores this event and the new EPG member are not shown in NDB.

Note

 

For SPAN Destination:

Ensure that each leaf switch in the SPAN source has at least one corresponsing SPAN destination.

Step 4

Click Add Span Session to add the created span session, without installing it on the production device or controller. Click Install Span Session to save and install the created span session on the production device or controller.

Editing or Cloning a Span Session

Use this procedure to edit or clone a span session.

Editing a span session means changing some of the parameters of an exisiting span session.

Cloning a span session means creating a new span session with identical parameters of an exisiting span session, with required modifications. Ensure to change the name of the span session before saving it.

Before you begin

Add one or more span sessions.

Procedure

Step 1

Navigate to Sessions > Span Sessions.

Step 2

In the displayed table, click a Session.

A new pane is displayed on the right.

Step 3

Click Actions and select Edit Span Session or Clone Span Session.

Edit the displayed parameters in the table.

Table 3. Edit / Clone Span Session

Field

Description

Span Session Name

Name of the span session. This field cannot be changed while editing a span session.

Span Sources

The selected span device type; can either be ACI or NX-OS.

This field cannot be changed.

Each of these have a unique set of fields, which are discussed in the subsequent rows.

Span Source: ACI

After selecting the ACI fabric, you can either select the Leaf Ports source type or EPG/AAEP source type.

ACI Fabric

Click the displayed ACI Fabric to change the ACI fabric

Leaf Ports

If Leaf Ports were selected while adding a span session, then, the selected leaf ports are displayed and you can make additions/ deletions.

Click Select Leaf Ports. In the Select Leaf Port(s) window that is displayed, select a Pod. The devices in the selected pod are displayed. Select a Device and Port(s) of the device.

Note

 

If you had earlier selected the source type as Leaf Ports, delete all the leaf ports, before changing the source type to EPG/ AAEP.

EPG/ AAEP

If EPG/AAEP was earlier selected while adding a span session, then the EPG/AAEP details are displayed and you can make additions/ deletions.

Click Select EPG/ AAEP. In the Select EPG/ AAEP window that is displayed, select a Tenant, Profile , EPG and EPG Members. The displayed EPG members are- Dynamic, Static, AAEP. When you select, Dynamic or Static, the member details are displayed on the right. When you select AAEP as an EPG Member, in the Select AAEP column, select an AAEP.

Note

 

If you had earlier selected the source type as EPG/ AAEP, you need to delete all the associated tenant and members before changing the source type to Leaf Ports.

Span Source: NX-OS

You can either select the Interface source type or the VLAN source type.

Interface

Click Select NX-OS Interface . and select a Device and Port(s).

The selected device and port(s) are used in the session.

VLAN

Click Select NX-OS Device and select a device. Enter a VLAN ID.

The device matching the VLAN ID is used in the session.

Direction

Indicates traffic for the session source port of the ACI/ NX-OS device.

Select from one of these options:

  • Incoming

  • Outgoing

  • Both

SPAN Destination

Click Select SPAN Destination and select span destination.

If directly connected to the NDB device, select a local span destination, else select remote span destination.

If you install ACI SPAN session, NDB controller lists the SPAN destination(s) created in ACI.

If you install NX-OS SPAN session, NDB controller lists the SPAN destination(s) created for the NX-OS devices.

Apply Connection

Select a connection for the session.

You can associate an existing connection to the span session or create a new connection for the span session.

Note

 

All span destinations which are part of a session should be a part of a connection too, to redirect traffic to the monitoring tool.

Click the button to enable addition of a connection to the span session. Click Select Connection and select a connection from the Select Connectionwindow that is displayed.

Step 4

Click Edit Span Session or Clone Span Session.