cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 

This product reached the end of support date on March 31, 2021.

What is the status on ERspan traffic?

henk_stobbe
DynaMight Pro
DynaMight Pro

Hello,

I have found this article,

https://answers.dynatrace.com/spaces/160/open-q-a_...

Does this still apply? In other words can the AMD still not work with ERspan directly?

KR Henk


5 REPLIES 5

Krzysztof_Ziemi
Dynatrace Pro
Dynatrace Pro

Architecture described in this article is still applicable.

Please note that monitoring traffic encapsulated within ERSPAN and GRE tunnels does not require any software changes in the AMD code. AMD is just a Linux application that sniffs traffic from designated network interfaces in Linux. What's needed is a way to unwrap any traffic before it's sent to the sniffing interface of the AMD. Unwrapping can be achieved using 3rd-party open-source solutions like one described in this article, or by using iptables configuration on the OS that hosts the AMD (iptables can terminate a GRE tunnel and unwrap packets), or by using 3rd-party network packet brokers like e.g. Ixia or Gigamon.

We prefer situations where our customers use commercial packet brokers, e.g. Ixia, because this approach has guarantee of delivering a working solution (NPB vendors are specialists in this area and know how to solve the challenge of traffic access end-to-end) and guarantee predictable performance.

Open source and home-brew alternatives are always possible, but when evaluating them, make sure to take into account support cost of such solutions. Someone will have to be responsible for making sure it works (e.g. when new servers are added and require additional tunnel configuration) and fixing it when it breaks for whatever reason (e.g. traffic overload).

On the Dynatrace side, we don't plan to build yet another alternative solution to an already-solved problem:-)


Hi Kris,

Thx for your swift reply, mutch appreciatated

KR Henk


Hi Kris,

I am interested with your solution especially on "by using iptables configuration on the OS that hosts the AMD (iptables can terminate a GRE tunnel and unwrap packets)".

please kindly help me to find out the way how Iptables used to unwrap the packet. my goal it can be used in OS that running AMD

appreciate your help and attention.

thank you.

kukuh


Hi Kris,

I am interested with your solution especially on "by
using iptables configuration on the OS that hosts the AMD (iptables can
terminate a GRE tunnel and unwrap packets)".

please kindly help me to find out the way how Iptables used to unwrap the packet. my goal it can be used in OS that running AMD

appreciate your help and attention.

thank you.

kukuh


Hi, sorry for delays, but I wanted to have a complete article to share, so it would help with the answer. Here it is: NAM Probe (AMD) on AWS - a DYI approach.

I've also posted a link to this article in a separate Forum thread, so it will be easier to find for others.

Best reagrds