• The traffic for VMs configured on certain VLANs gets dropped by the host after upgrading the environment to NSX-T version 4.2, while the same VLANs are also configured in RSPAN Destination mirror session.
• In the trace output on the host, it can be observed that the packets do not get forwarded to the Production VM switchport, and only gets forwarded to the configured RSPAN Destination VM if present on the same host.
• When enable Port Mirroring Destination feature and redirect traffic to a specific virtual machine, access is lost to other virtual machines hosted on the same ESXi.

VMware NSX

When RSPAN destination mirror session is configured for the same VLAN configured for production traffic, the packets with RSPAN VLAN will be handled as mirrored packets and won't be handled as production packets.
This is a behavior change in 4.2, and thus, RSPAN VLANs should be dedicated VLANs, as RSPAN VLAN packets won't be handled as production packets.

RSPAN VLANs must be dedicated VLANs and should not be used as switching VLAN, trunk VLAN, Private VLAN, or transport VLAN.

For mirroring the production traffic, RSPAN Destination should be combined with RSPAN Source to achieve the purpose of mirroring production traffic from the source host to the destination host.

• It uses a dvport or a segment port as a mirror source and an uplink as a mirror destination.
• When RSPAN VLAN is specified in a mirror session, then the mirrored packets will be encapsulated with RSPAN VLAN.

• It uses VLAN as a mirror source and a dvport or segment port as a mirror destination.
• The source VLAN should be the same as the encapsulation VLAN in RSPAN Source.
• On the RSPAN Destination host, it monitors the RSPAN VLAN traffic on the uplink and forwards the packets to the mirror destination port.