• When a port mirroring session is enabled, the application crashes and loses network connectivity.
• The environment utilizes mirroring to record application output for historical caching.
• Currently, the active virtual machine (VM) in an Active/Passive High Availability (HA) pair loses connectivity when port mirroring is enabled, generating ARP "who has" requests and disconnection alarms.
• Packet captures indicate traffic flows normally when mirroring is disabled, but immediately stops within the active VM when enabled.

VMware vSphere 8

• The incorrect port mirroring mode (Remote Mirroring Destination) is configured for this specific use case.
• Remote Mirroring Destination uses a VLAN ID to identify the mirror connection between the source and the collector, which is frequently confused with the VLAN used for the production traffic itself.

To resolve this issue, change the mirroring mode to Distributed Port Mirroring. This mode selects the source traffic by specific virtual ports rather than by VLAN, preventing interference with the production VLAN.

vSphere Port Mirroring Modes Overview:

• Distributed Port Mirroring: Mirrors traffic from designated source virtual ports to destination virtual ports on the same vSphere Distributed Switch (vDS).
  • Use Case: Use this mode when both the monitored VMs and the collector VM reside on the same vDS.
  • Requirements: Source and destination virtual ports must be configured on the same vDS.
• Remote Mirroring Source: Mirrors traffic from virtual ports to a specific physical uplink port on the vDS.
  • Use Case: Use this mode to send traffic to an external, physical network analyzer.
  • Requirements: A designated physical uplink port.
• Remote Mirroring Destination: Mirrors traffic from a specific VLAN to virtual ports.
  • Use Case: Use this mode to monitor all traffic traversing a specific VLAN.
  • Requirements: A dedicated VLAN ID for the mirror traffic that is distinct from the production VLAN.
• Encapsulated Remote Mirroring (L3) Source: Mirrors traffic from virtual ports to a remote IP address using GRE encapsulation.
  • Use Case: Use this mode when the traffic collector resides on a different Layer 3 network segment.
  • Requirements: The IP address of the destination collector.
• Distributed Port Mirroring (Legacy): Mirrors traffic using older vDS architectures.
  • Use Case: Avoid this mode unless explicitly required for backward compatibility with legacy environments.

Steps to Configure Distributed Port Mirroring:

1. Delete the existing Remote Mirroring Destination session.
2. Create a new Port Mirroring Session.
3. Select Distributed Port Mirroring as the session type.
4. Select the specific source virtual ports for the application VMs you wish to monitor.
5. Select the destination virtual port for the collector VM.
6. Enable the mirroring session.