Traffic Acquisition using Azure Virtual Network TAP
Note: Traffic Acquisition using Azure Virtual Network TAP is now available as an Early Access feature, giving you the opportunity to explore its capabilities before the general availability (GA).
Azure Virtual Network TAP allows traffic mirroring directly from virtual machine network interfaces to designated target network interfaces. The mirrored traffic, a deep copy of inbound and outbound network packets, can be forwarded to a destination IP endpoint or an internal load balancer within the same or peered virtual networks. GigaVUE V Series Nodes receive traffic directly from source VMs using vTAP, simplifying traffic acquisition and visibility.
In the above diagram, the traffic from the source VMs are mirrored and forwarded to the GigaVUE V Series Node. GigaVUE-FM creates VTAP source configurations for each source VM NIC and a VTAP destination configuration for the GigaVUE V Series Node NIC. The source VMs and GigaVUE V Series Nodes can reside in different VNETs, provided the VNETs are peered. Multiple NICs can be configured for the same source VM and the traffic can be tapped and forwarded to GigaVUE V Series Node.
For more details on Azure virtual network TAP, refer to the Virtual network TAP Microsoft Azure documentation.
Rules and Notes
- Destination VM and Source VM must be in the same region.
- If workloads VMs are present in multiple resource groups or Virtual Network (VNet), then Virtual Network peering has to be enabled between workload VNets and VNet where the GigaVUE V Series Node is deployed.
Disclaimer: Keep in mind that these guidelines are inherent to Azure, subject to change, and beyond Gigamon's purview. Please refer to the Azure documentation for the most up-to-date instructions.
Limitation
- IPv6 tunnels are not supported by Azure VTAP.
- The Check Permissions feature is not supported when the Traffic Acquisition Method is set to vTAP.
