Deploy the ExtraHop Trace 8250 Appliance

This guide explains how to install the rack-mounted ETA 8250 ExtraHop Trace appliance.

Installation prerequisites

To install the Trace appliance, your environment must meet the following requirements:
Appliance
2U of rack space and electrical connections for 2 x 750 W power supplies.
Management
One 10/100/1000 BASE-T network port or one 10G BASE-SR port for appliance management.
Monitoring (capture)
High-performance interfaces: Two network ports for connection to 10 GbE or 25 GbE sources of packet data.
Management + monitoring interfaces: One to three network ports for management and IP-based packet feeds (RPCAP/ERSPAN/VXLAN).
Network Access
TCP 443 must be open between the Trace appliance and any connected Discover or Command appliances as well as any system that connects to the appliance for administration through the ExtraHop Admin UI.

Rear panel ports

ETA 8250

  • One iDRAC interface port
  • One RS-232 serial port to connect a console device
  • One VGA port to connect an external display
  • Two USB 3.0 ports to connect input devices such as a keyboard and mouse
  • Two 10 GbE ports. Ports 1 and 2 can be configured as a management port, management and flow target, or management and RPCAP/ERSPAN/VXLAN target.
  • Two 10/100/1000 BASE-T network ports. Port 3 is the default management port. Ports 3 and 4 can be configured as a monitor port, management port, management and flow target, or management and RPCAP/ERSPAN/VXLAN target.
  • Two 10/25 GbE-capable ports. Ports 5 and 6 are the high-performance monitoring (capture) interfaces. Both interfaces can also be configured as a high-performance ERSPAN target.
  • Two SAS ports to connect up to four 96 TB extended storage units (ESU). You cannot connect 72 TB ESUs to the ETA 8250.
  • Two power ports to connect the appliance to an AC power source

Supported packet source connectivity

The Trace 8250 can accept packets through ports 1 - 6. The ports can be connected according to the table below.
Trace 8250 Appliance Connector Peer Connector for Packet Source Customer-Supplied Cabling Supported Operating Speeds
Transceiver-based Connectivity
25 GbE SFP28 SR transceiver 25 GbE SFP28 SR transceiver Multi-mode fiber

LC connectors

25 Gbps, 10 Gbps
10 GbE SFP+ SR transceiver Multi-mode fiber

LC connectors

10 Gbps
Direct Attach Connectivity
Customer-supplied SFP28 DAC cable, such as the Mellanox MCP2M00-Axxx series 25 Gpbs
Customer-supplied RJ45 Ethernet cable 1 Gbps

Set up the appliance

  1. Rack mount the Trace appliance.
    Install the Trace appliance in your data center with the included rack-mounting kit. The mounting kit supports most four-post racks with either round or square holes.
  2. Connect port 3 to your management network.
    The ETA 8250 appliance has two 10/100/1000 BASE-T network ports. With a network patch cable, connect the management port on the Trace appliance to your management network. Port 3 is the default management port.
  3. Connect the monitoring port
    With the appropriate network cable, connect a monitoring port on the Trace appliance to a network tap or mirror port on the switch.
    Important:The Trace appliance requires a duplicate feed of the traffic that is sent to the Discover appliance. If more than one ETA is connected to an EDA, the traffic to one monitoring port on the EDA should be duplicated on the first ETA, and the second monitoring port on the EDA should be duplicated to the second ETA, and so on, up to four ETAs.
  4. Connect the iDRAC port.
    To enable remote management of the Discover appliance, connect your management network to the iDRAC port with a network patch cable.
  5. Install the front bezel.
    You must install the front bezel if you want to configure the appliance through the LCD display.

    Insert the USB connector on the right side of the bezel into the USB port on the front of the appliance. Press and hold the release button on the left end of the bezel and push the bezel flush with the appliance until it snaps into place.

  6. Connect the power cords.
    Connect the two supplied power cords to the power supplies on the back of the appliance.
  7. Optional: Connect any extended storage units. For information about configuring extended storage units, see Add storage capacity to the ExtraHop Trace appliance.
    Note:By default, the ETA 8250 can achieve up to 10 Gbps throughput. At least one extended storage unit (ESU) must be attached to the ETA 8250 to support 25 Gbps throughput.
  8. Connect the two supplied power cords to the power supplies on the back of the appliance, and then plug the cords into a power outlet. If the appliance does not power on automatically, press the power button on the front-right of the appliance.

Configure the management IP address

DHCP is enabled by default on the ExtraHop appliance. When you power on the appliance, interface 3 attempts to acquire an IP address through DHCP. If successful, the IP address appears on the home screen of the LCD.

If your network does not support DHCP, you can configure a static IP address through the LCD menu on the front panel or through the command-line interface (CLI).

Configure a static IP address through the LCD

Complete the following steps to manually configure an IP address through the front panel LCD controls.
  1. Make sure that the default management interface is connected to the network and the link status is active.
  2. Press the select button (✓) to begin.
  3. Press the down arrow button to select Network, and then press the select button.
  4. Press the down arrow to DHCP and then press the select button.
  5. Press the down arrow to select No, and then press the select button to disable DHCP.
  6. Press the down arrow to select Set static IP, and then press the select button.
  7. Press the left or right arrows to select the first digit to change, and then press the up or down arrows to change the digit to the desired number. Repeat this step for each digit you need to change. After you configure the desired IP address, press the select button.
  8. On the Network mask screen, press the left or right arrows to select the first digit to change, and then press the up or down arrows to change the digit to the desired number. Repeat this step for each digit you need to change. After you configure the desired network mask, press the select button.
  9. On the Default gateway screen, press the left or right arrows to select the first digit to change, and then press the up or down arrows to change the digit to the desired number. Repeat this step for each digit you need to change. After you configure the desired default gateway, press the select button.
  10. Confirm your modified network settings on the Settings saved screen, and then press any button to return to the Network Menu.
  11. Press the down arrow and scroll to Set DNS servers, and then press the select button.
  12. Press the left or right arrows on the DNS1 screen to select the first digit to change, and then press the up or down arrows to change the digit to the desired number. Repeat this step for each digit you need to change, and then press the select button to continue to the DNS2 screen.
  13. Configure a second DNS server.
  14. Confirm the DNS settings on the Settings saved screen, and then press any button to return to the Network Menu.
  15. Press the down arrow twice until ← Back appears, and then press the select button.
  16. Press the down arrow twice to select iDRAC. Configure the iDRAC DHCP, IP, mask, gateway, and DNS in the same manner as the IP address.
  17. Press the X button to return to the main menu.

Configure an IP address through the CLI

You can access the CLI by connecting a USB keyboard and SVGA monitor to the appliance or through an RS-232 serial cable and a terminal-emulator program. The terminal emulator must be set to 115200 bps with 8 data bits, no parity, 1 stop bit (8N1), and hardware flow control should be disabled.

  1. Establish a connection to the ExtraHop appliance.
  2. At the login prompt, type shell and then press ENTER.
  3. At the password prompt, type the system serial number and then press ENTER. The serial number is printed on a label on the back of the appliance. The serial number can also be found on the LCD display on the front of the appliance in the Info section.
  4. Enable privileged commands:
    enable
  5. At the password prompt, type the serial number, and then press ENTER.
  6. Enter configuration mode:
    configure
  7. Enter the interface configuration mode:
    interface
  8. Run the ip command and specify the IP address and DNS settings in the following format: ip ipaddr <ip_address> <netmask> <gateway> <dns_server>
    For example:
    ip ipaddr 10.10.2.14 255.255.0.0 10.10.1.253 10.10.1.254
  9. Leave the interface configuration section:
    exit
  10. Save the running config file:
    running_config save
  11. Type y and then press ENTER.

(Optional) Configure the 10 GbE management port

You can configure a 10 GbE port (port 1 or port 2) to manage the appliance. The commands below move the settings from port 3 to port 1 and then disables port 3. Alternatively, you can configure the 10 GbE management interface in the Admin UI.

  1. Make sure that port 1 is connected to the 10 GbE network.
  2. Establish an SSH connection to the ExtraHop appliance.
  3. At the login prompt, type shell and then press ENTER.
  4. At the password prompt, type the system serial number and then press ENTER. The serial number is printed on a label on the back of the appliance. The serial number can also be found on the LCD display on the front of the appliance in the Info section.
  5. Enable privileged commands:
    enable
  6. At the password prompt, type the serial number, and then press ENTER.
  7. Enter configuration mode:
    configure
  8. Enter the interface configuration mode:
    interface 1
  9. Move the interface settings:
    Warning:This command overwrites the settings for Interface 1 with the settings from Interface 3. The current settings for Interface 1 will be lost and Interface 3 will be disabled.
    take_settings 3
  10. Type Y to proceed and then press ENTER.

Configure the Trace appliance

Open a web browser and log into the Admin UI on the Trace appliance through the configured IP address.

Verify the configuration

After you have deployed and configured the Trace appliance, verify that the Trace appliance can collect packets through the Discover and Command appliances.

Before you begin

You must have a minimum user privilege of view and download packets to perform this procedure.
  1. Log into the Web UI on the Discover or Command appliance.
  2. Make sure Packets appears in the top menu.


  3. Click Packets to start a new packet query. You should now see a list of the collected packets.
If the Packets menu item does not appear, revisit the Connect the Discover and Command appliances to the Trace appliance section. If no results are returned when you perform a packet query, check your network settings. If either issue persists, contact ExtraHop Support.
Published 2018-11-09 13:57