In the case of using a BLADE Center, we have the following hardware topology:

As illustrated, we have a BLADE Center that contains the following components:

• Blade servers: These are hardware cards, usually located at the front side of the blade.
• Servers: The virtual servers installed on the hardware servers, also called VMs.
• Internal LAN switch: Internal LAN switches that are installed at the front or back of the blade center. These switches usually have 12-16 internal or virtual ports (Int in the diagram) and 4-8 external or physical ports (Ext in the diagram).
• External switch: Installed in the communication rack, and it's not a part of the BLADE Center.

Monitoring a blade center is more difficult because we don't have direct access to all of the traffic that goes through it. There are several options for doing so:

• Internal monitoring on the blade center:
  • For traffic on a specific server, install Wireshark on the virtual server. In this case you just have to make sure from which virtual ports traffic is sent and received. You will see this in the VM configuration, and also choose one interface a the time on the Wireshark and see to which one the traffic goes.
  • A second option is to install Wireshark on a different VM and configure the port mirror in the blade center switch, between the server you wish to monitor and the VM with the Wireshark installed on it.
• From servers to blade center switch (1) in the previous diagram:
  • For traffic that goes from the servers to the switch, configure, port mirror from the virtual ports the server is connected to, to the physical port where you connect the laptop. Most vendors support this option, and it can be configured.
• For external monitoring, traffic from the internal blade center switch to the external switches:
  • Use a standard port mirror on the internal or external switches