Explains why the TIM is unable to decode traffic when the Cisco Fabric Switch functionality is enabled.
Certain switches enable or put switch-specific headers on top of a Layer 2 frame.
For example, with the Cisco Fabric Switch, it encapsulates a Layer 2 frame with a FabricPath header and this is shown below:
This custom header uses a new Cisco proprietary traffic protocol (0x8903/DCE protocol, Data Center Ethernet) instead of TCP protocol traffic. Unless a tool/software has the capability to interpret/understand this DCE protocol traffic, it will not be able to extract/decrypt the HTTP/HTTPS data.
With TIM/MTP, it sees the traffic as unidirectional. However when the traffic is decoded, it is really bi-directional.
Disable the Cisco Fabric Switch functionality or upgrade the Nexus switch software to a release not having this issue.