Cisco Nexus 6000 Series NX-OS System Management Configuration Guide, Release 6.x
Configuring SPAN
Downloads: This chapterpdf (PDF - 1.19MB) The complete bookPDF (PDF - 3.88MB) | The complete bookePub (ePub - 572.0KB) | Feedback

Configuring SPAN

Configuring SPAN

This chapter contains the following sections:

Information About SPAN

The Switched Port Analyzer (SPAN) feature (sometimes called port mirroring or port monitoring) selects network traffic for analysis by a network analyzer. The network analyzer can be a Cisco SwitchProbe or other Remote Monitoring (RMON) probes.

SPAN Sources

SPAN sources refer to the interfaces from which traffic can be monitored. The Cisco Nexus device supports Ethernet, port channels, SAN port channels, VSANs and VLANs as SPAN sources. With VLANs or VSANs, all supported interfaces in the specified VLAN or VSAN are included as SPAN sources. You can choose the SPAN traffic in the ingress direction, the egress direction, or both directions for Ethernet and virtual Fibre Channel source interfaces:

  • Ingress source (Rx)—Traffic entering the device through this source port is copied to the SPAN destination port.
  • Egress source (Tx)—Traffic exiting the device through this source port is copied to the SPAN destination port.

Note


VSAN ports cannot be configured as ingress source ports in a SPAN session.


Characteristics of Source Ports

A source port, also called a monitored port, is a switched interface that you monitor for network traffic analysis. The switch supports any number of ingress source ports (up to the maximum number of available ports on the switch) and any number of source VLANs or VSANs.

A source port has these characteristics:

  • Can be of Ethernet, port channel, virtual Fibre Channel, SAN port channel, VSAN or VLAN port type.
  • Cannot be monitored in multiple SPAN sessions unless it is in both the RX and TX directions.
  • Cannot be a destination port.
  • Each source port can be configured with a direction (ingress, egress, or both) to monitor. For VLAN and VSAN sources, the monitored direction can only be ingress and applies to all physical ports in the group. The RX/TX option is not available for VLAN or VSAN SPAN sessions.
  • There is no limit to the number of egress SPAN ports, but there is upper limit of 128 source ports in the monitor session.
  • Port Channel and SAN Port Channel interfaces can be configured as ingress or egress source ports.
  • Source ports can be in the same or different VLANs or VSANs.
  • For VLAN or VSAN SPAN sources, all active ports in the source VLAN or VSAN are included as source ports.

SPAN Destinations

SPAN destinations refer to the interfaces that monitors source ports. The Cisco Nexus Series device supports Ethernet interfaces as SPAN destinations.

Source SPAN

Dest SPAN

Ethernet

Ethernet

Virtual Fibre Channel

Ethernet (FCoE)

Characteristics of Destination Ports

Each local SPAN session must have a destination port (also called a monitoring port) that receives a copy of traffic from the source ports, VSANs, or VLANs. A destination port has these characteristics:

  • Can be any physical port. Source Ethernet and FCoE ports cannot be destination ports.
  • Cannot be a source port.
  • Cannot be a port channel or SAN port channel group.
  • Does not participate in spanning tree while the SPAN session is active.
  • Is excluded from the source list and is not monitored if it belongs to a source VLAN of any SPAN session.
  • Receives copies of sent and received traffic for all monitored source ports. If a destination port is oversubscribed, it can become congested. This congestion can affect traffic forwarding on one or more of the source ports.

Guidelines and Limitations for SPAN

SPAN traffic is rate-limited as follows on Cisco Nexus devices to prevent a negative impact to production traffic:

  • SPAN support 16 active bi-directional SPAN sessions.

Creating or Deleting a SPAN Session

You create a SPAN session by assigning a session number using the monitor session command. If the session already exists, any additional configuration information is added to the existing session.

Procedure
      Command or Action Purpose
    Step 1 switch# configure terminal 

    Enters global configuration mode.

     
    Step 2 switch(config)# monitor session session-number
     

    Enters the monitor configuration mode. New session configuration is added to the existing session configuration.

     

    This example shows how to configure a SPAN monitor session:

    switch# configure terminal
    switch(config) # monitor session 2
    switch(config) #

    Configuring an Ethernet Destination Port

    You can configure an Ethernet interface as a SPAN destination port.


    Note


    The SPAN destination port can only be a physical port on the switch.


    Procedure
        Command or Action Purpose
      Step 1 switch# configure terminal 

      Enters global configuration mode.

       
      Step 2 switch(config)# interface ethernet slot/port
       

      Enters interface configuration mode for the Ethernet interface with the specified slot and port.

      Note   

      If this is a 10G breakout port, the slot/port syntax is slot/QSFP-module/port.

       
      Step 3 switch(config-if)# switchport monitor
       

      Enters monitor mode for the specified Ethernet interface. Priority flow control is disabled when the port is configured as a SPAN destination.

       
      Step 4 switch(config-if)# exit
       

      Reverts to global configuration mode.

       
      Step 5 switch(config)# monitor session session-number
       

      Enters monitor configuration mode for the specified SPAN session.

       
      Step 6 switch(config-monitor)# destination interface ethernet slot/port
       

      Configures the Ethernet SPAN destination port.

      Note   

      If this is a 10G breakout port, the slot/port syntax is slot/QSFP-module/port.

       

      The following example shows how to configure an Ethernet SPAN destination port:

      switch# configure terminal
      switch(config)# interface ethernet 1/3
      switch(config-if)# switchport monitor
      switch(config-if)# exit
      switch(config)# monitor session 2
      switch(config-monitor)# destination interface ethernet 1/3
      switch(config-monitor)# 

      Configuring MTU Truncation for Each SPAN Session

      To reduce the SPAN traffic bandwidth, you can configure the maximum bytes allowed for each replicated packet in a SPAN session. This value is called the maximum transmission unit (MTU) truncation size. Any SPAN packet larger than the configured size is truncated to the configured size.

      Procedure
          Command or Action Purpose
        Step 1 switch# configure terminal 

        Enters global configuration mode.

         
        Step 2 switch(config) # monitor session session-number 

        Enters monitor configuration mode and specifies the SPAN session for which the MTU truncation size is to be configured.

         
        Step 3 switch(config-monitor) # [no] mtu 

        Configures the MTU truncation size for packets in the specified SPAN session. The range is from 64 to 1518 bytes.

         
        Step 4 switch(config-monitor) # show monitor session session-number  (Optional)

        Displays the status of SPAN sessions, including the configuration status of MTU truncation, the maximum bytes allowed for each packet per session, and the modules on which MTU truncation is and is not supported.

         
        Step 5 switch(config-monitor) # copy running-config startup-config  (Optional)

        Copies the running configuration to the startup configuration.

         

        This example shows how to configure MTU truncation for a SPAN session:

        switch# configure terminal
        switch(config) # monitor session 3
        switch(config-monitor) # mtu
        switch(config-monitor) # copy running-config startup-config
        switch(config-monitor) #

        Configuring Source Ports

        Source ports can only be Ethernet ports.

        Procedure
            Command or Action Purpose
          Step 1 switch# configure terminal 

          Enters global configuration mode.

           
          Step 2 switch(config) # monitor session session-number 

          Enters monitor configuration mode for the specified monitoring session.

           
          Step 3 switch(config-monitor) # source interface type slot/port [rx | tx | both]
           

          Configures sources and the traffic direction in which to duplicate packets. You can enter a range of Ethernet, Fibre Channel, or virtual Fibre Channel ports. You can specify the traffic direction to duplicate as ingress (rx), egress (tx), or both. By default, the direction is both.

          Note   

          If this is a 10G breakout port, the slot/port syntax is slot/QSFP-module/port.

           

          The following example shows how to configure an Ethernet SPAN source port:

          switch# configure terminal
          switch(config)# monitor session 2
          switch(config-monitor)# source interface ethernet 1/16
          switch(config-monitor)#

          The following example shows how to configure a virtual Fibre Channel SPAN source port:

          switch# configure terminal
          switch(config)# monitor session 2
          switch(config-monitor)# source interface vfc 129
          switch(config-monitor)#

          Configuring the Description of a SPAN Session

          For ease of reference, you can provide a descriptive name for a SPAN session.

          Procedure
              Command or Action Purpose
            Step 1 switch# configure terminal 

            Enters global configuration mode.

             
            Step 2 switch(config) # monitor session session-number 

            Enters monitor configuration mode for the specified SPAN session.

             
            Step 3 switch(config-monitor) # description description
             

            Creates descriptive name for the SPAN session.

             

            The following example shows how to configure a SPAN session description:

            switch# configure terminal
            switch(config) # monitor session 2
            switch(config-monitor) # description monitoring ports eth2/2-eth2/4
            switch(config-monitor) #

            Activating a SPAN Session

            The default is to keep the session state shut. You can open a session that duplicates packets from sources to destinations.

            Procedure
                Command or Action Purpose
              Step 1 switch# configure terminal 

              Enters global configuration mode.

               
              Step 2 switch(config) # no monitor session {all | session-number} shut
               

              Opens the specified SPAN session or all sessions.

               

              The following example shows how to activate a SPAN session:

              switch# configure terminal
              switch(config) # no monitor session 3 shut 

              Displaying SPAN Information

              Procedure
                  Command or Action Purpose
                Step 1 switch# show monitor [session {all | session-number | range session-range} [brief]]
                 

                Displays the SPAN configuration.

                 

                This example shows how to display SPAN session information:

                switch# show monitor
                SESSION  STATE        REASON                  DESCRIPTION
                -------  -----------  ----------------------  --------------------------------
                2        up           The session is up
                3        down         Session suspended
                4        down         No hardware resource

                This example shows how to display SPAN session details:

                switch# show monitor session 2
                   session 2
                ---------------
                type              : local
                state             : up
                source intf       :
                
                source VLANs      :
                    rx            :
                source VSANs      :
                    rx            : 1
                destination ports : Eth3/1