-
Cisco Nexus 6000 Series NX-OS System Management Configuration Guide, Release 6.0(2)N1(1)
-
Preface
-
Overview
-
Configuring Switch Profiles
-
Configuring Module Pre-Provisioning
-
Using Cisco Fabric Services
-
Configuring User Accounts and RBAC
-
Configuring Session Manager
-
Configuring Online Diagnostics
-
Configuring System Message Logging
-
Configuring Smart Call Home
-
Configuring Rollback
-
Configuring DNS
-
Configuring SNMP
-
Configuring RMON
-
Configuring SPAN
-
Configuring ERSPAN
-
Index
-
Feedback
Contents
- Configuring SPAN
- Information About SPAN
- SPAN Sources
- Characteristics of Source Ports
- SPAN Destinations
- Characteristics of Destination Ports
- Guidelines and Limitations for SPAN
- Creating or Deleting a SPAN Session
- Configuring an Ethernet Destination Port
- Configuring MTU Truncation for Each SPAN Session
- Configuring Source Ports
- Configuring the Description of a SPAN Session
- Activating a SPAN Session
- Displaying SPAN Information
Configuring SPAN
This chapter contains the following sections:
- Information About SPAN
- SPAN Sources
- Characteristics of Source Ports
- SPAN Destinations
- Characteristics of Destination Ports
- Guidelines and Limitations for SPAN
- Creating or Deleting a SPAN Session
- Configuring an Ethernet Destination Port
- Configuring MTU Truncation for Each SPAN Session
- Configuring Source Ports
- Configuring the Description of a SPAN Session
- Activating a SPAN Session
- Displaying SPAN Information
Information About SPAN
The Switched Port Analyzer (SPAN) feature (sometimes called port mirroring or port monitoring) selects network traffic for analysis by a network analyzer. The network analyzer can be a Cisco SwitchProbe or other Remote Monitoring (RMON) probes.
SPAN Sources
SPAN sources refer to the interfaces from which traffic can be monitored. The Cisco Nexus device supports Ethernet, port channels, SAN port channels, VSANs and VLANs as SPAN sources. With VLANs or VSANs, all supported interfaces in the specified VLAN or VSAN are included as SPAN sources. You can choose the SPAN traffic in the ingress direction, the egress direction, or both directions for Ethernet and virtual Fibre Channel source interfaces:
- Ingress source (Rx)—Traffic entering the device through this source port is copied to the SPAN destination port.
- Egress source (Tx)—Traffic exiting the device through this source port is copied to the SPAN destination port.
NoteVSAN ports cannot be configured as ingress source ports in a SPAN session.
Characteristics of Source Ports
A source port, also called a monitored port, is a switched interface that you monitor for network traffic analysis. The switch supports any number of ingress source ports (up to the maximum number of available ports on the switch) and any number of source VLANs or VSANs.
A source port has these characteristics:
- Can be of Ethernet, port channel, virtual Fibre Channel, SAN port channel, VSAN or VLAN port type.
- Cannot be monitored in multiple SPAN sessions.
- Cannot be a destination port.
- Each source port can be configured with a direction (ingress, egress, or both) to monitor. For VLAN and VSAN sources, the monitored direction can only be ingress and applies to all physical ports in the group. The RX/TX option is not available for VLAN or VSAN SPAN sessions.
- Source ports can be in the same or different VLANs or VSANs.
- For VLAN or VSAN SPAN sources, all active ports in the source VLAN or VSAN are included as source ports.
Characteristics of Destination Ports
Each local SPAN session must have a destination port (also called a monitoring port) that receives a copy of traffic from the source ports, VSANs, or VLANs. A destination port has these characteristics:
- Can be any physical port. Source Ethernet and FCoE ports cannot be destination ports.
- Cannot be a source port.
- Cannot be a port channel or SAN port channel group.
- Does not participate in spanning tree while the SPAN session is active.
- Is excluded from the source list and is not monitored if it belongs to a source VLAN of any SPAN session.
- Receives copies of sent and received traffic for all monitored source ports. If a destination port is oversubscribed, it can become congested. This congestion can affect traffic forwarding on one or more of the source ports.
Creating or Deleting a SPAN Session
Configuring an Ethernet Destination Port
ProcedureYou can configure an Ethernet interface as a SPAN destination port.
Note
The SPAN destination port can only be a physical port on the switch.
The following example shows how to configure an Ethernet SPAN destination port:
switch# configure terminal switch(config)# interface ethernet 1/3 switch(config-if)# switchport monitor switch(config-if)# exit switch(config)# monitor session 2 switch(config-monitor)# destination interface ethernet 1/3 switch(config-monitor)#Configuring MTU Truncation for Each SPAN Session
ProcedureTo reduce the SPAN traffic bandwidth, you can configure the maximum bytes allowed for each replicated packet in a SPAN session. This value is called the maximum transmission unit (MTU) truncation size. Any SPAN packet larger than the configured size is truncated to the configured size.
Command or Action Purpose
Step 1 switch# configure terminal Enters global configuration mode.
Step 2 switch(config) # monitor session session-number Enters monitor configuration mode and specifies the SPAN session for which the MTU truncation size is to be configured.
Step 3 switch(config-monitor) # [no] mtu Configures the MTU truncation size for packets in the specified SPAN session. The range is from 64 to 1518 bytes.
Step 4 switch(config-monitor) # show monitor session session-number (Optional) Displays the status of SPAN sessions, including the configuration status of MTU truncation, the maximum bytes allowed for each packet per session, and the modules on which MTU truncation is and is not supported.
Step 5 switch(config-monitor) # copy running-config startup-config (Optional) Copies the running configuration to the startup configuration.
Configuring Source Ports
Procedure
Command or Action Purpose
Step 1 switch# configure terminal Enters global configuration mode.
Step 2 switch(config) # monitor session session-number Enters monitor configuration mode for the specified monitoring session.
Step 3 switch(config-monitor) # source interface type slot/port [rx | tx | both]
Configures sources and the traffic direction in which to duplicate packets. You can enter a range of Ethernet, Fibre Channel, or virtual Fibre Channel ports. You can specify the traffic direction to duplicate as ingress (rx), egress (tx), or both. By default, the direction is both.
Note If this is a 10G breakout port, the slot/port syntax is slot/QSFP-module/port.
The following example shows how to configure an Ethernet SPAN source port:
switch# configure terminal switch(config)# monitor session 2 switch(config-monitor)# source interface ethernet 1/16 switch(config-monitor)#The following example shows how to configure a virtual Fibre Channel SPAN source port:
switch# configure terminal switch(config)# monitor session 2 switch(config-monitor)# source interface vfc 129 switch(config-monitor)#Activating a SPAN Session
Displaying SPAN Information
Procedure
Command or Action Purpose This example shows how to display SPAN session information:
switch# show monitor SESSION STATE REASON DESCRIPTION ------- ----------- ---------------------- -------------------------------- 2 up The session is up 3 down Session suspended 4 down No hardware resourceThis example shows how to display SPAN session details:
switch# show monitor session 2 session 2 --------------- type : local state : up source intf : source VLANs : rx : source VSANs : rx : 1 destination ports : Eth3/1
