Documentation Updates for the Catalyst 3560E-12D Switch [Cisco Catalyst 3560-E Series Switches]

Table Of Contents

Documentation Updates for the Catalyst 3560E-12D Switches

Updates to the "Configuring SPAN and RSPAN" Chapter in the Software Configuration Guide

Updates to the "SPAN and RSPAN Concepts and Terminology" Section

Updates to the "Source Ports" Section

Addition of the "Destination-Port Group" Section

Updates to the "Configuring Local SPAN" Section

SPAN Configuration Guidelines

Creating a Local SPAN Session

Creating a Local SPAN Session and Configuring Incoming Traffic

Specifying VLANs to Filter

Updates to the "Configuring RSPAN" Section

Creating an RSPAN Source Session

Specifying VLANs to Filter

Creating an RSPAN Destination Session

Creating an RSPAN Destination Session and Configuring Incoming Traffic

Addition of the "Fan Failures" Section to the Software Configuration Guide

Fan Failures

Updates to the monitor session command in the Command Reference

monitor session

Updates to the show monitor command in the Command Reference

show monitor

Addition of the system env fan-fail-action shut Command in the Command Reference

system env fan-fail shutdown

Related Publications

Obtaining Documentation, Obtaining Support, and Security Guidelines

Documentation Updates for the Catalyst 3560E-12D Switches

November 27, 2007

This document describes how to configure the Catalyst 3560E -12D switch, referred to as the aggregator switch. The Catalyst 3750-E switches and Catalyst 3560-E switches other than the Catalyst 3560E-12D switch are referred to as desktop switches.

Use this document in conjunction with the Catalyst 3750-E and 3560-E software documentation (see the "Related Publications" section).

This document has these sections:

•Updates to the "Configuring SPAN and RSPAN" Chapter in the Software Configuration Guide

•Addition of the "Fan Failures" Section to the Software Configuration Guide

•Updates to the monitor session command in the Command Reference

•Updates to the show monitor command in the Command Reference

•Addition of the system env fan-fail-action shut Command in the Command Reference

•Related Publications

•Obtaining Documentation, Obtaining Support, and Security Guidelines

Updates to the "Configuring SPAN and RSPAN" Chapter in the Software Configuration Guide

In this section, the Catalyst 3560E -12D switch is referred to as the aggregator switch, and the Catalyst 3750-E switches and Catalyst 3560-E switches other than the Catalyst 3560E-12D switch are referred to as desktop switches.

This information is modified or added:

•"Updates to the "SPAN and RSPAN Concepts and Terminology" Section" section

•"Updates to the "Source Ports" Section" section

•"Addition of the "Destination-Port Group" Section" section

•"Updates to the "Configuring Local SPAN" Section" section

•"Updates to the "Configuring RSPAN" Section" section

Updates to the "SPAN and RSPAN Concepts and Terminology" Section

In the "SPAN Sessions" section:

Traffic monitoring in a SPAN session has these restrictions:

•Sources can be ports or VLANs, but you cannot mix source ports and source VLANs in the same session.

•The switch (other than the Catalyst 3560E-12D switch) supports up to two local SPAN or RSPAN source sessions.

–You can run both a local SPAN and an RSPAN source session in the same switch or switch stack. The switch or switch stack supports a total of 66 source and RSPAN destination sessions.

–You can configure two separate SPAN or RSPAN source sessions with separate or overlapping sets of SPAN source ports and VLANs. Both switched and routed ports can be configured as SPAN sources and destinations.

•The Catalyst 3560E-12D switch supports only one source session (either a local SPAN or RSPAN source session), which must be session 1. Both switched and routed ports can be configured as SPAN sources and destinations.

•You can have multiple destination ports in a SPAN session, but no more than 64 destination ports per switch stack.

•SPAN sessions do not interfere with the normal operation of the switch. However, an oversubscribed SPAN destination, for example, a 10-Mb/s port monitoring a 100-Mb/s port, can result in dropped or lost packets.

•When local SPAN or RSPAN is enabled, each packet being monitored is sent twice, once as normal traffic and once as a monitored packet. Therefore monitoring a large number of ports or VLANs could potentially generate large amounts of network traffic.

•You can configure SPAN sessions on disabled ports; however, a SPAN session does not become active unless you enable the destination port and at least one source port or VLAN for that session.

•The switch does not support a combination of local SPAN and RSPAN in a single session.

–An RSPAN source session cannot have a local destination port.

–An RSPAN destination session cannot have a local source port.

–An RSPAN destination session and an RSPAN source session that are using the same RSPAN VLAN cannot run on the same switch or switch stack.

Updates to the "Source Ports" Section

A source port (also called a monitored port) is a switched or routed port that you monitor for network traffic analysis. In a local SPAN session or RSPAN source session, you can monitor source ports or VLANs for traffic in one or both directions. The switch supports any number of source ports (up to the maximum number of available ports on the switch) and any number of source VLANs (up to the maximum number of VLANs supported). However, the switch supports a maximum of two sessions (local or RSPAN) with source ports or VLANs, and the Catalyst 3560E-12D switch supports only one session (local or RSPAN) with source ports or VLANs. You cannot mix ports and VLANs in a single session.

A source port has these characteristics:

•It can be monitored in multiple SPAN sessions on a switch. The source port can only be monitored in one SPAN session on the Catalyst 3560E-12D switch

•Each source port can be configured with a direction (ingress, egress, or both) to monitor.

•It can be any port type (for example, EtherChannel, Gigabit Ethernet, and so forth).

•For EtherChannel sources, you can monitor traffic for the entire EtherChannel or individually on a physical port as it participates in the port channel.

•It can be an access port, trunk port, routed port, or voice VLAN port.

•It cannot be a destination port.

•Source ports can be in the same or different VLANs.

•You can monitor multiple source ports in a single session.

Addition of the "Destination-Port Group" Section

The "Destination-Port Group" section is added after the "Destination Port" section:

Note This section applies only to the Catalyst 3560E-12D switch.

The Catalyst 3560E-12D switch can only send SPAN and RSPAN traffic through destination ports belonging to the same destination-port group. When configuring an RSPAN destination session, you must specify the destination-port group (a, b, or c). For more information about the destination-port groups, see the "SPAN Configuration Guidelines" section.

In a local SPAN session with only one destination port, you do not need to specify the destination-port group. If you add a second destination port to the session, the port must be in the same destination-port group as the existing destination port.

Updates to the "Configuring Local SPAN" Section

These sections contain this configuration information:

•"SPAN Configuration Guidelines" section

•"Creating a Local SPAN Session" section2

•"Creating a Local SPAN Session and Configuring Incoming Traffic" section

•"Specifying VLANs to Filter" section

SPAN Configuration Guidelines

Follow these guidelines when configuring SPAN:

•On each switch stack, you can configure a maximum of 2 source sessions and 64 RSPAN destination sessions. A source session is either a local SPAN session or an RSPAN source session.

•For SPAN sources, you can monitor traffic for a single port or VLAN or a series or range of ports or VLANs for each session. You cannot mix source ports and source VLANs within a single SPAN session.

•The destination port cannot be a source port.

•You cannot have two SPAN sessions using the same destination port.

•When you configure a switch port as a SPAN destination port, it is no longer a normal switch port; only monitored traffic passes through the SPAN destination port.

•Entering SPAN configuration commands does not remove previously configured SPAN parameters. You must enter the no monitor session {session_number | all | local | remote} global configuration command to delete configured SPAN parameters.

•For local SPAN, outgoing packets through the SPAN destination port carry the original encapsulation headers—untagged, ISL, or IEEE 802.1Q—if the encapsulation replicate keywords are specified. If the keywords are not specified, the packets are sent in native form.

•You can configure a disabled port to be a source or destination port, but the SPAN function does not start until the destination port and at least one source port or source VLAN are enabled.

•You can limit SPAN traffic to specific VLANs by using the filter vlan keyword. If a trunk port is being monitored, only traffic on the VLANs specified with this keyword is monitored. By default, all VLANs are monitored on a trunk port.

•You cannot mix source VLANs and filter VLANs within a single SPAN session.

•On the Catalyst 3560E-12D switch, you must specify the destination-port group for an RSPAN source session by entering the monitor session session_number destination remote vlan vlan-id destination-port group {a | b | c} global configuration command for these types of sessions:

•The Catalyst 3560E-12D switch supports these destination-port groups, depending on the switch port configuration:

–a—tengigabitethernet 0/1 to tengigabitethernet 0/4 or gigabitethernet 0/1 to gigabitethernet 0/8

–b—tengigabitethernet 0/5 to tengigabitethernet 0/8 or gigabitethernet 0/9 to gigabitethernet 0/16

–c—tengigabitethernet 0/9 to tengigabitethernet 0/12 or gigabitethernet 0/17 to gigabitethernet 0/24

Creating a Local SPAN Session

Beginning in privileged EXEC mode, follow these steps to create a SPAN session and to specify the source (monitored) ports or VLANs and the destination (monitoring) ports:

Command

Purpose

Step 1

configure terminal

Enter global configuration mode.

Step 2

no monitor session {session_number | all | local | remote}

Remove any existing SPAN configuration for the session.

For session_number, the range is 1 to 66.

Specify all to remove all SPAN sessions, local to remove all local sessions, or remote to remove all remote SPAN sessions.

Step 3

monitor session session_number source {interface interface-id | vlan vlan-id} [, | -] [both | rx | tx]

Specify the SPAN session and the source port (monitored port).

For session_number, the range is 1 to 66. When entering this command on the Catalyst 3560E-12D switch, you can only enter 1 for the session_number.

For interface-id, specify the source port or source VLAN to monitor.

•For source interface-id, specify the source port to monitor. Valid interfaces include physical interfaces and port-channel logical interfaces (port-channel port-channel-number). Valid port-channel numbers are 1 to 48.

•For vlan-id, specify the source VLAN to monitor. The range is 1 to 4094 (excluding the RSPAN VLAN).

Note A single session can include multiple sources (ports or VLANs), defined in a series of commands, but you cannot combine source ports and source VLANs in one session.

(Optional) [, | -] Specify a series or range of interfaces. Enter a space before and after the comma; enter a space before and after the hyphen.

(Optional) Specify the direction of traffic to monitor. If you do not specify a traffic direction, the SPAN monitors both sent and received traffic.

•both—Monitor both received and sent traffic. This is the default.

•rx—Monitor received traffic.

•tx—Monitor sent traffic.

Note You can use the monitor session session_number source command multiple times to configure multiple source ports.

Step 4

monitor session session_number destination {interface interface-id [, | -] [encapsulation replicate]}

Specify the SPAN session and the destination port (monitoring port), and the destination-port group if more than one port is specified.

For session_number, specify the session number entered in Step 3.

Note For local SPAN, you must use the same session number for the source and destination interfaces.

For interface-id, specify the destination port. The destination interface must be a physical port; it cannot be an EtherChannel, and it cannot be a VLAN.

(Optional) [, | -] Specify a series or range of interfaces. Enter a space before and after the comma; enter a space before and after the hyphen.

(Optional) Enter encapsulation replicate to specify that the destination interface replicates the source interface encapsulation method. If not selected, the default is to send packets in native form (untagged).

Note You can use monitor session session_number destination command multiple times to configure multiple destination ports. All the destination ports must belong to the same destination-port group.

Step 5

end

Return to privileged EXEC mode.

Step 6

show monitor [session session_number]

show running-config

Verify the configuration.

Step 7

copy running-config startup-config

(Optional) Save the configuration in the configuration file.

To delete a SPAN session, use the no monitor session session_number global configuration command. To remove a source or destination port or VLAN from the SPAN session, use the no monitor session session_number source {interface interface-id | vlan vlan-id} global configuration command or the no monitor session session_number destination interface interface-id global configuration command. For destination interfaces, the encapsulation options are ignored with the no form of the command.

This example shows how to set up SPAN session 1 for monitoring source port traffic to a destination port. First, any existing SPAN configuration for session 1 is deleted, and then bidirectional traffic is mirrored from source Gigabit Ethernet port 1 to destination Gigabit Ethernet port 2, retaining the encapsulation method.
Switch(config)# no monitor session 1
Switch(config)# monitor session 1 source interface gigabitethernet1/0/1
Switch(config)# monitor session 1 destination interface gigabitethernet1/0/2 
encapsulation replicate
Switch(config)# end
This example shows how to remove port 1 as a SPAN source for SPAN session 1:
Switch(config)# no monitor session 1 source interface gigabitethernet1/0/1
Switch(config)# end
This example shows how to disable received traffic monitoring on port 1, which was configured for bidirectional monitoring:
Switch(config)# no monitor session 1 source interface gigabitethernet1/0/1 rx
The monitoring of traffic received on port 1 is disabled, but traffic sent from this port continues to be monitored.

This example shows how to remove any existing configuration on SPAN session 2, configure SPAN session 2 to monitor received traffic on all ports belonging to VLANs 1 through 3, and send it to destination Gigabit Ethernet port 2. The configuration is then modified to also monitor all traffic on all ports belonging to VLAN 10.
Switch(config)# no monitor session 2
Switch(config)# monitor session 2 source vlan 1 - 3 rx
Switch(config)# monitor session 2 destination interface gigabitethernet1/0/2
Switch(config)# monitor session 2 source vlan 10
Switch(config)# end
Creating a Local SPAN Session and Configuring Incoming Traffic

Beginning in privileged EXEC mode, follow these steps to create a SPAN session, to specify the source ports or VLANs and the destination ports, and to enable incoming traffic on the destination port for a network security device (such as a Cisco IDS Sensor Appliance).

For details about the keywords not related to incoming traffic, see the "Creating a Local SPAN Session" section on page 12.

Command

Purpose

Step 1

configure terminal

Enter global configuration mode.

Step 2

no monitor session {session_number | all | local | remote}

Remove any existing SPAN configuration for the session.

Step 3

monitor session session_number source {interface interface-id | vlan vlan-id} [, | -] [both | rx | tx]

Specify the SPAN session and the source port (monitored port).

Step 4

monitor session session_number destination {interface interface-id [, | -] [encapsulation replicate] [ingress {dot1q vlan vlan-id | isl | untagged vlan vlan-id | vlan vlan-id}]}

Specify the SPAN session, the destination port, the packet encapsulation, the ingress VLAN and encapsulation, and the destination-port group if more than one port is specified.

For session_number, specify the session number entered in Step 3. When entering this command on the Catalyst 3560E-12D switch, you can only enter 1 for the session_number.

For interface-id, specify the destination port. The destination interface must be a physical port; it cannot be an EtherChannel, and it cannot be a VLAN.

(Optional) [, | -] Specify a series or range of interfaces. Enter a space before and after the comma or hyphen.

(Optional) Enter encapsulation replicate to specify that the destination interface replicates the source interface encapsulation method. If not selected, the default is to send packets in native form (untagged).

(Optional) Enter ingress with keywords to enable forwarding of incoming traffic on the destination port and to specify the encapsulation type:

•dot1q vlan vlan-id—Accept incoming packets with IEEE 802.1Q encapsulation with the specified VLAN as the default VLAN.

•isl—Forward ingress packets with ISL encapsulation.

•untagged vlan vlan-id or vlan vlan-id—Accept incoming packets with untagged encapsulation type with the specified VLAN as the default VLAN.

Step 5

end

Return to privileged EXEC mode.

Step 6

show monitor [session session_number]

show running-config

Verify the configuration.

Step 7

copy running-config startup-config

(Optional) Save the configuration in the configuration file.

To delete a SPAN session, use the no monitor session session_number global configuration command. To remove a source or destination port or VLAN from the SPAN session, use the no monitor session session_number source {interface interface-id | vlan vlan-id} global configuration command or the no monitor session session_number destination interface interface-id global configuration command. For destination interfaces, the encapsulation and ingress options are ignored with the no form of the command.

This example shows how to remove any existing configuration on SPAN session 2, configure SPAN session 2 to monitor received traffic on Gigabit Ethernet source port 1, and send it to destination Gigabit Ethernet port 2 with the same egress encapsulation type as the source port, and to enable ingress forwarding with IEEE 802.1Q encapsulation and VLAN 6 as the default ingress VLAN.
Switch(config)# no monitor session 2
Switch(config)# monitor session 2 source gigabitethernet1/0/1 rx
Switch(config)# monitor session 2 destination interface gigabitethernet1/0/2 encapsulation 
replicate ingress dot1q vlan 6 
Switch(config)# end
Specifying VLANs to Filter

Beginning in privileged EXEC mode, follow these steps to limit SPAN source traffic to specific VLANs only on trunk ports and voice VLAN ports:

Command

Purpose

Step 1

configure terminal

Enter global configuration mode.

Step 2

no monitor session {session_number | all | local | remote}

Remove any existing SPAN configuration for the session.

For session_number, the range is 1 to 66.

Specify all to remove all SPAN sessions, local to remove all local sessions, or remote to remove all remote SPAN sessions.

Step 3

monitor session session_number source interface interface-id

Specify the characteristics of the source port (monitored port) and SPAN session.

For session_number, the range is 1 to 66. When entering this command on the Catalyst 3560E-12D switch, you can only enter 1 for the session_number.

For interface-id, specify the source port to monitor. The interface specified must already be configured as a trunk port.

Step 4

monitor session session_number filter vlan vlan-id [, | -]

Limit the SPAN source traffic to specific VLANs.

For session_number, enter the session number specified in Step 3.

For vlan-id, the range is 1 to 4094.

(Optional) Use a comma (,) to specify a series of VLANs, or use a hyphen (-) to specify a range of VLANs. Enter a space before and after the comma; enter a space before and after the hyphen.

Step 5

monitor session session_number destination {interface interface-id [, | -] [encapsulation replicate]}

Specify the SPAN session, the destination port (monitoring port), and the destination-port group if more than one port is specified.

For session_number, specify the session number entered in Step 3.

For interface-id, specify the destination port. The destination interface must be a physical port; it cannot be an EtherChannel, and it cannot be a VLAN.

(Optional) [, | -] Specify a series or range of interfaces. Enter a space before and after the comma; enter a space before and after the hyphen.

(Optional) Enter encapsulation replicate to specify that the destination interface replicates the source interface encapsulation method. If not selected, the default is to send packets in native form (untagged).

Step 6

end

Return to privileged EXEC mode.

Step 7

show monitor [session session_number]

show running-config

Verify the configuration.

Step 8

copy running-config startup-config

(Optional) Save the configuration in the configuration file.

To monitor all VLANs on the trunk port, use the no monitor session session_number filter global configuration command.

This example shows how to remove any existing configuration on SPAN session 2, configure SPAN session 2 to monitor traffic received on Gigabit Ethernet trunk port 2, and send traffic for only VLANs 1 through 5 and VLAN 9 to destination Gigabit Ethernet port 1.
Switch(config)# no monitor session 2
Switch(config)# monitor session 2 source interface gigabitethernet1/0/2 rx
Switch(config)# monitor session 2 filter vlan 1 - 5 , 9
Switch(config)# monitor session 2 destination interface gigabitethernet1/0/1
Switch(config)# end
Updates to the "Configuring RSPAN" Section

This document has updates for these sections in the "Configuring RSPAN" section:

•"Creating an RSPAN Source Session" section

•"Specifying VLANs to Filter" section

•"Creating an RSPAN Destination Session" section

•"Creating an RSPAN Destination Session and Configuring Incoming Traffic" section

Creating an RSPAN Source Session

Beginning in privileged EXEC mode, follow these steps to start an RSPAN source session and to specify the monitored source and the destination RSPAN VLAN:

Command

Purpose

Step 1

configure terminal

Enter global configuration mode.

Step 2

vlan vlan-id

Enter the VLAN ID of the RSPAN VLAN created from the source switch, and enter VLAN configuration mode.

If both switches are participating in VTP and the RSPAN VLAN ID is from 2 to 1005, Steps 2 through 4 are not required because the RSPAN VLAN ID is propagated through the VTP network.

Step 3

remote-span

Identify the VLAN as an RSPAN VLAN.

Step 4

no monitor session {session_number | all | local | remote}

Remove any existing RSPAN configuration for the session.

For session_number, the range is 1 to 66.

Specify all to remove all RSPAN sessions, local to remove all local sessions, or remote to remove all remote SPAN sessions.

Step 5

monitor session session_number source {interface interface-id | vlan vlan-id} [, | -] [both | rx | tx]

Specify the RSPAN session and the source port (monitored port).

For session_number, the range is 1 to 66. When entering this command on the Catalyst 3560E-12D switch, you can only enter 1 for the session_number.

Enter a source port or source VLAN for the RSPAN session:

•For interface-id, specify the source port to monitor. Valid interfaces include physical interfaces and port-channel logical interfaces (port-channel port-channel-number). Valid port-channel numbers are 1 to 48.

•For vlan-id, specify the source VLAN to monitor. The range is 1 to 4094 (excluding the RSPAN VLAN).

A single session can include multiple sources (ports or VLANs), defined in a series of commands, but you cannot combine source ports and source VLANs in one session.

(Optional) [, | -] Specify a series or range of interfaces. Enter a space before and after the comma; enter a space before and after the hyphen.

(Optional) Specify the direction of traffic to monitor. If you do not specify a traffic direction, the source interface sends both sent and received traffic.

•both—Monitor both received and sent traffic.

•rx—Monitor received traffic.

•tx—Monitor sent traffic.

Step 6

On a switch other than the Catalyst 3560E-12D switch:

monitor session session_number destination remote vlan vlan-id

On the Catalyst 3560E0-12D switch:

monitor session session_number destination remote vlan vlan-id destination-port group {a | b | c}

Specify the RSPAN session, the destination RSPAN VLAN, and the destination-port group.

For session_number, enter the number defined in Step 3.

For vlan-id, specify the source RSPAN VLAN to monitor.

For the Catalyst 3560E-12D switch, enter destination-port group {a | b | c} to specify the ports that carry RSPAN traffic.

Step 7

end

Return to privileged EXEC mode.

Step 8

show monitor [session session_number]

show running-config

Verify the configuration.

Step 9

copy running-config startup-config

(Optional) Save the configuration in the configuration file.

To delete a SPAN session, use the no monitor session session_number global configuration command.

To remove a source port or VLAN from the SPAN session, use the no monitor session session_number source {interface interface-id | vlan vlan-id} global configuration command. To remove the RSPAN VLAN from the session, use the no monitor session session_number destination remote vlan vlan-id.

This example shows how to remove any existing RSPAN configuration for session 1, configure RSPAN session 1 to monitor multiple source interfaces, and configure the destination as RSPAN VLAN 901.
Switch(config)# no monitor session 1
Switch(config)# monitor session 1 source interface gigabitethernet1/0/1 tx
Switch(config)# monitor session 1 source interface gigabitethernet1/0/2 rx
Switch(config)# monitor session 1 source interface port-channel 2 
Switch(config)# monitor session 1 destination remote vlan 901
Switch(config)# end
On the Catalyst 3560E-12D switch, this example shows how to remove any existing RSPAN configuration for session 1, configure RSPAN session 1 to monitor multiple source interfaces, and configure the destination as RSPAN VLAN 901.
Switch(config)# no monitor session 1
Switch(config)# monitor session 1 source interface gigabitethernet0/1 tx
Switch(config)# monitor session 1 source interface gigabitethernet0/2 rx
Switch(config)# monitor session 1 source interface port-channel 2 
Switch(config)# monitor session 1 destination remote vlan 901 destination-port group b
Switch(config)# end
Specifying VLANs to Filter

Beginning in privileged EXEC mode, follow these steps to configure the RSPAN source session to limit RSPAN source traffic to specific VLANs:

Command

Purpose

Step 1

configure terminal

Enter global configuration mode.

Step 2

no monitor session {session_number | all | local | remote}

Remove any existing SPAN configuration for the session.

For session_number, the range is 1 to 66.

Specify all to remove all SPAN sessions, local to remove all local sessions, or remote to remove all remote SPAN sessions.

Step 3

monitor session session_number source interface interface-id

Specify the characteristics of the source port (monitored port) and SPAN session.

For session_number, the range is 1 to 66. When entering this command on the Catalyst 3560E-12D switch, you can only enter 1 for the session_number.

For interface-id, specify the source port to monitor. The interface specified must already be configured as a trunk port.

Step 4

monitor session session_number filter vlan vlan-id [, | -]

Limit the SPAN source traffic to specific VLANs.

For session_number, enter the session number specified in step 3.

For vlan-id, the range is 1 to 4094.

(Optional) Use a comma (,) to specify a series of VLANs or use a hyphen (-) to specify a range of VLANs. Enter a space before and after the comma; enter a space before and after the hyphen.

Step 5

On a switch other than the Catalyst 3560E-12D switch:

monitor session session_number destination remote vlan vlan-id

On the Catalyst 3560E0-12D switch:

monitor session session_number destination remote vlan vlan-id destination-port group {a | b | c}

Specify the RSPAN session and the destination remote VLAN (RSPAN VLAN).

For session_number, enter the session number specified in Step 3.

For vlan-id, specify the RSPAN VLAN to carry the monitored traffic to the destination port.

For the Catalyst 3560E-12D switch, enter destination-port group {a | b | c} to specify the ports that carry RSPAN traffic.

Step 6

end

Return to privileged EXEC mode.

Step 7

show monitor [session session_number]

show running-config

Verify the configuration.

Step 8

copy running-config startup-config

(Optional) Save the configuration in the configuration file.

To monitor all VLANs on the trunk port, use the no monitor session session_number filter vlan global configuration command.

This example shows how to remove any existing configuration on RSPAN session 2, configure RSPAN session 2 to monitor traffic received on trunk port 2, and send traffic for only VLANs 1 through 5 and 9 to destination RSPAN VLAN 902.
Switch(config)# no monitor session 2
Switch(config)# monitor session 2 source interface gigabitethernet1/0/2 rx
Switch(config)# monitor session 2 filter vlan 1 - 5 , 9
Switch(config)# monitor session 2 destination remote vlan 902 
Switch(config)# end
On the Catalyst 3560E-12D switch, this example shows how to remove any existing configuration on RSPAN session 2, configure RSPAN session 2 to monitor traffic received on trunk port 2, and send traffic for only VLANs 1 through 5 and 9 to destination RSPAN VLAN 902.
Switch(config)# no monitor session 1
Switch(config)# monitor session 1 source interface gigabitethernet0/2 rx
Switch(config)# monitor session 1 filter vlan 1 - 5 , 9
Switch(config)# monitor session 1 destination remote vlan 902 destination-port group a
Switch(config)# end
Creating an RSPAN Destination Session

You configure the RSPAN destination session on a different switch or switch stack; that is, not the switch or switch stack on which the source session was configured.

Beginning in privileged EXEC mode, follow these steps to define the RSPAN VLAN on that switch, to create an RSPAN destination session, and to specify the source RSPAN VLAN and the destination port:

Command

Purpose

Step 1

configure terminal

Enter global configuration mode.

Step 2

vlan vlan-id

Enter the VLAN ID of the RSPAN VLAN created from the source switch, and enter VLAN configuration mode.

If both switches are participating in VTP and the RSPAN VLAN ID is from 2 to 1005, Steps 2 through 4 are not required because the RSPAN VLAN ID is propagated through the VTP network.

Step 3

remote-span

Identify the VLAN as an RSPAN VLAN.

Step 4

exit

Return to global configuration mode.

Step 5

no monitor session {session_number | all | local | remote}

Remove any existing RSPAN configuration for the session.

For session_number, the range is 1 to 66.

Specify all to remove all RSPAN sessions, local to remove all local sessions, or remote to remove all remote SPAN sessions.

Step 6

monitor session session_number source remote vlan vlan-id

Specify the RSPAN session and the source RSPAN VLAN.

For session_number, the range is 1 to 66. When entering this command on the Catalyst 3560E-12D switch, you can only enter 1 for the session_number.

For vlan-id, specify the source RSPAN VLAN to monitor.

Step 7

monitor session session_number destination interface interface-id

Specify the RSPAN session, the destination interface, and the destination-port group.

For session_number, enter the number defined in Step 6.

In an RSPAN destination session, you must use the same session number for the source RSPAN VLAN and the destination port.

For interface-id, specify the destination interface. The destination interface must be a physical interface.

Though visible in the command-line help string, encapsulation replicate is not supported for RSPAN. The original VLAN ID is overwritten by the RSPAN VLAN ID, and all packets appear on the destination port as untagged.

Step 8

end

Return to privileged EXEC mode.

Step 9

show monitor [session session_number]

show running-config

Verify the configuration.

Step 10

copy running-config startup-config

(Optional) Save the configuration in the configuration file.

To delete a SPAN session, use the no monitor session session_number global configuration command. To remove a destination port from the SPAN session, use the no monitor session session_number destination interface interface-id global configuration command. To remove the RSPAN VLAN from the session, use the no monitor session session_number source remote vlan vlan-id.

This example shows how to configure VLAN 901 as the source remote VLAN and port 1 as the destination interface:
Switch(config)# monitor session 3 source remote vlan 901
Switch(config)# monitor session 3 destination interface gigabitethernet2/0/1
Switch(config)# end
Creating an RSPAN Destination Session and Configuring Incoming Traffic

Beginning in privileged EXEC mode, follow these steps to create an RSPAN destination session, to specify the source RSPAN VLAN and the destination port, and to enable incoming traffic on the destination port for a network security device (such as a Cisco IDS Sensor Appliance).

For details about the keywords not related to incoming traffic, see the "Creating an RSPAN Destination Session" section on page 20. This procedure assumes that the RSPAN VLAN has already been configured.

Command

Purpose

Step 1

configure terminal

Enter global configuration mode.

Step 2

no monitor session {session_number | all | local | remote}

Remove any existing SPAN configuration for the session.

Step 3

monitor session session_number source remote vlan vlan-id

Specify the RSPAN session and the source RSPAN VLAN.

For session_number, the range is 1 to 66. When entering this command on the Catalyst 3560E-12D switch, you can only enter 1 for the session_number.

For vlan-id, specify the source RSPAN VLAN to monitor.

Step 4

monitor session session_number destination {interface interface-id [, | -] [ingress {dot1q vlan vlan-id | isl | untagged vlan vlan-id | vlan vlan-id}]}

Specify the SPAN session, the destination port, the packet encapsulation, the incoming VLAN and encapsulation, and the destination-port group.

For session_number, enter the number defined in Step 4.

In an RSPAN destination session, you must use the same session number for the source RSPAN VLAN and the destination port.

For interface-id, specify the destination interface. The destination interface must be a physical interface.

Though visible in the command-line help string, encapsulation replicate is not supported for RSPAN. The original VLAN ID is overwritten by the RSPAN VLAN ID, and all packets appear on the destination port as untagged.

(Optional) [, | -] Specify a series or range of interfaces. Enter a space before and after the comma; enter a space before and after the hyphen.

Enter ingress with additional keywords to enable forwarding of incoming traffic on the destination port and to specify the encapsulation type:

•dot1q vlan vlan-id—Forward incoming packets with IEEE 802.1Q encapsulation with the specified VLAN as the default VLAN.

•isl—Forward ingress packets with ISL encapsulation.

•untagged vlan vlan-id or vlan vlan-id—Forward incoming packets with untagged encapsulation type with the specified VLAN as the default VLAN.

Step 5

end

Return to privileged EXEC mode.

Step 6

show monitor [session session_number]

show running-config

Verify the configuration.

Step 7

copy running-config startup-config

(Optional) Save the configuration in the configuration file.

To delete an RSPAN session, use the no monitor session session_number global configuration command. To remove a destination port from the RSPAN session, use the no monitor session session_number destination interface interface-id global configuration command. The ingress options are ignored with the no form of the command.

This example shows how to configure VLAN 901 as the source remote VLAN in RSPAN session 2, to configure Gigabit Ethernet source port 2 as the destination interface, and to enable forwarding of incoming traffic on the interface with VLAN 6 as the default receiving VLAN.
Switch(config)# monitor session 2 source remote vlan 901
Switch(config)# monitor session 2 destination interface gigabitethernet1/0/2 ingress 
vlan 6 
Switch(config)# end
Addition of the "Fan Failures" Section to the Software Configuration Guide

This information is added to the "Troubleshooting" chapter of the Catalyst 3750-E and 3560-E Switch Software Configuration Guide.

Fan Failures

The fan failures feature is supported only on the Catalyst 3560E-12D switch. You can use this feature to avoid overheating the switch.

By default, the feature is disabled. When more than one of the fans in a field-replaceable unit (FRU) or in a power supply fails, the switch does not shut down, and this error message appears:
Multiple fan(FRU/PS) failure detected. System may get overheated. Change fan quickly.
The switch might overheat and shut down.

To enable the fan failures feature, enter the system env fan-fail-action shut privileged EXEC command. If more than one fan in the switch fails, the switch automatically shuts down, and this error message appears:
Faulty (FRU/PS) fans detected, shutting down system! 
After the first fan shuts down, if the switch detects a second fan failure, the switch waits for 20 seconds before it shuts down.

To restart the switch, it must be power cycled.

Updates to the monitor session command in the Command Reference

monitor session

Use the monitor session global configuration command on the switch stack or on a standalone switch to start a new Switched Port Analyzer (SPAN) session or Remote SPAN (RSPAN) source or destination session, to enable ingress traffic on the destination port for a network security device (such as a Cisco IDS Sensor Appliance), to add or delete interfaces or VLANs to or from an existing SPAN or RSPAN session, and to limit (filter) SPAN source traffic to specific VLANs. Use the no form of this command to remove the SPAN or RSPAN session or to remove source or destination interfaces or filters from the SPAN or RSPAN session. For destination interfaces, the encapsulation options are ignored with the no form of the command.

For all Catalyst 3750-E and 3560-E switches:

monitor session session_number filter vlan vlan-id [, | -]
monitor session session_number source {interface interface-id [, | -] [both | rx | tx]} | {vlan vlan-id [, | -] [both | rx | tx]}| {remote vlan vlan-id}
no monitor session {session_number | all | local | remote}
no monitor session session_number filter vlan vlan-id [, | -]
no monitor session session_number source {interface interface-id [, | -] [both | rx | tx]} | {vlan vlan-id [, | -] [both | rx | tx]}| {remote vlan vlan-id}
For a switch other than the Catalyst 3560E-12D switch:

monitor session session_number destination {interface interface-id [, | -] [encapsulation replicate] [ingress {dot1q vlan vlan-id | isl | untagged vlan vlan-id | vlan vlan-id}]} | {remote vlan vlan-id}
no monitor session session_number destination {interface interface-id [, | -] [encapsulation replicate] [ingress {dot1q vlan vlan-id | isl | untagged vlan vlan-id | vlan vlan-id}]} | {remote vlan vlan-id}
For the Catalyst 3560E-12D switch:

monitor session session_number destination {interface interface-id [, | -] [encapsulation replicate] [ingress {dot1q vlan vlan-id | isl | untagged vlan vlan-id | vlan vlan-id}]} | {remote vlan vlan-id} destination-port group {a | b | c}
no monitor session session_number destination {interface interface-id [, | -] [encapsulation replicate] [ingress {dot1q vlan vlan-id | isl | untagged vlan vlan-id | vlan vlan-id}]} | {remote vlan vlan-id} destination-port group {a | b | c}
Syntax Description

session_number

Specify the session number identified with the SPAN or RSPAN session. The range is 1 to 66. When entering this command on the Catalyst 3560E-12D switch, you can only enter 1 for the session_number.

destination

Specify the SPAN or RSPAN destination. A destination must be a physical port.

interface interface-id

Specify the destination or source interface for a SPAN or RSPAN session. Valid interfaces are physical ports (including type, stack member, module, and port number). For source interface, port channel is also a valid interface type, and the valid range is 1 to 48.

encapsulation replicate

(Optional) Specify that the destination interface replicates the source interface encapsulation method. If not selected, the default is to send packets in native form (untagged).

These keywords are valid only for local SPAN. For RSPAN, the RSPAN VLAN ID overwrites the original VLAN ID.

ingress

(Optional) Enable ingress traffic forwarding.

dot1q vlan vlan-id

Accept incoming packets with IEEE 802.1Q encapsulation with the specified VLAN as the default VLAN.

isl

Specify ingress forwarding using ISL encapsulation.

untagged vlan vlan-id

Accept incoming packets with untagged encapsulation with the specified VLAN as the default VLAN.

vlan vlan-id

When used with only the ingress keyword, set default VLAN for ingress traffic.

remote vlan vlan-id

Specify the remote VLAN for an RSPAN source or destination session. The range is 2 to 1001 and 1006 to 4094.

The RSPAN VLAN cannot be VLAN 1 (the default VLAN) or VLAN IDs 1002 to 1005 (reserved for Token Ring and FDDI VLANs).

,

(Optional) Specify a series of interfaces or VLANs, or separate a range of interfaces or VLANs from a previous range. Enter a space before and after the comma.

-

(Optional) Specify a range of interfaces or VLANs. Enter a space before and after the hyphen.

filter vlan vlan-id

Specify a list of VLANs as filters on trunk source ports to limit SPAN source traffic to specific VLANs. The vlan-id range is 1 to 4094.

source

Specify the SPAN or RSPAN source. A source can be a physical port, a port channel, or a VLAN.

both, rx, tx

(Optional) Specify the traffic direction to monitor. If you do not specify a traffic direction, the source interface sends both transmitted and received traffic.

source vlan vlan-id

Specify the SPAN source interface as a VLAN ID. The range is 1 to 4094.

all, local, remote

Specify all, local, or remote with the no monitor session command to clear all SPAN and RSPAN, all local SPAN, or all RSPAN sessions.

destination-port group {a | b | c}

This option is only supported on the Catalyst 35600-E-12D aggregator switch.

Specify the destination-port group to which the destination ports belong if you are configuring a RSPAN source session.

The switch supports these destination-port groups depending on the switch port configuration:

•a—tengigabitethernet 0/1 to tengigabitethernet 0/4 or gigabitethernet 0/1 to gigabitethernet 0/8

•b—tengigabitethernet 0/5 to tengigabitethernet 0/8 or gigabitethernet 0/9 to gigabitethernet 0/16

•c—tengigabitethernet 0/9 to tengigabitethernet 0/12 or gigabitethernet 0/17 to gigabitethernet 0/24

Defaults

No monitor sessions are configured.

On a source interface, the default is to monitor both received and sent traffic.

On a trunk interface used as a source port, all VLANs are monitored.

If encapsulation replicate is not specified on a local SPAN destination port, packets are sent in native form with no encapsulation tag.

Ingress forwarding is disabled on destination ports.

Command Modes

Global configuration

Command History

Release

Modification

12.2(35)SE2

This command was introduced.

12.2(40)EX

The destination-port group {a | b | c} keywords were added only for the Catalyst 3560E-12D switch.

Usage Guidelines

Traffic that enters or leaves source ports or source VLANs can be monitored by using SPAN or RSPAN. Traffic routed to source ports or source VLANs cannot be monitored.

You can set a combined maximum of two local SPAN sessions and RSPAN source sessions. You can have a total of 66 SPAN and RSPAN sessions on a switch or switch stack.

You can have a maximum of 64 destination ports on a switch or a switch stack.

Each session can include multiple ingress or egress source ports or VLANs, but you cannot combine source ports and source VLANs in a single session. Each session can include multiple destination ports.

When you use VLAN-based SPAN (VSPAN) to analyze network traffic in a VLAN or set of VLANs, all active ports in the source VLANs become source ports for the SPAN or RSPAN session. Trunk ports are included as source ports for VSPAN, and only packets with the monitored VLAN ID are sent to the destination port.

You can monitor traffic on a single port or VLAN or on a series or range of ports or VLANs. You select a series or range of interfaces or VLANs by using the [, | -] options.

If you specify a series of VLANs or interfaces, you must enter a space before and after the comma. If you specify a range of VLANs or interfaces, you must enter a space before and after the hyphen (-).

EtherChannel ports cannot be configured as SPAN or RSPAN destination ports. A physical port that is a member of an EtherChannel group can be used as a destination port, but it cannot participate in the EtherChannel group while it is as a SPAN destination.

A private-VLAN port cannot be configured as a SPAN destination port.

You can monitor individual ports while they participate in an EtherChannel, or you can monitor the entire EtherChannel bundle by specifying the port-channel number as the RSPAN source interface.

A port used as a destination port cannot be a SPAN or RSPAN source, nor can a port be a destination port for more than one session at a time.

You can enable IEEE 802.1x authentication on a port that is a SPAN or RSPAN destination port; however, IEEE 802.1x authentication is disabled until the port is removed as a SPAN destination. If IEEE 802.1x authentication is not available on the port, the switch returns an error message. You can enable IEEE 802.1x authentication on a SPAN or RSPAN source port.

VLAN filtering refers to analyzing network traffic on a selected set of VLANs on trunk source ports. By default, all VLANs are monitored on trunk source ports. You can use the monitor session session_number filter vlan vlan-id command to limit SPAN traffic on trunk source ports to only the specified VLANs.

VLAN monitoring and VLAN filtering are mutually exclusive. If a VLAN is a source, VLAN filtering cannot be enabled. If VLAN filtering is configured, a VLAN cannot become a source.

If ingress traffic forwarding is enabled for a network security device, the destination port forwards traffic at Layer 2.

Destination ports can be configured to act in these ways:

•When you enter monitor session session_number destination interface interface-id with no other keywords, egress encapsulation is untagged, and ingress forwarding is not enabled.

•When you enter monitor session session_number destination interface interface-id ingress, egress encapsulation is untagged; ingress encapsulation depends on the keywords that follow—dot1q, isl, or untagged.

•When you enter monitor session session_number destination interface interface-id encapsulation replicate with no other keywords, egress encapsulation replicates the source interface encapsulation; ingress forwarding is not enabled. (This applies to local SPAN only; RSPAN does not support encapsulation replication.)

•When you enter monitor session session_number destination interface interface-id encapsulation replicate ingress, egress encapsulation replicates the source interface encapsulation; ingress encapsulation depends on the keywords that follow—dot1q, isl, or untagged. (This applies to local SPAN only; RSPAN does not support encapsulation replication.)

•The Catalyst 3560E-12D switch supports only one source session (either a local SPAN or RSPAN source session).

•On the Catalyst 3560E-12D switch, you must specify the destination-port group for an RSPAN source session by entering the monitor session session_number destination remote vlan vlan-id destination-port group {a | b | c} global configuration command.

Examples

This example shows how to create a local SPAN session 1 to monitor both sent and received traffic on source port 1 on stack member 1 to destination port 2 on stack member 2:
Switch(config)# monitor session 1 source interface gigabitethernet1/0/1 both
Switch(config)# monitor session 1 destination interface gigabitethernet2/0/2
This example shows how to delete a destination port from an existing local SPAN session:
Switch(config)# no monitor session 2 destination gigabitethernet1/0/2
This example shows how to limit SPAN traffic in an existing session only to specific VLANs:
Switch(config)# monitor session 1 filter vlan 100 - 110
This example shows how to configure RSPAN source session 1 to monitor multiple source interfaces and to configure the destination RSPAN VLAN 900.
Switch(config)# monitor session 1 source interface gigabitethernet1/0/1 
Switch(config)# monitor session 1 source interface port-channel 2 tx
Switch(config)# monitor session 1 destination remote vlan 900
Switch(config)# end
On the Catalyst 3560E-12D switch, this example shows how to configure RSPAN source session 1 to monitor multiple source interfaces and to configure the destination RSPAN VLAN 900.
Switch(config)# monitor session 1 source interface gigabitethernet1/0/1 
Switch(config)# monitor session 1 source interface port-channel 2 tx
Switch(config)# monitor session 1 destination remote vlan 900 destination-group b
Switch(config)# end
This example shows how to configure an RSPAN destination session 10 in the switch receiving the monitored traffic.
Switch(config)# monitor session 10 source remote vlan 900
Switch(config)# monitor session 10 destination interface gigabitethernet1/0/2 
This example shows how to configure the destination port for ingress traffic on VLAN 5 by using a security device that supports IEEE 802.1Q encapsulation. Egress traffic replicates the source; ingress traffic uses IEEE 802.1Q encapsulation.
Switch(config)# monitor session 2 destination interface gigabitethernet1/0/2 encapsulation 
dot1q ingress dot1q vlan 5 
This example shows how to configure the destination port for ingress traffic on VLAN 5 by using a security device that does not support encapsulation. Egress traffic and ingress traffic is untagged.
Switch(config)# monitor session 2 destination interface gigabitethernet1/0/2 ingress 
untagged vlan 5 
You can verify your settings by entering the show monitor privileged EXEC command. You can display SPAN and RSPAN configuration on the switch by entering the show running-config privileged EXEC command. SPAN information appears near the end of the output.

Related Commands

Command

Description

remote-span

Configures an RSPAN VLAN in vlan configuration mode.

show monitor

Displays SPAN and RSPAN session information.

show running-config

Displays the operating configuration. For syntax information, use this link to the Cisco IOS Release 12.2 Command Reference listing page: http://www.cisco.com/en/US/products/sw/iosswrel/ps1835/prod_command_reference_list.html
Select the Cisco IOS Commands Master List, Release 12.2 to navigate to the command.

Updates to the show monitor command in the Command Reference

show monitor

Use the show monitor user EXEC command to display information about all Switched Port Analyzer (SPAN) and Remote SPAN (RSPAN) sessions on the switch. Use the command with keywords to show a specific session, all sessions, all local sessions, or all remote sessions.

show monitor [session {session_number | all | local | range list | remote} [detail]] [ | {begin | exclude | include} expression]
Syntax Description

session

(Optional) Display information about specified SPAN sessions.

session_number

Specify the number of the SPAN or RSPAN session. The range is 1 to 66. When entering this command on the Catalyst 3560E-12D switch, you can only enter 1 for the session_number.

all

Display all SPAN sessions.

local

Display only local SPAN sessions.

range list

Display a range of SPAN sessions, where list is the range of valid sessions, either a single session or a range of sessions described by two numbers, the lower one first, separated by a hyphen. Do not enter any spaces between comma-separated parameters or in hyphen-specified ranges.

Note This keyword is available only in privileged EXEC mode.

remote

Display only remote SPAN sessions.

detail

(Optional) Display detailed information about the specified sessions.

| begin

Display begins with the line that matches the expression.

| exclude

Display excludes lines that match the expression.

| include

Display includes lines that match the specified expression.

expression

Expression in the output to use as a reference point.

Command Modes

User EXEC

Command History

Release

Modification

12.2(35)SE2

This command was introduced.

Usage Guidelines

Expressions are case sensitive. For example, if you enter | exclude output, the lines that contain output do not appear, but the lines that contain Output appear.

The output is the same for the show monitor command and the show monitor session all command.

Examples

This is an example of output for the show monitor user EXEC command on a switch other than the Catalyst 3560E-12D switch:
Switch# show monitor
Session 1
---------
Type : Local Session
Source Ports :
RX Only : Gi4/0/1
Both : Gi4/0/2-3,Gi4/0/5-6
Destination Ports : Gi4/0/20
Encapsulation : Replicate
Ingress : Disabled
Session 2
---------
Type : Remote Source Session
Source VLANs :
TX Only : 10
Both : 1-9
Dest RSPAN VLAN : 105
This is an example of output for the show monitor user EXEC command for local SPAN source session 1:
Switch# show monitor session 1
Session 1
---------
Type : Local Session
Source Ports :
RX Only : Gi4/0/1
Both : Gi4/0/2-3,Gi4/0/5-6
Destination Ports : Gi4/0/20
Encapsulation : Replicate
Ingress : Disabled
This is an example of output for the show monitor session all user EXEC command when ingress traffic forwarding is enabled:
Switch# show monitor session all
Session 1
---------
Type : Local Session
Source Ports :
Both : Gi4/0/2
Destination Ports : Gi4/0/3
Encapsulation : Native
Ingress : Enabled, default VLAN = 5
Ingress encap : DOT1Q
Session 2
---------
Type : Local Session
Source Ports :
Both : Gi4/0/8
Destination Ports : Gi4/012
Encapsulation : Replicate
Ingress : Enabled, default VLAN = 4
Ingress encap : Untagged
This is an example of output for the show monitor user EXEC command on the Catalyst 3560E-12D switch. The destination-group information appears only when an RSPAN source session is configured on the switch.
Switch# show monitor
Session 1 
---------
Type : Remote Source Session
Source Ports : 
Both : Te0/7,Te0/10
Dest RSPAN VLAN : 900
Dest-port group : A = Te0/1-4, Gi0/1-8
Related Commands

Command

Description

monitor session

Starts or modifies a SPAN or RSPAN session.

Addition of the system env fan-fail-action shut Command in the Command Reference

The system env fan-fail-action shut privileged EXEC command is added to the Catalyst 3750-E and 3560-E Switch Command Reference:

system env fan-fail shutdown

Use the system env fan-fail-action shut global configuration command to configure the Catalyst 3560-E-12 switch to shut down when more than one fan fails. Use the no form of this command to return to the default setting.

system env fan-fail-action shut
no system env fan-fail-action shut
This command is supported only on the Catalyst 3560E-12D switch.

Syntax Description

This command has no arguments or keywords.

Defaults

By default, the fan failures feature is disabled.The Catalyst 3560E-12D switch does not shut down when more than one fan in a field-replaceable unit (FRU) or a power supply fails.

Command Modes

Global configuration

Command History

Release

Modification

12.2(40)EX

This command was introduced.

Usage Guidelines

To enable the fan failures feature, enter the system env fan-fail-action shut global configuration command. If more than one of the switch fans fail, the Catalyst 3560E-12D switch automatically shuts down.

To disable this feature and return to the default setting, enter the no system env fan-fail-action shut command.

For more information about the feature, see the "Addition of the "Fan Failures" Section to the Software Configuration Guide" section.

Examples

This example shows how to enable the fan failures feature:
Switch# configure terminal
Switch(config)# system env fan-fail-action shut
Switch(config)# end
Related Publications

You can order printed copies of documents with a DOC-xxxxxx= number from the Cisco.com sites and from the telephone numbers listed in the URL referenced in the "Obtaining Documentation, Obtaining Support, and Security Guidelines" section.

For more information about the switch, see these documents on Cisco.com:

•Catalyst 3750-E and Catalyst 3560-E Switch Hardware Installation Guide (not orderable, but available on Cisco.com).

•Regulatory Compliance and Safety Information for the Catalyst 3750-E and Catalyst 3560-E Switch (order number DOC-7817569=).

•Release Notes for the Catalyst 3750-E and Catalyst 3560-E Switch (not orderable but available on Cisco.com)

•Catalyst 3750-E and Catalyst 3560-E Switch Software Configuration Guide (not orderable, but available on Cisco.com).

•Cisco Software Activation and Compatibility Document (not orderable but available on Cisco.com)

•Catalyst 3750-E and Catalyst 3560-E Switch Command Reference (not orderable, but available on Cisco.com).

•Catalyst 3750-E and Catalyst 3560-E Switch System Message Guide (not orderable, but available on Cisco.com).

•Installation Notes for the Catalyst 3750-E, Catalyst 3560-E, and RPS 2300 Power Supply Modules (order number DOC-7817570=)

•Installation Notes for the Catalyst 3750-E and Catalyst 3560-E Switch Fan Module (order number DOC-7817571=)

•Installation Notes for the Cisco TwinGig Converter Module (order number DOC-7817572=)

•Cisco Redundant Power System 2300 Hardware Installation Guide (order number DOC-7817647=)

•Cisco Redundant Power System 2300 Compatibility Matrix (not orderable but available on Cisco.com)

Obtaining Documentation, Obtaining Support, and Security Guidelines

For information on obtaining documentation, obtaining support, providing documentation feedback, security guidelines, and also recommended aliases and general Cisco documents, see the monthly What's New in Cisco Product Documentation, which also lists all new and revised Cisco technical documentation, at:

http://www.cisco.com/en/US/docs/general/whatsnew/whatsnew.html

CCVP, the Cisco logo, and the Cisco Square Bridge logo are trademarks of Cisco Systems, Inc.; Changing the Way We Work, Live, Play, and Learn is a service mark of Cisco Systems, Inc.; and Access Registrar, Aironet, BPX, Catalyst, CCDA, CCDP, CCIE, CCIP, CCNA, CCNP, CCSP, Cisco, the Cisco Certified Internetwork Expert logo, Cisco IOS, Cisco Press, Cisco Systems, Cisco Systems Capital, the Cisco Systems logo, Cisco Unity, Enterprise/Solver, EtherChannel, EtherFast, EtherSwitch, Fast Step, Follow Me Browsing, FormShare, GigaDrive, HomeLink, Internet Quotient, IOS, iPhone, IP/TV, iQ Expertise, the iQ logo, iQ Net Readiness Scorecard, iQuick Study, LightStream, Linksys, MeetingPlace, MGX, Networking Academy, Network Registrar, PIX, ProConnect, ScriptShare, SMARTnet, StackWise, The Fastest Way to Increase Your Internet Quotient, and TransPath are registered trademarks of Cisco Systems, Inc. and/or its affiliates in the United States and certain other countries.
All other trademarks mentioned in this document or Website are the property of their respective owners. The use of the word partner does not imply a partnership relationship between Cisco and any other company. (0709R)

Hierarchical Navigation

Cisco Catalyst 3560-E Series Switches

Documentation Updates for the Catalyst 3560E-12D Switch

Downloads

Table Of Contents

Documentation Updates for the Catalyst 3560E-12D Switches

Updates to the "Configuring SPAN and RSPAN" Chapter in the Software Configuration Guide

Updates to the "SPAN and RSPAN Concepts and Terminology" Section

Updates to the "Source Ports" Section

Addition of the "Destination-Port Group" Section

Updates to the "Configuring Local SPAN" Section

SPAN Configuration Guidelines

Creating a Local SPAN Session

Creating a Local SPAN Session and Configuring Incoming Traffic

Specifying VLANs to Filter

Updates to the "Configuring RSPAN" Section

Creating an RSPAN Source Session

Specifying VLANs to Filter

Creating an RSPAN Destination Session

Creating an RSPAN Destination Session and Configuring Incoming Traffic

Addition of the "Fan Failures" Section to the Software Configuration Guide

Fan Failures

Updates to the monitor session command in the Command Reference

monitor session

Syntax Description

Defaults

Command Modes

Command History

Usage Guidelines

Examples

Related Commands

Updates to the show monitor command in the Command Reference

show monitor

Syntax Description

Command Modes

Command History

Usage Guidelines

Examples

Related Commands

Addition of the system env fan-fail-action shut Command in the Command Reference

system env fan-fail shutdown

Syntax Description

Defaults

Command Modes

Command History

Usage Guidelines

Examples

Related Publications

Obtaining Documentation, Obtaining Support, and Security Guidelines

All other trademarks mentioned in this document or Website are the property of their respective owners. The use of the word partner does not imply a partnership relationship between Cisco and any other company. (0709R)