-
Software Configuration Guide (4.5)
-
Index - Software Config Guide, Cat 5000,4000,2926G,2926 (4.5)
-
About This Guide
-
Product Overview
-
Command-Line Interfaces
-
Configuring the Supervisor Engine Software
-
Configuring Ethernet & Fast Ethernet Switching
-
Configuring Gigabit Ethernet Switching
-
Configuring Fast EtherChannel and Gigabit EtherChannel
-
Configuring Spanning Tree
-
Configuring Spanning-Tree PortFast, UplinkFast,& BackboneFast
-
Configuring VTP
-
Configuring VLANs
-
Configuring VLAN Trunks on Fast Ethernet and Gigabit Ethernet Ports
-
Configuring Dynamic Port VLAN Membership with VMPS
-
Checking Port Status and Connectivity
-
Administering the Switch
-
Controlling Access to the Switch Using Authentication
-
Using Redundant Supervisor Engines
-
Modifying the Switch Boot Configuration
-
Working With the Flash File System
-
Working With System Software Images
-
Working With Configuration Files
-
Configuring System Message Logging
-
Configuring DNS
-
Configuring CDP
-
Configuring NTP
-
Configuring Broadcast/Multicast Suppression
-
Configuring Protocol Filtering
-
Configuring IP Permit List
-
Configuring Secure Port Filtering
-
Configuring SNMP
-
Configuring RMON
-
Configuring SPAN
-
Using Switch TopN Reports
-
Configuring the Network Analysis Module
-
Configuring Multicast Services
-
Configuring ATM LAN Emulation
-
Configuring ATM PVCs and PVCs with Traffic Shaping
-
Configuring Multiprotocol Over ATM
-
Configuring the ATM Fabric Integration Module
-
Configuring InterVLAN Routing
-
Maintaining and Administering the RSM
-
Configuring the Layer 3 Fabric Integration Module
-
Configuring Multilayer Switching
-
Configuring NetFlow Data Export
-
Configuring FDDI/CDDI Switching
-
Configuring FDDI 802.10 Trunks
-
Configuring Token Ring Switching
-
Configuring Token Ring Filters
-
Table Of Contents
Configuring SPAN
This chapter describes how to configure the Switched Port Analyzer (SPAN) on the Catalyst 5000, 4000, 2948G, 2926G, and 2926 series switches.
Note
For complete syntax and usage information for the commands used in this chapter, refer to the Command Reference for your switch.
This chapter consists of these sections:
•
•
•
Understanding How SPAN Works
SPAN selects network traffic for analysis by a Catalyst 5000 series Network Analysis Module, a SwitchProbe device, or other RMON probe. SPAN mirrors traffic from one or more source ports (Ethernet, Fast Ethernet, Token Ring, or Fiber Distributed Data Interface [FDDI]) on the same virtual LAN (VLAN) to a destination port for analysis (see ).
Figure 31-1 Example SPAN Configuration
In , all traffic on Ethernet port 5 (the source port) is mirrored to Ethernet port 10. A network analyzer on Ethernet port 10 receives all network traffic from Ethernet port 5 without being physically attached to it.
SPAN Configuration Guidelines
Follow these guidelines when configuring SPAN:
•
•
•
•
•
•
•
•
Configuring SPAN from the NMS
To configure SPAN from the NMS, refer to the NMS documentation (see the "Using CiscoWorks2000" section).
Configuring SPAN from the CLI
Specify the source ports, the destination port, the direction of the traffic through the source ports that you want to mirror to the destination port, and whether or not the destination port can receive packets.
To configure a SPAN port, perform this task in privileged mode:
CautionIf the SPAN destination port is connected to another device and reception of incoming packets is enabled (using the inpkts enable keywords), the SPAN destination port receives traffic for whatever VLAN the SPAN destination port belongs to. However, the SPAN destination port does not participate in spanning tree for that VLAN. Therefore, take care to avoid creating network loops with the SPAN destination port. The inpkts keyword is available in supervisor engine software release 4.2 and later. In earlier releases, incoming packets are always received on the SPAN destination port. To avoid creating spanning-tree loops, assign the SPAN destination port to an unused VLAN.
This example shows how to configure SPAN so that both transmit and receive traffic from port 1/1 (the SPAN source) is mirrored on port 2/1 (the SPAN destination):
Console> (enable) set span 1/1 2/1Enabled monitoring of Port 1/1 transmit/receive traffic by Port 2/1Console> (enable) show spanStatus : enabledAdmin Source : Port 1/1Oper Source : Port 1/1Destination : Port 2/1Direction : transmit/receiveIncoming Packets: disabledConsole> (enable)This example shows how to set VLAN 522 as the SPAN source and port 2/1 as the SPAN destination:
Console> (enable) set span 522 2/1Enabled monitoring of VLAN 522 transmit/receive traffic by Port 2/1Console> (enable) show spanStatus : enabledAdmin Source : VLAN 522Oper Source : Port 3/1-2Destination : Port 2/1Direction : transmit/receiveIncoming Packets: disabledConsole> (enable)This example shows how to set VLAN 522 as the SPAN source and port 3/12 as the SPAN destination. Only transmit traffic is monitored. Normal incoming packets on the SPAN destination port are allowed.
Console> (enable) set span 522 2/12 tx inpkts enableSPAN destination port incoming packets enabled.Enabled monitoring of VLAN 522 transmit traffic by Port 2/12Console> (enable) show spanStatus : enabledAdmin Source : VLAN 522Oper Source : Port 2/1-2Destination : Port 2/12Direction : transmitIncoming Packets: enabledConsole> (enable)To disable SPAN, perform this task in privileged mode:
This example shows how to disable SPAN on the switch:
Console> (enable) set span disable 2/1This command will disable your span session.Do you want to continue (y/n) [n]?yDisabled port 2/1 to monitor transmit traffic of VLAN 522Console> (enable)
