Configure Switched Port Analyzer (SPAN) and Remote SPAN (RSPAN) on a Cisco Catalyst Switch that runs Cisco IOS Software
|
|
|
|
Introduction
The Switched Port Analyzer (SPAN) feature, which is sometimes called
port mirroring or port monitoring, selects network traffic for analysis by a
network analyzer such as Sniffer or other Remote Monitoring (RMON) probe such
as a SwitchProbe device. SPAN mirrors neither received or transmitted (or both)
traffic on a source port and received traffic on one or more source ports or
source VLANs, to a destination port for analysis.
This document provides instructions on how to configure SPAN on your
Catalyst Switches. This procedure applies to Cisco Catalyst switches 2900,
3550, 3560, 3560-E, 3750-E, CE 500 and 4500 that runs Cisco IOS
software.
To know more information about SPAN features, supported products, its
terminology and characteristics refer to the document
Prepare
to Configure Switched Port Analyzer on a Catalyst Switch.
Back to Top
Requirements
To perform the steps described in this document, you need to have this
equipment:
Back to Top
Configure SPAN on a Catalyst Express 500 Switch
This section explains how to configure SPAN on a Catalyst Express 500
switch with Cisco Network Assistant (CNA).
Connect your PC to the Catalyst Express 500 switch
Follow these steps to configure the Catalyst Express 500
switch:
-
Connect a straight-through Ethernet cable from the PC to an
available port on the Catalyst Express 500 switch.
-
Ensure that your PC has an IP address that matches the switch IP
address from field W19 of the Wireless Worksheet. For example, if the IP
address of the switch is 192.168.10.9, configure the PC with an IP address
between 192.168.10.10 and 192.168.10.254. For more detailed instructions on how
to configure an IP address on your PC, refer to
Configure
an IP Address on Your PC.
Connect to the Switch with CNA and configure SPAN
The Catalyst Express 500 supports only SPAN. RSPAN is not supported in
this switch.
Follow these steps to log in to the switch with CNA:
-
To launch CNA, go to Start >
Programs > Cisco Network Assistant >
Cisco Network Assistant on your PC.
-
When the Connect window opens, type Switch IP
address in the Connect To field, and click
Connect. For switch-IP-address , use the switch IP address
that you entered in field L8 of the LAN Addressing Worksheet.
-
In the Authentication window, enter the
administrative user name and password information that you entered in fields
B10 and B11 of your Internet Worksheet respectively.
Click Ok.
Note: If you are unable to connect to the switch with CNA, see
Troubleshoot the Procedure for help.
-
On the Features tab, click Configure >
Smartports. A window displays with a graphic illustration of
the switch.
Note: Smartports is a feature that helps you to apply consistent
configurations to ports based on roles that you assign to each port. CNA then
applies appropriate port settings for the connection type.
-
In the Smatports window, click any port you want
to connect the PC which has the traffic analyzer like sniffer in order to
capture the sniffer traces. You can use any Sniffer software in order to trace
the traffic once you set up the diagnostic port.
Click Modify.
-
In the Modify Port Roles window, configure the
port role and attributes.
-
Select Diagnostics from the Role
list.
-
Under Attributes, select the Source Port which you want to
monitor.
-
Under Attributes, select the VLAN from the Ingress VLAN drop down
menu to which the monitor source port belongs.
-
Click OK to close the pop-up
box.
Note: If you select none in the Ingress VLAN drop down menu, the port
only receives traffic. The Ingress VLAN allows the PC connected to the
Diagnostics port to send packets to the network that uses that VLAN.
-
The port is assigned with the desktop macro, which appears on the
switch illustration.
Click Apply and then click
OK.
-
Close the CNA application.
Back to Top
SPAN on the Catalyst 2900XL/3500XL Switches
The Catalyst 2900XL/3500XL switches supports only SPAN feature. RSPAN
is not supported in 2900XL/3500XL catalyst switches.
For more information on Catalyst 2900XL and 3500 XL features that are
available and restrictions refer to
Prepare
to Configure Switched Port Analyzer on a Catalyst Switch.
Network Diagram
In this diagram the Port Fast Ethernet 0/1 (Fa0/1) monitors traffic
that ports Fa0/2 and Fa0/5 send and receive. The Ports Fa0/1, Fa0/2, and Fa0/5
are all configured in VLAN 1. The Port Fa0/1 also monitors traffic to and from
the management interface VLAN 1.
The Port Fa0/4 monitors ports Fa0/3 and Fa0/6. Ports Fa0/3, Fa0/4, and
Fa0/6 are all configured in VLAN 2. Other ports and the management interface
are configured in the default VLAN 1.
Follow these steps to create two concurrent SPAN sessions on a Catalyst
2900XL or 3500XL Switch:
-
Connect a PC to the switch with a console
cable.
-
Create a HyperTerminal connection to your switch. For more
information, refer to
Create a
HyperTerminal Connection.
-
Log into the switch with the login and password that you entered in
fields B10 and B11 of the switch Worksheet.
Username:admin
Password:
Note: If you do not know the password for your switch, refer to
Manually
Reset the Password on a Catalyst Switch.
-
Type enable and press Enter to
access the privileged mode. Type the enable password that you entered in field
S5 of the Switch Port Assignment Worksheet.
switch>enable
Password:
switch#
-
Type configure terminal and press
Enter to enter the switch configuration mode.
switch#configure terminal
switch(config)#
-
To configure port fastethernet 0/1 as a destination port, type
interface fastethernet 0/1 and press
Enter.
Switch(config)#interface fastethernet 0/1
-
As shown in the network diagram, the source ports to be monitored
are Fa0/2 and Fa0/5, and the management interface (VLAN 1). Type port
monitor fastethernet 0/2 and press Enter.
Switch(config-if)#port monitor fastethernet 0/2
-
Type port monitor fastethernet 0/5 and press
Enter.
Switch(config-if)#port monitor fastethernet 0/5
Note: With the above two commands, every packet that these two ports
fastethernet 0/2 and fastethernet 0/5 receive or transmit is also copied to
port Fa0/1.
-
Type port monitor vlan 1 command, in order to
configure the administrative interface which is monitored. In this case VLAN
1.This command does not mean that port Fa0/1 monitors the entire VLAN 1. The
vlan 1 keyword simply refers to the administrative interface of the
switch.
Switch(config-if)#port monitor vlan 1
Note: You could not monitor a port which is in a different VLAN than
the destination port. For example if your source port is in VLAN 1 and
destination port is in VLAN 2 then to monitor the port is not possible.
-
Configure another SPAN session. This time, use Fa0/4 as a
destination SPAN port and FastEthernet 0/3 and FastEthernet 0/6 as source
ports. Type interface fastethernet 0/4 and press
Enter.
Switch(config-if)#interface fastethernet 0/4
-
Type port monitor fastethernet 0/3 and press
Enter.
Switch(config-if)#port monitor fastethernet 0/3
-
Type port monitor fastethernet 0/6 and press
Enter.
Switch(config-if)#port monitor fastethernet 0/6
-
Type end and press Enter.
Switch(config-if)#end
Switch#
-
Type show port monitor and press
Enter to verify your configuration.
Switch#show port monitor
Monitor Port Port Being Monitored
--------------------- ---------------------
FastEthernet0/1 VLAN1
FastEthernet0/1 FastEthernet0/2
FastEthernet0/1 FastEthernet0/5
FastEthernet0/4 FastEthernet0/3
FastEthernet0/4 FastEthernet0/6
Note: The Catalyst 2900XL and 3500XL do not support SPAN in the Rx
direction only (Rx SPAN or ingress SPAN) or in the Tx direction only (Tx SPAN
or egress SPAN). All SPAN ports are designed to capture both Rx and Tx
traffic.
Back to Top
SPAN on the Catalyst 2940, 2950, 2955, 2960, 2970, 3550, 3560, 3560-E, 3750, 3750-E and 4500 Series Switches
SPAN Configuration Guidelines
These are guidelines for the configuration of the SPAN feature on the
Catalyst 2940, 2950, 2955, 2960, 2970, 3550, 3560, 3560-E, 3750, 3750-E and
4500 Series Switches:
-
The 2940 switch supports only SPAN. RSPAN is not
supported.
-
The Catalyst 2950 Switches can have only one SPAN session active at a
time and can monitor only source ports. These switches could not monitor
VLANs.
-
The Catalyst 2950 and 3550 Switches can forward traffic on a
destination SPAN port in Cisco IOS Software Release 12.1(13) EA1 and
later.
-
The Catalyst 3550, 3560, and 3750 Switches can support up to two SPAN
sessions at a time and can monitor source ports as well as
VLANs.
-
The Catalyst 2970, 3560, and 3750 Switches do not require the
configuration of a reflector port when you configure an RSPAN
session.
-
The Catalyst 3750 Switches support session configuration with the use
of source and destination ports that reside on any of the switch stack
members.
-
Only one destination port is allowed per SPAN session, and the same
port could not be a destination port for multiple SPAN sessions. Therefore, you
could not have two SPAN sessions that use the same destination
port.
-
The SPAN feature configuration commands are similar on the Catalyst
2950 and Catalyst 3550. However, the Catalyst 2950 could not monitor the
VLANs.
Configure SPAN and RSPAN on a Catalyst Switch
The configuration procedure documented here uses Cisco Catalyst 3550
switch. For more information on SPAN, refer to
Prepare
to Configure Switched Port Analyzer on a Catalyst Switch.
The table shows the default settings for SPAN and RSPAN
Default SPAN and RSPAN Configuration
|
Feature
|
Default Setting
|
SPAN state
|
Disabled
|
Source port traffic to monitor
|
Both received and sent traffic (both); for additional source
ports or VLANs, only received (rx) traffic can be monitored
|
Encapsulation type (destination port)
|
Native form (no encapsulation type header)
|
Ingress forwarding (destination port)
|
Disabled
|
Back to Top
Configure SPAN
The SPAN feature is known as Local SPAN when the monitored ports are
all located on the same switch as the destination port.
SPAN Network Diagram
Creating a SPAN Session and Specify Ports to Monitor
Follow these steps to create a SPAN session and specify the source
(monitored) and destination (monitoring) ports:
This example shows how to set up a SPAN session 1 to monitor
bidirectional traffic from source port FastEthernet 0/1 to destination port
FastEthernet 2 where Sniffer is connected to analyze the
traffic.
-
In the privileged EXEC mode, type configure
terminal and press Enter to enter the switch
configuration mode.
switch#configure terminal
switch(config)#
-
Type monitor session session_number source interface
interface-id and press Enter to specify the SPAN
session and the source port (monitored port).
Switch(config)#monitor session 1 source interface fastethernet0/1
-
Type monitor session session_number destination interface
interface-id and press Enter to specify the SPAN
session and the destination port (monitoring port).
Switch(config)#monitor session 1 destination interface fastethernet0/2
-
Type exit and press Enter.
Switch(config)#exit
-
Type show monitor session 1 to display the status
of the current SPAN.
Switch#show monitor session 1
Session 1
---------
Type : Local Session
Source Ports :
Both : Fa0/1
Destination Ports : Fa0/2
Encapsulation : Native
Ingress : Disabled
Back to Top
Additional Configurations in SPAN
Creating a SPAN Session and Enabling Ingress Traffic
Follow these steps to create a SPAN session, to specify the source and
destination ports, and to enable ingress traffic on the destination port for a
network security device (such as a Cisco IDS Sensor Appliance).
This example shows how to configure the destination port for ingress
traffic on VLAN 5 by using a security device that does not support 802.1Q
encapsulation.
-
In the privileged EXEC mode, type configure
terminal and press Enter to enter the switch
configuration mode.
switch#configure terminal
switch(config)#
-
Type monitor session session_number source interface
interface-id and press Enter to specify the SPAN
session and the source port (monitored port).
Switch(config)#monitor session 1 source interface fastethernet0/1
-
Type monitor session session_number destination interface
interface-id ingress vlan vlan id and press Enter to
specify the SPAN session, the destination port (monitoring port), the packet
encapsulation, and the ingress VLAN.
Switch(config)#monitor session 1 destination interface Fa 0/2 ingress vlan 5
-
To configure the destination port for ingress traffic on VLAN 5 by
using a security device that supports 802.1Q encapsulation, type
monitor session session_number destination interface interface-id
encapsulation dot1q | isl}] ingress vlan vlan id and press
Enter.
Switch(config)#monitor session 1 destination interface Fa 0/2 encapsulation dot1q ingress vlan 5
-
To disable ingress traffic forwarding on the destination port, type
monitor session 1 destination interface Fa 0/5 encapsulation
dot1q and press Enter
Switch(config)#monitor session 1 destination interface Fa 0/2 encapsulation dot1q
-
Type exit and press Enter.
Switch(config)#exit
Switch#
-
Type show monitor session 1 to display the status
of the current SPAN.
Switch#show monitor session 1
Session 1
---------
Type : Local Session
Source Ports :
RX Only : None
TX Only : None
Both : Fa0/1
Source VLANs :
RX Only : None
TX Only : None
Both : None
Source RSPAN VLAN : None
Destination Ports : Fa0/5
Encapsulation : DOT1Q
Ingress : Enabled, default VLAN = 5
Reflector Port : None
Filter VLANs : None
Dest RSPAN VLAN : None
Specifying VLANs to Monitor
Follow these steps to specify VLANs to monitor:
This example shows how to configure SPAN session 2 to monitor received
traffic on all ports that belongs to VLANs 1 through 3, and send it to
destination port 7.
-
In the privileged EXEC mode, type configure
terminal and press Enter to enter the switch
configuration mode.
switch#configure terminal
switch(config)#
-
Type monitor session 2 source vlan {span source vlan-id}
{rx tx both} and press Enter to specify the SPAN
session and the source VLANs (monitored VLANs).
Switch(config)#monitor session 2 source vlan 1 - 3 both
Note: On a Catalyst 3550 switch, you can monitor only received (rx)
traffic on VLANs.
-
Type monitor session 2 destination interface
gigabitethernet0/7 and press Enter to specify the
SPAN session and the destination port (monitoring port).
Switch(config)#monitor session 2 destination interface gigabitethernet0/7
-
Type exit and press Enter.
Switch(config)#exit
Switch#
Specifying VLANs to Filter
When you monitor a trunk port as a source port, by default, all VLANs
active on the trunk are monitored. You can limit the SPAN traffic which is
monitored on trunk source ports to specific VLANs through VLAN.
Follow these steps to specify VLANs to Filter:
This example shows how to clear any configuration that exists on SPAN
session 2, configure SPAN session 2 to monitor traffic received on trunk port
4, and send traffic for only VLANs 1 through 5 and 9 to destination port
8.
-
In the privileged EXEC mode, type configure
terminal and press Enter to enter the switch
configuration mode.
switch#configure terminal
switch(config)#
-
Type no monitor session {session_number | all | local |
remote} and press Enter to clear any SPAN
configuration that exists for the session. For session_number, specify 1 or 2.
Specify all to remove all SPAN sessions,
local to remove all local sessions, or remote
to remove all remote SPAN sessions.
Switch(config)#no monitor session 2
-
Type monitor session {session_number} source interface
{interface-id} rx and press Enter to specify the
characteristics of the source port (monitored port) and SPAN session.
Switch(config)#monitor session 2 source interface gigabitethernet0/4 rx
-
Type monitor session {session_number} filter vlan
{vlan-id} and press Enter to limit the SPAN source
traffic to specific VLANs.
Switch(config)#monitor session 2 filter vlan 1 - 5 , 9
-
Type monitor session {session_number} destination interface
{interface-id} and press Enter to specify the
characteristics of the destination port (monitoring port) and SPAN
session.
Switch(config)#monitor session 2 destination interface gigabitethernet0/8
-
Type exit and press Enter.
Switch(config)#exit
Switch#
Back to Top
Configure RSPAN
Some source ports are not located on the same switch as the destination
port. RSPAN extends SPAN by enabling remote monitoring of multiple switches
across your network and allows you to configure source port (monitored port) in
one switch and destination port (monitoring port) in other remote switch. RSPAN
is an advanced feature that requires a special VLAN to carry the traffic that
is monitored by SPAN between switches.
RSPAN Configuration Guidelines
Follow these guidelines while you configure RSPAN:
-
For RSPAN configuration, you can distribute the source ports and the
destination ports across multiple switches in your network.
-
A port could not serve as an RSPAN source port or RSPAN destination
port while designated as an RSPAN reflector port.
-
When you configure a switch port as a reflector port, it is no longer
a normal switch port; only looped-back traffic passes through the reflector
port.
-
RSPAN does not support BPDU packet monitoring or other Layer 2 switch
protocols.
-
The RSPAN VLAN is configured only on trunk ports and not on access
ports. To avoid unwanted traffic in RSPAN VLANs, make sure that the VLAN
remote-span feature is supported in all the switches that participate. Access
ports on the RSPAN VLAN are silently disabled.
-
RSPAN VLANs are included as sources for port-based RSPAN sessions
when source trunk ports have active RSPAN VLANs. RSPAN VLANs can also be
sources in SPAN sessions.
-
You can configure any VLAN as an RSPAN VLAN as long as these
conditions are met:
-
No access port is configured in the RSPAN VLAN.
-
The same RSPAN VLAN is used for an RSPAN session in all the
switches.
-
All switches that participate support
RSPAN.
-
The RSPAN VLAN could not be VLAN 1 (the default VLAN) or VLAN IDs
1002 through 1005 (reserved to Token Ring and FDDI VLANs).
-
You must create an RSPAN VLAN before you configure an RSPAN source or
destination session.
-
If you enable VTP and VTP pruning, RSPAN traffic is pruned in the
trunks to prevent the unwanted flooding of RSPAN traffic across the network for
VLAN-IDs that are lower than 1005.
-
RSPAN traffic is carried across a network on an RSPAN VLAN, the
original VLAN association of the mirrored packets is lost. Therefore, RSPAN can
only support forwarding of traffic from an IDS device onto a single
user-specified VLAN.
Create a RSPAN VLAN
Follow these steps to create a RSPAN VLAN on a Catalyst
Switch:
-
In the privileged EXEC mode, type configure
terminal and press Enter to enter the switch
configuration mode.
switch#configure terminal
switch(config)#
-
Type vlan {vlan-id} and press
Enter to create a RSPAN VLAN for the RSPAN session in any of
the switches that participate in RSPAN.
Switch(config)#vlan 901
Note: With VTP enabled in the network, you can create the RSPAN VLAN in
one switch, and VTP propagates it to the other switches in the VTP domain for
VLAN-IDs that are lower than 1005.
-
Type remote-span and press
Enter.
Switch(config-vlan)#remote-span
-
Type end and press Enter to
return to privileged EXEC mode.
Switch(config-vlan)#end
switch#
Creating a RSPAN Source Session
Follow these steps to create a RSPAN source session and to specify the
source (monitored) ports and the destination RSPAN VLAN.
This example shows how to clear any RSPAN configuration that exists for
session 1, configure RSPAN session 1 to monitor multiple source interfaces, and
configure the destination RSPAN VLAN and the reflector-port.
-
In the privileged EXEC mode, type configure
terminal and press Enter to enter the switch
configuration mode.
switch#configure terminal
switch(config)#
-
Type no monitor session {session_number | all | local |
remote} and press Enter to clear any SPAN
configuration that exists for the session. For session_number, specify 1 or 2.
Specify all to remove all SPAN sessions,
local to remove all local sessions, or remote
to remove all remote SPAN sessions.
Switch(config)#no monitor session 1
-
Type monitor session session_number source interface
interface-id [both | rx | tx] and press Enter to
specify the RSPAN session and the source port (monitored port).
Switch(config)#monitor session 1 source interface fastEthernet0/10 tx
-
Type monitor session session_number source interface
interface-id [both | rx | tx] and press Enter to
specify the RSPAN session and the source port (monitored port).
Switch(config)#monitor session 1 source interface fastEthernet0/2 rx
-
Type monitor session session_number source interface
port-channel port-channel interface number [both | rx | tx] and press
Enter to specify the RSPAN session and the Ethernet Channel of
interfaces as source port (monitored port).
Switch(config)#monitor session 1 source interface port-channel 102 rx
-
Type monitor session session_number destination remote vlan
vlan-id reflector-port interface-id and press Enter
to specify the RSPAN session, the destination remote VLAN, and the reflector
port.
Switch(config)#monitor session 1 destination remote vlan 901 reflector-port fastEthernet0/1
-
Type exit and press Enter to
return to privileged EXEC mode.
Switch(config)#exit
switch#
-
Type show monitor session 1 to display the status
of the current RSPAN source session.
Switch#show monitor session 1
Session 1
---------
Type : Remote Source Session
Source Ports :
RX Only : Fa0/2
TX Only : Fa0/10
Source VLANs :
RX Only : none
Reflector Port : Fa0/1
Dest RSPAN VLAN : 901
Specifying VLANs to Monitor
Follow these steps to specify VLANs to monitor:
This example shows how to configure SPAN session 2 to monitor received
traffic on all ports that belongs to VLANs 1 through 3, and send it to
destination port 7.
-
In the privileged EXEC mode, type configure
terminal and press Enter to enter the switch
configuration mode.
switch#configure terminal
switch(config)#
-
Type monitor session 2 source vlan {span source vlan-id}
{rx tx both} and press Enter to specify the SPAN
session and the source VLANs (monitored VLANs).
Switch(config)#monitor session 2 source vlan 1 - 3 both
Note: On a Catalyst 3550 switch, you can monitor only received (rx)
traffic on VLANs.
-
Type monitor session session_number destination remote vlan
vlan-id reflector-port interface-id and press Enter
to Specify the RSPAN session, the destination remote VLAN, and the reflector
port.
Switch(config)#monitor session 2 destination remote vlan 901 reflector-port gigabitethernet0/7
-
Type exit and press Enter.
Switch(config)#exit
Switch#
Specifying VLANs to Filter
When you monitor a trunk port as a RSPAN source port, by default, all
VLANs active on the trunk are monitored. You can limit the SPAN traffic which
is monitored on trunk source ports to specific VLANs through VLAN.
Follow these steps to specify VLANs to Filter:
This example shows how to clear any configuration that exists on RSPAN
session 2, configure RSPAN session 2 to monitor traffic received on trunk port
4, and send traffic for only VLANs 1 through 5 and 9 to destination port
8.
-
In the privileged EXEC mode, type configure
terminal and press Enter to enter the switch
configuration mode.
switch#configure terminal
switch(config)#
-
Type no monitor session {session_number | all | local |
remote} and press Enter to clear any SPAN
configuration that exists for the session. For session_number, specify 1 or 2.
Specify all to remove all SPAN sessions,
local to remove all local sessions, or remote
to remove all remote SPAN sessions.
Switch(config)#no monitor session 2
-
Type monitor session {session_number} source interface
{interface-id} rx and press Enter to specify the
characteristics of the source port (monitored port) and SPAN session.
Switch(config)#monitor session 2 source interface gigabitethernet0/4 rx
-
Type monitor session {session_number} filter vlan
{vlan-id} and press Enter to limit the SPAN source
traffic to specific VLANs.
Switch(config)#monitor session 2 filter vlan 1 - 5 , 9
-
Type monitor session session_number destination remote vlan
vlan-id reflector-port interface-id and press Enter
to specify the RSPAN session, the destination remote VLAN, and the reflector
port.
Switch(config)#monitor session 2 destination remote vlan 901 reflector-port gigabitethernet0/8
-
Type exit and press Enter.
Switch(config)#exit
Switch#
Creating an RSPAN Destination Session
Log into the remote switch, where you have the destination port
(monitoring port) and follow these steps to create an RSPAN destination session
and to specify the source RSPAN VLAN and the destination port:
This example shows how to configure VLAN 901 as the source remote VLAN
and port 5 as the destination interface:
-
In the privileged EXEC mode of the remote switch, type
configure terminal and press Enter to enter
the switch configuration mode.
switch#configure terminal
switch(config)#
-
Type monitor session session_number source remote vlan
vlan-id and press Enter to Specify the RSPAN session
and the source RSPAN VLAN.
Switch(config)#monitor session 1 source remote vlan 901
-
Type monitor session session_number destination interface
interface-id [encapsulation {dot1q | isl}] and press
Enter to specify the RSPAN session and the destination
interface.
Switch(config)#monitor session 1 destination interface fastEthernet0/5
-
Type exit and press Enter to
return to privileged EXEC mode.
Switch(config)#exit
switch#
Creating an RSPAN Destination Session and Enabling Ingress Traffic
Follow these steps to create an RSPAN destination session, to specify
the source RSPAN VLAN, and to enable ingress traffic on the destination port
for a network security device (such as a Cisco IDS Sensor Appliance):
This example shows how to configure VLAN 901 as the source remote VLAN
and how to configure the destination port for ingress traffic on VLAN 5 by
using a security device that supports 802.1Q encapsulation:
-
In the privileged EXEC mode, type configure
terminal and press Enter to enter the switch
configuration mode.
switch#configure terminal
switch(config)#
-
Type monitor session session_number source remote vlan
vlan-id and press Enter to Specify the RSPAN session
and the source RSPAN VLAN.
Switch(config)#monitor session 1 source remote vlan 901
-
Type monitor session session_number destination interface
interface-id [encapsulation {dot1q [ingress vlan vlan id] | ISL [ingress]} |
ingress vlan vlan id] and press Enter to specify the
RSPAN session, the destination port, the packet encapsulation, and the ingress
VLAN.
Switch(config)#monitor session 1 destination interface fastEthernet0/5 ingress vlan 5
Type show monitor session 1 to display the
status of the current RSPAN destination session.
Switch#sh monitor session 1
Session 1
---------
Type : Remote Destination Session
Source RSPAN VLAN : 901
Destination Ports : Fa0/5
Encapsulation : Native
Ingress : Enabled, default VLAN = 5
Ingress encap : Untagged
Back to Top
Next Step
You have completed this procedure.
To make further changes to your switch, refer to the
Switch
Support Page.
To configure other devices in your network, refer to the
Configuration
Overview Page.
Back to Top
Troubleshoot the Procedure
This section provides information about common problems that you may
encounter. If this information does not solve your problem, contact the
SMB
Technical Assistance Center (SMB TAC) for assistance.
Problem
|
Cause(s) and Suggested Solution(s)
|
The switch boots and displays several error messages but does
not display a prompt in HyperTerminal.
|
Press Enter to clear the output and display
the switch prompt.
For further assistance, contact the
SMB
Technical Assistance Center (SMB TAC).
|
The ports which are spanned to be monitored shows the status as
UP/DOWN.
|
When you configure a SPAN session to monitor the port, the
destination interface shows the state down (monitoring), by design. The
interface shows the port in this state in order to make it evident that the
port is currently not usable as a production port. The port as up/down
monitoring is normal.
|
Back to Top
Related Information
