Overview
Learn how to set up and manage local SPAN to mirror traffic for network analysis on a single router. This chapter covers general configuration, filtering with ACLs, rate limiting, and provides essential guidelines and restrictions for implementation.
It explains how Local SPAN copies traffic from source interfaces or VLANs to a destination port on the same device for analysis.
Local SPAN
This section explains Local SPAN, a basic traffic mirroring feature that copies traffic between source and destination interfaces on the same router. It provides a definition of the feature and includes a history of supported hardware and software releases.
Configuration guidelines for local SPAN
This section provides key guidelines for local SPAN, including supported traffic types, interface requirements, and session limits. It outlines how to effectively use the feature for ingress traffic mirroring across various physical and bundle interface configurations.
Restrictions for local SPAN
This section provides the generic and ACL-specific restrictions for implementing local SPAN, such as limitations on egress mirroring and interface types. Understanding these constraints ensures proper configuration and avoids unsupported setups.
Configure local SPAN
Use this procedure to configure a local SPAN session by defining a destination interface and attaching it to specific source interfaces. It also describes how to verify the session status and view internal statistics to ensure successful traffic mirroring.
Local SPAN with ACLs
This section explains how local SPAN uses Access Control Lists (ACLs) to filter and mirror ingress traffic based on specific capture criteria. It details the benefits of selective mirroring for both permitted and denied packets to enhance network monitoring and security.
Local SPAN rate limit
This section explains the local SPAN rate limit feature, which enables rate limiting at the session level using traffic classes.