Cisco Systems WSC2960X24TSL, WSC2960X24TDL, WSC2960X48TSL, WSC2960X24PSL, C2960XSTACK Span Sessions

Page 83

Configuring SPAN and RSPAN

SPAN and RSPAN

SPAN Sessions

SPAN sessions (local or remote) allow you to monitor traffic on one or more ports, or one or more VLANs, and send the monitored traffic to one or more destination ports.

A local SPAN session is an association of a destination port with source ports or source VLANs, all on a single network device. Local SPAN does not have separate source and destination sessions. Local SPAN sessions gather a set of ingress and egress packets specified by the user and form them into a stream of SPAN data, which is directed to the destination port.

RSPAN consists of at least one RSPAN source session, an RSPAN VLAN, and at least one RSPAN destination session. You separately configure RSPAN source sessions and RSPAN destination sessions on different network devices. To configure an RSPAN source session on a device, you associate a set of source ports or source VLANs with an RSPAN VLAN. The output of this session is the stream of SPAN packets that are sent to the RSPAN VLAN. To configure an RSPAN destination session on another device, you associate the destination port with the RSPAN VLAN. The destination session collects all RSPAN VLAN traffic and sends it out the RSPAN destination port.

An RSPAN source session is very similar to a local SPAN session, except for where the packet stream is directed. In an RSPAN source session, SPAN packets are re-labeled with the RSPAN VLAN ID and directed over normal trunk ports to the destination switch.

An RSPAN destination session takes all packets received on the RSPAN VLAN, strips off the VLAN tagging, and presents them on the destination port. Its purpose is to present a copy of all RSPAN VLAN packets (except Layer 2 control packets) to the user for analysis.

There can be more than one source session and more than one destination session active in the same RSPAN VLAN. There can also be intermediate switches separating the RSPAN source and destination sessions. These switches need not be capable of running RSPAN, but they must respond to the requirements of the RSPAN VLAN.

Monitored Traffic

SPAN sessions can monitor these traffic types:

Receive (Rx) SPANReceive (or ingress) SPAN monitors as much as possible all of the packets received by the source interface or VLAN before any modification or processing is performed by the switch. A copy of each packet received by the source is sent to the destination port for that SPAN session.

Packets that are modified because of routing or quality of service (QoS)for example, modified Differentiated Services Code Point (DSCP)are copied before modification.

Features that can cause a packet to be dropped during receive processing have no effect on ingress SPAN; the destination port receives a copy of the packet even if the actual incoming packet is dropped. These features include IP standard and extended input access control lists (ACLs), ingress QoS policing, VLAN ACLs, and egress QoS policing.

Transmit (Tx) SPANTransmit (or egress) SPAN monitors as much as possible all of the packets sent by the source interface after all modification and processing is performed by the switch. A copy of each packet sent by the source is sent to the destination port for that SPAN session. The copy is provided after the packet is modified.

Packets that are modified because of routing (for example, with modified time-to-live (TTL), MAC address, or QoS values) are duplicated (with the modifications) at the destination port.

Features that can cause a packet to be dropped during transmit processing also affect the duplicated copy for SPAN. These features include IP standard and extended output ACLs and egress QoS policing.

Catalyst 2960-X Switch Network Management Configuration Guide, Cisco IOS Release 15.0(2)EX

OL-29044-01

71

Page 82 Page 84
Image 83
Page 82 Page 84
Contents First Published July 10 Americas HeadquartersPage N T E N T S Configuring the Cisco Discovery Protocol Configuring Simple Network Management Protocol Rspan Vlan Vii Viii Bold font Document ConventionsConvention Description Reader Alert Conventions Related Documentation Obtaining Documentation and Submitting a Service RequestXii Command Modes Information About Using the Command-Line InterfaceCtrl-Z Mode Access Method Prompt Exit Method About This ModeConfigure QuitHelp Using the Help SystemCommand or Action Purpose Step ModeCLI Error Messages Understanding Abbreviated CommandsNo and default Forms of Commands Error Message Meaning How to Use the CLI to Configure FeaturesConfiguration Logging Configuring the Command HistoryCommand or Action Changing the Command History Buffer SizeRecalling Commands Terminal no history Enabling and Disabling Editing FeaturesDisabling the Command History Feature Privileged Exec modeEditing Commands through Keystrokes Editing Command Lines That Wrap Show more command begin include exclude Searching and Filtering Output of show and more CommandsAccess-list Show more command begin include exclude regular-expressionCommand or Action Example OL-29044-01 Prerequisites for Configuring the Configuration Engine Finding Feature InformationRelated Topics Restrictions for Configuring the Configuration EngineInformation About Configuring the Configuration Engine Cisco Configuration Engine SoftwareCisco Configuration Engine Architectural Overview Configuration ServiceNameSpace Mapper Event ServiceCisco Networking Services IDs and Device Hostnames ConfigIDHostname and DeviceID Hostname, DeviceID, and ConfigIDDeviceID Cisco IOS CNS Agents Initial ConfigurationDevice Required Configuration Automated CNS ConfigurationIncremental Partial Configuration Synchronized ConfigurationEnd How to Configure the Configuration EngineConfigure terminal Enabling the CNS Event AgentReconnect-time time backup Configure terminal Enters the global configuration modeEnabling the Cisco IOS CNS Agent Cns config initial hostname ip-addressCns config partial hostname ip-address End Returns to privileged Exec mode Enabling an Initial Configuration for Cisco IOS CNS AgentCommand or Action Purpose On the switchExit Hostname name Configure terminal Cns template connect nameDiscover controller controller-typedlci Exit Returns to global configuration modeExit Hostname string string udi event image commandSource ip-address syntax-check Port-number event no-persistShow cns event connections Show cns config connectionsRefreshing DeviceIDs No cns event ip-address port-number Cns config partial ip-addresshostname Enabling a Partial Configuration for Cisco IOS CNS AgentCommand Purpose Monitoring CNS ConfigurationsCisco IOS 15.02EX Additional ReferencesTechnical Assistance Description Link Release ModificationCDP Overview Information About CDPFeature How to Configure CDPDefault CDP Configuration Configuring CDP CharacteristicsOptional Configures CDP to send Version-2 advertisements Disabling CDP Configure terminal No cdp run EndNo cdp run Disables CDP Enabling CDP Configure terminal Cdp run EndCdp run Enables CDP if it has been disabled Specifies the interface on which you are disabling CDP No cdp enable EndEnters interface configuration mode Disabling CDP on an InterfaceEnabling CDP on an Interface Cdp enable EndSpecifies the interface on which you are enabling CDP Cdp enable Enables CDP on a disabled interfaceCommand Description Monitoring and Maintaining CDPRelated Documents Related Topic Document Title CommandShow cdp neighbors interface-id Show cdp trafficFeature History and Information for Cisco Discovery Protocol Supported Snmp Versions Prerequisites for SnmpModel Level Authentication Encryption Result SHA Snmp Manager Functions Restrictions for SnmpInformation About Snmp Snmp OverviewSnmp Community Strings Snmp MIB Variables AccessSnmp Agent Functions Snmp ifIndex MIB Object Values Snmp NotificationsInterface Type Default Snmp ConfigurationSnmp Configuration Guidelines Feature Default SettingDisabling the Snmp Agent How to Configure SnmpConfigure terminal No snmp-server End No snmp-server Disables the Snmp agent operation Configuring Community StringsSwitchconfig# access-list 4 deny any Snmp-server engineID local Configuring Snmp Groups and UsersSnmp-server user username V1 is the least secure of the possible security modelsIntegers twice the normal width End Example Configuring Snmp NotificationsNotification Type Keyword Description Rtr Snmp-server enable traps port-securitySnmp-server enable traps port-security trap-rate rate Port-securitySnmp-server user username group-nameremote V2c access access-list v3 encrypted accessRange is 1 to 1000 the default is Setting the Agent Contact and Location Information Snmp-server location text Sets the system location string Limiting Tftp Servers Used Through SnmpSnmp-server contact text Sets the system contact string Snmp-server tftp-server-list Monitoring Snmp StatusSnmp Examples Switchconfig# snmp-server enable traps entity Prerequisites for Span and Rspan Configuring Span and RspanRspan Restrictions for Span and RspanFlow-Based Span Fspan and Flow-Based Rspan Frspan Local Span Information About Span and RspanSpan and Rspan Remote Span Example of Local Span Configuration on a Single DeviceSpan and Rspan Concepts and Terminology Example of Rspan ConfigurationSpan Sessions Source Ports Source VLANs Rspan Vlan Span and Rspan Interaction with Other Features Span and Rspan and Device Stacks Flow-Based SpanSpan Configuration Guidelines Default Span and Rspan ConfigurationConfiguration Guidelines Creating a Local Span Session How to Configure Span and RspanRspan Configuration Guidelines Fspan and Frspan Configuration GuidelinesBoth rx tx Monitor session sessionnumber sourceEnd Local remote No monitor session sessionnumber allSpecifying VLANs to Filter Command or Action PurposeMonitor session sessionnumber filter vlan Configuring a Vlan as an Rspan VlanRemote-span Remote-span EndCreating an Rspan Source Session Destination remote vlan vlan-id Monitor session sessionnumberSwitchconfig# no monitor session Creating an Rspan Destination Session Remote vlan vlan-id Switchconfig# monitor session 2 source remote vlan Configure terminal Enters global configuration mode Configuring an Fspan SessionMonitor session sessionnumber source Configuring an Frspan Session Detailed Steps Show monitor Or Frspan configurationMonitoring Span and Rspan Operations Example Configuring Local Span Span and Rspan Configuration ExamplesExamples Creating an Rspan Vlan Feature History and Information for Span and RspanLimit IPv4, IPv6 or IPv4 + IPv6, or D E Span sessions
Related manuals
Manual 18 pages 20.28 Kb

WSC2960X24TSL, C2960XSTACK, WSC2960X24PDL, WSC2960X24TSLL, WSC2960X24PSL specifications

Cisco Systems has long been a leader in networking technology, and its range of switching products exemplifies its commitment to high performance and reliability. Among its popular offerings are the Catalyst 2960-X and 2960-XR series switches, including models like WSC2960X48TSL, WSC2960XR48FPDI, WSC2960XR24TDI, and WSC2960XR48LPDI. These switches are designed to deliver efficient Layer 2 and Layer 3 capabilities, making them ideal for enterprise and small to medium-sized business networks.

The WSC2960X48TSL model boasts 48 Ethernet ports, providing ample connectivity for various devices. It supports Power over Ethernet (PoE), making it suitable for powering IP cameras, wireless access points, and VoIP phones. The switch also features Cisco’s Smart Operations technology, which simplifies network management and enhances user experience through automated features such as Cisco Auto Smartports and Auto QoS.

Turning to the WSC2960XR48FPDI, this version also features 48 ports but with enhanced redundancy and power capabilities, making it suitable for critical applications where uptime is paramount. This switch offers dual power supply options, ensuring that even in the event of a power failure, network operations continue seamlessly. Its Flexible NetFlow feature enables enhanced visibility and monitoring of traffic, allowing businesses to optimize their bandwidth usage and troubleshoot issues more efficiently.

The WSC2960XR24TDI model, with its 24 ports, is perfectly designed for networks with fewer devices yet still demands robust performance. It also includes advanced security features, such as IEEE 802.1X port-based authentication, enhancing the protection of sensitive data and communications within the network.

Lastly, the WSC2960XR48LPDI model is tailored for environments that require high availability and robust performance, featuring 48 ports along with Layer 3 static routing capabilities. With its support for IPv6 and advanced QoS features, this switch is prepared for the future of networking, accommodating the increasing demand for bandwidth and reliable connectivity.

All these switches utilize Cisco IOS software, providing a familiar interface for network administrators. They also incorporate advanced troubleshooting tools, like Cisco Prime, which facilitate effective network management. Collectively, the WSC2960 series switches represent a comprehensive solution for businesses seeking dependable, scalable, and manageable networking options. With their combination of performance, features, and reliability, these Cisco switches are essential for meeting the demands of modern networking.
Top Page Image Contents