Cisco Systems 3130 User Manual
29-14
Cisco Catalyst Blade Switch 3130 for Dell Software Configuration Guide
OL-13270-01
Chapter 29 Configuring SPAN and RSPAN
Configuring SPAN and RSPAN
This example shows how to remove any existing configuration on SPAN session 2, configure SPAN
session 2 to monitor received traffic on all ports belonging to VLANs 1 through 3, and send it to
destination Gigabit Ethernet port 2. The configuration is then modified to also monitor all traffic on all
ports belonging to VLAN 10.
session 2 to monitor received traffic on all ports belonging to VLANs 1 through 3, and send it to
destination Gigabit Ethernet port 2. The configuration is then modified to also monitor all traffic on all
ports belonging to VLAN 10.
Switch(config)# no monitor session 2
Switch(config)# monitor session 2 source vlan 1 - 3 rx
Switch(config)# monitor session 2 destination interface gigabitethernet1/0/2
Switch(config)# monitor session 2 source vlan 10
Switch(config)# end
Creating a Local SPAN Session and Configuring Incoming Traffic
Beginning in privileged EXEC mode, follow these steps to create a SPAN session, to specify the source
ports or VLANs and the destination ports, and to enable incoming traffic on the destination port for a
network security device (such as a Cisco IDS Sensor Appliance).
ports or VLANs and the destination ports, and to enable incoming traffic on the destination port for a
network security device (such as a Cisco IDS Sensor Appliance).
For details about the keywords not related to incoming traffic, see the
Command
Purpose
Step 1
configure terminal
Enter global configuration mode.
Step 2
no monitor session {session_number | all |
local | remote}
local | remote}
Remove any existing SPAN configuration for the session.
Step 3
monitor session session_number source
{interface interface-id | vlan vlan-id} [, | -]
[both | rx | tx]
{interface interface-id | vlan vlan-id} [, | -]
[both | rx | tx]
Specify the SPAN session and the source port (monitored port).
Step 4
monitor session session_number
destination {interface interface-id [, | -]
[encapsulation replicate] [ingress {dot1q
vlan vlan-id | isl | untagged vlan vlan-id |
vlan vlan-id}]}
destination {interface interface-id [, | -]
[encapsulation replicate] [ingress {dot1q
vlan vlan-id | isl | untagged vlan vlan-id |
vlan vlan-id}]}
Specify the SPAN session, the destination port, the packet
encapsulation, and the ingress VLAN and encapsulation.
encapsulation, and the ingress VLAN and encapsulation.
For session_number, specify the session number entered in Step 3.
For interface-id, specify the destination port. The destination
interface must be a physical port; it cannot be an EtherChannel, and
it cannot be a VLAN.
interface must be a physical port; it cannot be an EtherChannel, and
it cannot be a VLAN.
(Optional) [, | -] Specify a series or range of interfaces. Enter a space
before and after the comma or hyphen.
before and after the comma or hyphen.
(Optional) Enter encapsulation replicate to specify that the
destination interface replicates the source interface encapsulation
method. If not selected, the default is to send packets in native form
(untagged).
destination interface replicates the source interface encapsulation
method. If not selected, the default is to send packets in native form
(untagged).
Enter ingress with keywords to enable forwarding of incoming
traffic on the destination port and to specify the encapsulation type:
traffic on the destination port and to specify the encapsulation type:
•
dot1q vlan vlan-id—Accept incoming packets with IEEE
802.1Q encapsulation with the specified VLAN as the default
VLAN.
802.1Q encapsulation with the specified VLAN as the default
VLAN.
•
isl—Forward ingress packets with ISL encapsulation.
•
untagged vlan vlan-id or vlan vlan-id—Accept incoming
packets with untagged encapsulation type with the specified
VLAN as the default VLAN.
packets with untagged encapsulation type with the specified
VLAN as the default VLAN.