Configuration of equipment monitoring function for 4000 series switch

Configure Span dialog (span session)

Basic functions

By setting the span dialog to monitor the data flow of the switch port or the entire VLAN, the monitored data stream can be analyzed and processed by the Protocol analysis device.

Working mode

The span dialog consists of a destination port and a set of source ports that replicate packets from one or more source ports on one or more VLANs to the destination port. span does not affect the normal operation of the source port and does not affect normal switch operations. Multiple span dialogs can be configured in a switched network, and span dialogs can be activated only if the destination port is operational and if either port in the source port or in the source VLAN is active.

Configuration commands

Configure the monitored port or VLAN as the source port and set the port to receive the replicated packets as the destination port.

Set span {src_mod/src_ports | src_vlan} dest_mod/dest_port [Rx | tx | both] [filter VLAN] [inpkts {enable | disable}] [Lea rning {enable | disable}] [create]

Configuration Instructions

Src_mod/src_ports: source module/port number. They can exist in any VLAN, or you can configure one or more VLANs as source ports (Src_vlans), at which point all the ports in the VLAN are the source ports in the span dialog. A port can be configured as a source port for multiple span dialogs.

Dest_mod/dest_port: Destination module/port number. There is only one destination port in each span dialog, the same port cannot be used as the destination port for multiple span dialogs, one destination port cannot be configured as the source port, and the active destination port does not participate in spanning tree.

[Rx | tx | both]: the flow through the source port can be divided into entry (ingress), outgoing (egress), bidirectional (both) three classes, which can be configured in the span dialog to monitor what kind of packets. You can only have two-direction data flow when monitoring data for the entire VLAN.

[Filter VLAN]: Trunk VLAN filter, 6.3 (1) Later version of the source port for the Trunk port for VLAN throttling filtering, only the specified VLAN traffic can be replicated to the destination port.

[Inpkts {enable | disable}]: By default, the destination port is activated and will not receive incoming packets, causing the destination port to not communicate with other devices and can be forwarded through configuration, where the packets sent are exchanged within the VLAN to which the port belongs. This destination port will not participate in the spanning tree of this VLAN.

[Learning {enable | disable}]: When the destination port is allowed to be forwarded, you can set the Allow to learn the source MAC address from the destination port, which affects only the devices connected to the destination port. The Enable is the default, but the learning enable is configured at the same time when the Inpkts enable is configured.

[Create]: Create creates a new span dialog that can run up to 5 spans at a time.

Attention

1. Span dialogs can only monitor packets within this switch.

2. The SC0 interface of the switch cannot be configured as a span source port.

3. The EtherChannel port cannot be used as a span destination port.

4. In the span dialog configuration, if the destination port has a trunking mode of "on" or "nonegotiate", the span package will be forwarded in the encapsulated format of the original trunking configuration, and the destination port will stop trunking.

Configuration Example:

Example 1:

The bidirectional packet that configures Port 2/5 (the span source) is replicated to port 2/10 (the span destination).

Console> (enable) set span 2/5 2/10
Console> (enable) show span
Destination:port 2/10
Admin Source:port 2/5
Oper Source:none
Direction:transmit/receive
Incoming packets:disabled
Learning:enabled
Filter:-
Status:active
-----------------------------
Total local span sessions:1
Console> (Enable) Example 2:

Configure VLAN 522 and 523 for span source, port 2/1 for span destination:

Console> (enable) set span 522-523 2/1
Console> (enable) show span
Destination:port 2/1
Admin Source:vlan 522-523
Oper Source:port 2/1-2
Direction:transmit/receive
Incoming packets:disabled
Learning:enabled
Filter:-
Status:active
----------------
Total local span sessions:1
Console> (enable) prohibit span

Set span Disable [Dest_mod/dest_port | all] Clears the span dialog by banning the destination port.

For example:

Console> (enable) set span disable 2/3
This command could disable your span session (s).
Do and want to continue (y/n) [n]? Y
Disabled Port 2/3 to monitor transmit/receive traffic of port
Incoming Packets disabled. Learning enabled.
Console> (enable) Note: The above commands apply to the Catalyst series switches of the set command set, and the commands for some iOS commands are different for switches such as Catalyst2950, 3500, and so on.