Cisco Systems 2960 Model Vehicle User Manual

Open as PDF

of 1004

CHAPTER

27-1

Catalyst 2960 and 2960-S Switch Software Configuration Guide

OL-8603-09

Configuring SPAN and RSPAN

Note To use RSPAN, the switch must be running the LAN Base image.

This chapter describes how to configure Switched Port Analyzer (SPAN) and Remote SPAN (RSPAN)

on the Catalyst 2960 and 2960-S switches. Unless otherwise noted, the term switch refers to a standalone

switch and a switch stack.

Note Stacking is supported only on Catalyst 2960-S switches running the LAN base image.

For complete syntax and usage information for the commands used in this chapter, see the command

reference for this release.

This chapter consists of these sections:

• Understanding SPAN and RSPAN, page 27-1

• Configuring SPAN and RSPAN, page 27-10

• Displaying SPAN and RSPAN Status, page 27-24

Understanding SPAN and RSPAN

You can analyze network traffic passing through ports or VLANs by using SPAN or RSPAN to send a

copy of the traffic to another port on the switch or on another switch that has been connected to a network

analyzer or other monitoring or security device. SPAN copies (or mirrors) traffic received or sent (or

both) on source ports or source VLANs to a destination port for analysis. SPAN does not affect the

switching of network traffic on the source ports or VLANs. You must dedicate the destination port for

SPAN use. Except for traffic that is required for the SPAN or RSPAN session, destination ports do not

receive or forward traffic.

Only traffic that enters or leaves source ports or traffic that enters or leaves source VLANs can be

monitored by using SPAN; traffic routed to a source VLAN cannot be monitored. For example, if

incoming traffic is being monitored, traffic that gets routed from another VLAN to the source VLAN

cannot be monitored; however, traffic that is received on the source VLAN and routed to another VLAN

can be monitored.

You can use the SPAN or RSPAN destination port to inject traffic from a network security device. For

example, if you connect a Cisco Intrusion Detection System (IDS) sensor appliance to a destination port,

the IDS device can send TCP reset packets to close down the TCP session of a suspected attacker.

previous next

Top Automotive Device Types

Top Automotive Brands

Top Baby Care Device Types

Top Baby Care Brands

Top Car Audio & Video Device Types

Top Car Audio & Video Brands

Top Cellphone Device Types

Top Cellphone Brands

Top Communications Device Types

Top Communications Brands

Top Computer Device Types

Top Computer Brands

Top Fitness Device Types

Top Fitness Brands

Top Home Audio Device Types

Top Home Audio Brands

Top Household Appliance Device Types

Top Household Appliance Brands

Top Kitchen Appliance Device Types

Top Kitchen Appliance Brands

Top Laundry Appliance Device Types

Top Laundry Appliance Brands

Top Lawn & Garden Device Types

Top Lawn & Garden Brands

Top Marine Equipment Device Types

Top Marine Equipment Brands

Top Musical Instrument Device Types

Top Musical Instrument Brands

Top Outdoor Cooking Device Types

Top Outdoor Cooking Brands

Top Personal Care Device Types

Top Personal Care Brands

Top Photography Device Types

Top Photography Brands

Top Portable Media Device Types

Top Portable Media Brands

Top Power Tools Device Types

Top Power Tools Brands

Top TV and Video Device Types

Top TV and Video Brands

Top Videogame Device Types

Top Videogame Brands

Cisco Systems 2960 Model Vehicle User Manual