cisco Monitor Session
(VSPAN only monitors traffic that enters the switch, not traffic that is routed between VLANs. For example, if a VLAN is being Rx-monitored and the multilayer switch routes traffic from another VLAN to the monitored VLAN, that traffic is not monitored and is not received on the SPAN destination port. )
[1] [2] 下一页
三、SPAN和RSPAN与其它特性的互操作性
Routing——SPAN不监控VLAN间的路由数据;(不好理解)
Routing—Ingress SPAN does not monitor routed traffic. VSPAN only monitors traffic that enters the switch, not traffic that is routed between VLANs. For example, if a VLAN is being Rx-monitored and the multilayer switch routes traffic from another VLAN to the monitored VLAN, that traffic is not monitored and not received on the SPAN destination port.
STP——监控端口和反射端口不会参与STP,但SPAN对受控端口的STP没有影响;
CDP——监控端口不参与CDP;
VTP——RSPAN VLAN可以被修剪pruning;
VLAN and trunking——可以修改受控端口、监控端口和反射端口的VLAN和TRUNK设置,受控端口的改变会立即生效,而监控端口和反射端口则要在从SPAN中去除后才会生效;
EtherChannel——整个以太通道组可以做为受控端口使用,如果一个属于某个以太通道组的物理端口被配成了受控端口、监控端口或反射端口,则此端口会自动从以太通道组去除,当SPAN删除后,它又会自动加入原以太通道组;
QoS——由于受QoS的策略影响,监控端口上收到的数据流会与受控端口实际的数据流不同,比如DSCP值被修改等;
Multicast——SPAN可以监控组播的数据流;
Port security——安全端口不能做为监控端口使用;
802.1x——受控端口、监控端口和反射端口上可以设置802.1x,但有些限制。
四、SPAN和RSPAN的配置举例
SPAN的限制和缺省设置
Catalyst 3550交换机上最多只能设置两个SPAN Session,缺省SPAN没有使用,如果做了设置,缺省情况下,第一个被设为受控端口的接口进出流量都会受到监控,以后再追加的受控端口只会对接收的流量进行监控,监控端口的默认封装类型为Native,也就是没有打VLAN的标记.
1、Configuring SPAN——配置本地SPAN
Switch(config)# no monitor session 1 //先清除可能已经存在SPAN设置 Switch(config)# monitor session 1 source interface fastethernet0/10 //设定SPAN的受控端口 Switch(config)# monitor session 1 destination interface fastethernet0/20 //设定SPAN的监控端口 Switch#sh mon Session 1 --------- Type : Local Session Source Ports : Both : Fa0/10 //注意此处是Both Destination Ports : Fa0/20 Encapsulation : Native Ingress: Disabled Switch(config)# monitor session 1 source interface fastethernet0/11 - 13 //添加SPAN的受控端口 Switch#sh mon Session 1 --------- Type : Local Session Source Ports : RX Only : Fa0/11-13 //注意此处是RX Only Both : Fa0/10 //注意此
天下网吧·网吧天下
闽公网安备35010202000238号