Configuring SPAN for Catalyst 4000, 4500, and 6500 Series Switches

Previous page
Table of content
Next page
[ LiB ]  

The single command to configure SPAN on the Catalyst 4000, 4500 and 6500 switches is the set span command. The following example sets port 5 on module 4 as a source port and port 1 on module 3 as the destination SPAN port. You use the optional keyword create to create the SPAN port, whereas the optional keyword rx specifies that only ingress traffic on the source port, module 4 port 5, will be mirrored to the SPAN port: 


 switch>(enable) set span 4/5 3/1 rx create

The command syntax to enable and configure or disable SPAN on the Catalyst 4000, 4500, and 6500 switches is as follows : 


 set span {  src_mod/src_ports  ...  src_vlans  ... sc0} {  dest_mod/dest_port  } [rxtxboth][inpkts{enabledisable}] [learning {enabledisable}] [multicast {enabledisable}] [filter  vlans ...  ] [create] set span disable [  dest_mod/dest_port  all]

Table 4.2 lists and describes the command syntax for the set span command.

Table 4.2. Command Syntax for the set span Command

Command Syntax

Description

src_mod

Monitored module (SPAN source)

src_ports...

Monitored ports (SPAN source)

src_vlans...

Monitored VLANs (SPAN source)

sc0

Keyword to specify that the inbound port is a valid source

rx

(Optional) Keyword to specify that traffic received at the source port (ingress SPAN) is monitored

tx

(Optional) Keyword to specify that traffic sent from the source port (egress SPAN) is monitored

both

(Optional) Keyword to specify that both ingress SPAN and egress SPAN are monitored

inpkts enable

(Optional) Keywords to enable the receipt of inbound traffic on the SPAN destination port

inpkts disable

(Optional) Keywords to disable the receipt of inbound traffic on the SPAN destination port

learning enable

(Optional) Keywords to enable learning on the SPAN destination port

learning disable

(Optional) Keywords to disable learning on the SPAN destination port

multicast enable

(Optional) Keywords to enable multicast traffic (egress only)

multicast disable

(Optional) Keywords to disable multicast traffic (egress only)

filter vlans

(Optional) Keyword and variable to monitor traffic on selected VLANs on source trunk ports

create

(Optional) Keyword to create a SPAN port

disable

Keyword to disable SPAN

dest_mod

(Optional) Monitoring module (SPAN destination)

dest_port

(Optional) Monitoring port (SPAN destination)

all

(Optional) Keyword to disable all SPAN sessions


graphics/alert_icon.gif

For the exam, remember that you use the inpkts enable keywords in the set span command to allow the 4000, 4500, and 6500 switches to receive a TCP reset packet from the Sensor on their destination SPAN ports.


[ LiB ]  

Previous page
Table of content
Next page
CSIDS Exam Cram 2 (Exam 642-531)
CSIDS Exam Cram 2 (Exam 642-531)
ISBN: N/A
EAN: N/A
Year: 2004
Pages: 213
BUY ON AMAZON
The .NET Developers Guide to Directory Services Programming
Cisco ASA: All-in-One Firewall, IPS, and VPN Adaptive Security Appliance
InDesign Type: Professional Typography with Adobe InDesign CS2
Extending and Embedding PHP
Special Edition Using FileMaker 8
Understanding Digital Signal Processing (2nd Edition)
flylib.com © 2008-2017.
If you may any questions please contact us: flylib@qtcs.net
Privacy policy