Virtual SPAN empowers a network administrator to SPAN more than 1 VLAN and enables the network administrator the ability to selectively chose which VLAN goes to what destination SPAN port. Example: A network administrator wants to SPAN a trunk port with VLAN 10, 20, and 30 but wants to send VLAN 10 to SPAN port ethernet 1/1, send VLAN 20 to SPAN port ethernet 1/2. and send VLAN 30 to SPAN port ethernet 1/3. Virtual SPAN enables that flexibility. This also helps reduce the number of SPAN sessions required.
Trunk Port that you want to monitor
(config)#interface ethernet 1/10
(config-if)#switchport
(config-if)#switchport mode trunk
(config-if)#switchport trunk allowed vlan 10,20,30
(config-if)#no shut
Create a SPAN Monitor Port for the Analyzer1 (must be a trunk when leveraging virtual SPAN)
(config)#interface ethernet 1/1
(config-if)#switchport
(config-if)#switchport monitor
(config-if)#switchport mode trunk
(config-if)#switchport trunk allowed vlan 10
Create a SPAN Monitor Port for the Analyzer2 (must be a trunk when leveraging virtual SPAN)
(config)#interface ethernet 1/2
(config-if)#switchport
(config-if)#switchport monitor
(config-if)#switchport mode trunk
(config-if)#switchport trunk allowed vlan 20
Create a SPAN Monitor Port for the Analyzer3 (must be a trunk when leveraging virtual SPAN)
(config)#interface ethernet 1/3
(config-if)#switchport
(config-if)#switchport monitor
(config-if)#switchport mode trunk
(config-if)#switchport trunk allowed vlan 30
If the system is an IDS/IPS it may required the ability to learn the MAC address of the device. Include the following
(config-if)#switchport monitor ingress learning
Configure Monitor Session
(config)#monitor session 1
(config-monitor)#source interface 1/10
(config-monitor)#destination interface ethernet 1/1,ethernet 1/2,ethernet 1/3
(config-monitor)#description SPANNING SESSION 1
(config-monitor)#no shut
You must no shut the monitor session
0 comments:
Post a Comment