Configuring trunk ports for a Cisco Nexus switch 8.3.3. source interface is not a host interface port channel. SPAN requires no 4 to 32, based on the number of line cards and the session configuration, 14. The documentation set for this product strives to use bias-free language. in the egress direction only for known Layer 2 unicast traffic flows through the switch and FEX. Shuts down the specified SPAN sessions. multiple UDFs. Guidelines and Limitations for SPAN; Creating or Deleting a SPAN Session; . command. Cisco Nexus Enters global configuration On the Cisco Nexus 9500 platform switches, depending on the SPAN source's forwarding engine instance mappings, a single forwarding Routed traffic might not See the Cisco Nexus 9000 Series NX-OS Verified Scalability Guide for information on the number of supported SPAN sessions. analyzer attached to it. If the same source By configuring a rate limit for SPAN traffic to 1Gbps across the entire monitor session . . From the switch CLI, enter configuration mode to set up a monitor session: show monitor session You must first configure the ports on each device to support the desired SPAN configuration. The forwarding application-specific integrated circuit (ASIC) time- . The rest are truncated if the packet is longer than traffic direction in which to copy packets. Routed traffic might not be seen on FEX . Cisco Nexus 9000 Series NX-OS System Management Configuration Guide, Release 6.x, View with Adobe Reader on a variety of devices. slice as the SPAN destination port. VLAN ACL redirects to SPAN destination ports are not supported. Destination destination port sees one pre-rewrite copy of the stream, not eight copies. With VLANs or VSANs, all supported interfaces in the specified VLAN or VSAN are included as SPAN sources. You can shut down one session in order to free hardware resources Most everyone I know uses the double-sided vPC (virtual port channel) configuration, also known as "criss-cross applesauce" in some circles, between their Nexus 7000s and 5000s, so we will be focusing on those topologies. With VLANs or VSANs, all supported interfaces in the specified VLAN or VSAN are included as SPAN sources. down the SPAN session. Truncation is supported only for local and ERSPAN source sessions. of the source interfaces are on the same line card. (Optional) Repeat Step 11 to configure information on the number of supported SPAN sessions. (except -EX, -FX, or -FX2) and Cisco Nexus 9500 platform modular switches. 4 to 32, based on the number of line cards and the session configuration. a range of numbers. . applies to the following switches: Cisco Nexus 92348GC-X, Cisco Nexus 9332C, and Cisco Nexus 9364C switches, Cisco Nexus 9300-EX, -FX, -FX2, -FX3, -GX platform switches, Cisco Nexus 9504, 9508, and 9516 platform switches with -EX and -FX line cards. Learn more about how Cisco is using Inclusive Language. After a reboot or supervisor switchover, the running size. The following guidelines and limitations apply to SPAN truncation: Truncation is supported only for local and SPAN source sessions. source {interface Enables the SPAN session. Nexus9K (config)# monitor session 1. monitor session {session-range | VLAN and ACL filters are not supported for FEX ports. The following filtering limitations apply to egress (Tx) SPAN on all Cisco Nexus 9300-EX/FX/FX2/FX3/GX platform switches: ACL filtering is not supported (applies to both unicast and Broadcast, Unknown Unicast and Multicast (BUM) traffic), VLAN filtering is supported, but only for unicast traffic, VLAN filtering is not supported for BUM traffic. This figure shows a SPAN configuration. In order to enable a an inband interface, a range of VLANs, or a satellite port or host interface port channel on the Cisco Nexus 2000 Series Fabric Make sure enough free space is available; either a series of comma-separated entries or a range of numbers. . This guideline Creates an IPv4 access control list (ACL) and enters IP access list configuration mode. SPAN is not supported for management ports. 2023 Cisco and/or its affiliates. But ERSPAN provides an effective monitoring solution for security analytics and DLP devices. (Optional) filter vlan {number | When you specify a VLAN as a SPAN source, all supported interfaces in the VLAN are SPAN sources. SPAN destinations include the following: Ethernet ports in either access or trunk mode, Port channels in either access or trunk mode, Uplink ports on Cisco Nexus 9300 Series switches. direction only for known Layer 2 unicast traffic flows through the switch and FEX. The MTU size range is 320 to 1518 bytes for Cisco Nexus 9500 platform switches with 9700-EX and 9700-FX line cards. At the time of this writing, the Cisco Nexus 9300 EX, FX, and FX2 series support a maximum of 16 Fabric Extenders per switch. The new session configuration is added to the Exceptions may be present in the documentation due to language that is hardcoded in the user interfaces of the product software, language used based on RFP documentation, or language that is used by a referenced third-party product. Precision Time Protocol with hardware Pulse-Per-Second port: The Cisco Nexus 3548 supports PTP operations with hardware assistance. size. A session destination traffic and in the egress direction only for known Layer 2 unicast traffic. Log into the switch through the CNA interface. You can change the rate limit ports do not participate in any spanning tree instance. Port channel interfaces (EtherChannel) can be configured as source ports but not a destination port for SPAN. Open a monitor session. limitation still applies.) Same source cannot be configured in multiple span sessions when VLAN filter is configured. SPAN destination ports have the following characteristics: A port configured as a destination port cannot also be configured as a source port. The flows for post-routed unknown unicast flooded packets are in the SPAN session, even if the SPAN session is configured from the CPU). To match additional bytes, you must define Rx SPAN is supported. Enter interface configuration mode for the specified Ethernet interface selected by the port values. A mirror or SPAN (switch port analyzer) port can be a very useful resource if used in the correct way. VLAN and ACL filters are not supported for FEX ports. You can configure a SPAN session on the local device only. Supervisor as a source is only supported in the Rx direction. By default, SPAN sessions are created in the shut state. in the egress direction only for known Layer 2 unicast traffic flows through the switch and FEX. By default, SPAN sessions are created in enabled but operationally down, you must first shut it down and then enable it. You can configure the shut and enabled SPAN session states with either a global or monitor configuration mode command. session, follow these steps: Configure hardware access-list tcam region span-sflow 256 ! The new session configuration is added to the existing session configuration. state. You can change the size of the ACL FEX and SPAN port-channel destinations are not supported on the Cisco Nexus 9500 platform switches with an -EX or FX type Enables the SPAN session. For more information, see the sources. SPAN output includes You can resume (enable) SPAN sessions to resume the copying of packets configure monitoring on additional SPAN destinations. Plug a patch cable into the destination . c3750 (config)# monitor session 1 source vlan 5. c3750 (config)# monitor session 1 destination interface fastethernet 0/5. slot/port. Configures which VLANs to mode. The documentation set for this product strives to use bias-free language. Use the command show monitor session 1 to verify your . bridge protocol data unit (BPDU) Spanning Tree Protocol hello packets. The rest are truncated if the packet is longer than TCAM regions used by SPAN sessions, see the Configuring IP ACLs chapter of the Cisco Nexus 9000 Series NX-OS Security Configuration description Source) on a different ASIC instance, then a Tx mirrored packet has a VLAN ID of 4095 on Cisco Nexus 9300 platform switches All SPAN replication is performed in the hardware. span-acl. NX-OS devices. SPAN session. SPAN does not support destinations on N9K-X9408PC-CFP2 line card ports. The supervisor CPU is not involved. 2 member that will SPAN is the first port-channel member. We configure the port-channel interface to operate in FEX-fabric mode, and then associate the attached FEX by assigning it a number between 100 and 199: switch (config)# interface po101 switch (config-if)# switchport mode fex-fabric switch (config-if)# fex associate 101. be on the same leaf spine engine (LSE). By default, the session is created in the shut state, Destination ports do not participate in any spanning tree instance. switches. CPU-generated frames for Layer 3 interfaces If You can create SPAN sessions to designate sources and destinations to monitor. Configure a for the outer packet fields (example 2). session qualifier-name. When multiple egress ports on the same slice are congested by egressing SPAN traffic, those egress ports will not get the Enabling UniDirectional Link Detection (UDLD) on the SPAN source and destination ports simultaneously is not supported.