Can you span a trunk port

In response to Mahmoud Nossair. Hi The trunk port won't be able to transmit user traffic at the same time it is a monitor destination port. In response to rasmus. In response to klouthan.

Hi I normally do the same as you do. Run another wire and monitor that one. And if your host supports passing that traffic to a specific host it should work. As far as I remember the reason you need to configure remote-span on the VLAN is to disable the normal MAC learning, and make sure it forwards all traffic out all trunks. But I could be wrong. Poonam Garg. Post Reply. Latest Contents.

The IT Blog Awards is now accepting submissions! Created by caiharve on PM. Submit your blog, vlog or podcast today. They make geeky cool. They are both educator Network problems can occur because of MAC address learning issues that are associated with learning enabled on the destination port. See these sections of this document for information about the performance impact for the specified Catalyst platforms:.

If you try to configure SPAN in this situation, the switch tells you:. On the Catalyst Series Switches, you can have only one assigned monitor port at any time. If you select another port as the monitor port, the previous monitor port is disabled, and the newly selected port becomes the monitor port.

With this issue, the Virtual Private Network VPN module is inserted into the chassis, where a switch fabric module has already been inserted. Note : If you delete the session, the VPN service module drops the multicast traffic. You cannot capture corrupted packets with SPAN because of the way that switches operate in general.

When a packet goes through a switch, these events occur:. If the switch receives a corrupted packet, the ingress port usually drops the packet.

Therefore, you do not see the packet on the egress port. A switch is not completely transparent with regard to the capture of traffic. Similarly, when you see a corrupted packet on your sniffer in the scenario in this section, you know that the errors were generated at step 3, on the egress segment. If you think that a device sends corrupted packets, you can choose to put the sending host and the sniffer device on a hub.

The hub does not perform any error checks. Therefore, unlike the switch, the hub does not drop the packets. In this way, you can view the packets. If you no longer need this, you should be able to enter the no monitor session service module command from within the config mode of CAT, and then immediately enter the new desired SPAN configuration. A reflector port receives copies of sent and received traffic for all monitored source ports. If a reflector port is oversubscribed, it could become congested.

This could affect traffic forwarding on one or more of the source ports. If the bandwidth of the reflector port is not sufficient for the traffic volume from the corresponding source ports, the excess packets are dropped. A Gigabit port reflects at 1 Gbps. If you check for unused sessions with the show monitor command, session 1 is used:. When a firewall blade is in the Catalyst chassis, this session is automatically installed for the support of hardware multicast replication because an FWSM cannot replicate multicast streams.

If multicast streams sourced behind the FWSM must be replicated at Layer 3 to multiple line cards, the automatic session copies the traffic to the supervisor through a fabric channel. You can use the no monitor session service module command in order to disable the SPAN reflector.

Also, make sure that no Layer 3 device is present in path of session source to session destination. Supervisor with PFC3A that has hardware version 3. This is not supported on the Series and Series Switches. When ingress is enabled, the SPAN destination port accepts incoming packets, which are potentially tagged that depends on the specified encapsulation mode, and switches them normally.

When you configure a SPAN destination port, you can specify whether or not the ingress feature is enabled and what VLAN to use to switch untagged ingress packets. Although the port is STP forwarding, it does not participate in the STP, so use caution when you configure this feature lest a spanning-tree loop be introduced in the network.

This example shows how to configure a destination port with Incoming traffic is accepted and switched, with untagged packets classified into VLAN 7. Skip to content Skip to search Skip to footer. Available Languages. Download Options. Updated: January 22, Contents Introduction.

Does SPAN affect switch performance? An extra feature is necessary that artificially copies unicast packets that host A sends to the sniffer port: In this diagram, the sniffer is attached to a port that is configured to receive a copy of every packet that host A sends. Egress traffic —Traffic that leaves the switch. Characteristics of Source Port A source port, also called a monitored port, is a switched or routed port that you monitor for network traffic analysis.

It can be monitored in multiple SPAN sessions. It cannot be a destination port. Source ports can be in the same or different VLANs. On a given port, only traffic on the monitored VLAN is sent to the destination port.

A destination port has these characteristics: A destination port must reside on the same switch as the source port for a local SPAN session. A destination port can be any Ethernet physical port. A destination port cannot be a source port. A destination port cannot be an EtherChannel group. A destination port does not participate in spanning tree while the SPAN session is active. The reflector port has these characteristics: It is a port set to loopback.

It cannot be an EtherChannel group, it does not trunk, and it cannot do protocol filtering. It is invisible to all VLANs. Spanning tree is automatically disabled on a reflector port. Use CNA to log into the switch, and click Smartport.

Click any interface where you plan to connect the PC in order to capture the sniffer traces. Click Modify. A small pop-up box appears. Choose the Diagnostics role for the port.

Choose the source port and select the VLAN you plan to monitor. Click OK in order to close the pop-up box. Click OK and then Apply the settings.

You can use any Sniffer software in order to trace the traffic once you set up the diagnostic port. A monitor port cannot be enabled for port security. A monitor port cannot be a multi-VLAN port. You need a way to delete some sessions. These are a few remarks on this design: S1 is called a source switch. Performance Impact In order to monitor some ports with SPAN, a packet must be copied from the data buffer to a satellite an additional time.

Performance Impact Whether one or several ports eventually transmit the packet has absolutely no influence on the switch operation. This is an example of the scenario: There are two core switches that are linked by a trunk. When a packet goes through a switch, these events occur: The packet reaches the ingress port.

Which of the following retains the information it's storing when the system power is turned off? Submit ». Thai Pepper. Purduepete Mar 20, at UTC. Nicholas Mar 20, at UTC. You are here: Home » Switching. Lesson Contents. Configurations Want to take a look for yourself? Here you will find the final configuration of each device. Explained As Simple As Possible. Full Access to our Lessons. More Lessons Added Every Week!