Cisco NX-OS/IOS SPAN Comparison

From DocWiki

(Difference between revisions)
Jump to: navigation, search
Line 16: Line 16:
* 18 monitor sessions can be configured. Only two sessions can be active simultaneously.
* 18 monitor sessions can be configured. Only two sessions can be active simultaneously.
* Cisco NX-OS uses a hierarchical configuration based on the '''monitor session '''''<#>'' command, whereas Cisco IOS Software has the option for flat for hierarchical configuration in Cisco IOS Software Release 12.2(18)SXH and later.
* Cisco NX-OS uses a hierarchical configuration based on the '''monitor session '''''<#>'' command, whereas Cisco IOS Software has the option for flat for hierarchical configuration in Cisco IOS Software Release 12.2(18)SXH and later.
-
* A single SPAN session can include mixed sources (Ethernet ports, Ethernet PortChannels, RSPAN sources, VLANs, and the CPU control-plane interface).
+
* A single SPAN session can include mixed sources (Ethernet ports, Ethernet Port-Channels, RSPAN sources, VLANs, and the CPU control-plane interface).
* Destination SPAN ports must be configured as Layer 2 ports with the '''switchport '''command.
* Destination SPAN ports must be configured as Layer 2 ports with the '''switchport '''command.
* Destination SPAN ports require the '''switchport monitor''' interface configuration command.
* Destination SPAN ports require the '''switchport monitor''' interface configuration command.

Revision as of 21:17, 12 August 2009

Objective

This tech note outlines the main differences in the Switched Port Analyzer (SPAN) between Cisco® NX-OS Software and Cisco IOS® Software. Sample configurations are included for Cisco NX-OS and Cisco IOS Software for some common features to demonstrate the similarities and differences. Please refer to the NX-OS documentation on Cisco.com for a complete list of supported features.


SPAN Overview

The SPAN feature allows traffic to be mirrored from within a switch from a source port to a destination port. This feature is typically used when detailed packet information is required for troubleshooting, traffic analysis, and security-threat prevention.


Important Cisco NX-OS and Cisco IOS Software Differences

In Cisco NX-OS:

  • Only Local SPAN is supported.
  • Remote SPAN (RSPAN) VLANs can be configured only as SPAN sources.
  • 18 monitor sessions can be configured. Only two sessions can be active simultaneously.
  • Cisco NX-OS uses a hierarchical configuration based on the monitor session <#> command, whereas Cisco IOS Software has the option for flat for hierarchical configuration in Cisco IOS Software Release 12.2(18)SXH and later.
  • A single SPAN session can include mixed sources (Ethernet ports, Ethernet Port-Channels, RSPAN sources, VLANs, and the CPU control-plane interface).
  • Destination SPAN ports must be configured as Layer 2 ports with the switchport command.
  • Destination SPAN ports require the switchport monitor interface configuration command.
  • The SPAN feature supports stateful and stateless process restarts.


Things You Should Know

The following list provides some additional facts about Cisco NX-OS that should be helpful when configuring the SPAN feature.

  • Two active SPAN sessions are supported for all virtual device contexts (VDCs).
  • Monitor sessions are disabled by default. They can be enabled with the no shut command.
  • The source traffic direction can be configured as rx, tx, or both. The default is both.
  • When a VLAN is specified as the source, traffic to and from the Layer 2 ports in the specified VLAN are sent to the destination.
  • The in-band control-plane interface to the CPU can be monitored only from the default VDC. (All VDC traffic is visible.)
  • By default, SPAN does not copy the IEEE 802.1q tag from trunk sources.
  • A destination port can be configured in switchport access or trunk mode. (Trunk mode allows you to tag traffic toward a destination or to perform destination VLAN filtering.)
  • A destination port does not participate in a spanning-tree instance.
  • A destination port can be configured in only one SPAN session at a time.
  • A port cannot be configured as both a source and destination port.
  • 128 source interfaces can be configured per session.
  • 32 source VLANs can be configured per session.
  • 2 destination interfaces can be configured per session.


Configuration Comparison

The following sample code shows the configuration similarities and differences between the Cisco NX-OS and Cisco IOS Software command-line interfaces (CLIs). The Cisco IOS Software syntax shown here is from Cisco IOS Software Release 12.2(18)SXH, so its hierarchy is similar to that of as the Cisco NX-OS. Older versions of Cisco IOS Software support only a flat configuration.


Cisco IOS CLI Cisco NX-OS CLI
Configuring the Destination Switchport Mode
Cisco IOS Software does not require any destination port configuration. interface Ethernet2/2

switchport

switchport monitor

Configuring Destination Port Ingress Forwarding and Learning
monitor session 1 type local

destination interface Gi2/2 ingress learning

interface Ethernet2/2

switchport

switchport monitor ingress learning

Configuring a SPAN Monitor (Ethernet Source and Destination)
monitor session 1 type local

source interface Gi2/1

destination interface Gi2/2

monitor session 1

source interface Ethernet2/1 both

destination interface Ethernet2/2

no shut

Configuring a SPAN Monitor (VLAN Source)
monitor session 1 type local

source vlan 10 , 20

destination interface Gi2/2

monitor session 1

source vlan 10,20 both

destination interface Ethernet2/2

no shut

Filtering VLANs for IEEE 802.1q Trunk Sources
interface GigabitEthernet2/1

switchport

switchport trunk encapsulation dot1q

switchport trunk allowed vlan 10-20

switchport mode trunk


monitor session 1 type local

filter vlan 15 - 20

source interface Gi2/1

destination interface Gi2/1

no shutdown

interface Ethernet2/1

switchport

switchport mode trunk

switchport trunk allowed vlan 10-20


monitor session 1

source interface Ethernet2/1 both

destination interface Ethernet2/2

filter vlan 15-20

no shut

Configuring a SPAN Monitor (CPU Source)
monitor session 1 type local

source cpu rp rx

destination interface Gi2/2

no shutdown

monitor session 1

source interface sup-eth0 rx

destination interface Ethernet2/2

no shut



Verification Command Comparison

The following table compares some useful show commands for verifying and troubleshooting the SPAN feature.


Cisco NX-OS SPAN Cisco IOS Software SPAN Command Description
show interface show interface Displays destination port characteristics
- - -
show monitor session <#> show monitor session <#> Displays a specific SPAN and monitor session
show monitor session all show monitor session all Displays all SPAN and monitor sessions
show monitor range <#-#> show monitor range <#-#> Displays a range of specified SPAN sessions

Rating: 3.7/5 (10 votes cast)

Personal tools