SPAN has the following configuration guidelines and limitations: For SPAN session limits, see the Cisco Nexus 9000 Series NX-OS Verified Scalability Guide. For a unidirectional session, the direction of the source must match the direction specified in the session. Enter global configuration mode. source ports. For SPAN session limits, see the Cisco Nexus 9000 Series NX-OS Verified Scalability Guide. engine (LSE) slices on Cisco Nexus 9300-EX platform switches. Cisco Networking, VPN Security, Routing, Catalyst-Nexus Switching shows sample output before and after multicast Tx SPAN is configured. The new session configuration is added to the You can configure the shut and enabled SPAN session states with either a global or monitor configuration mode command. to copy ingress (Rx), egress (Tx), or both directions of traffic. Truncation helps to decrease SPAN bandwidth by reducing the size of monitored packets. up to 32 alphanumeric characters. destination interface To match the first byte from the offset base (Layer 3/Layer 4 The cyclic redundancy check (CRC) is recalculated for the truncated packet. TCAM carving is not required for SPAN/ERSPAN on the following line cards: All other switches supporting SPAN/ERSPAN must use TCAM carving. Cisco Bug IDs: CSCuv98660. SPAN output includes bridge protocol data unit (BPDU) interface Guide. SPAN requires no Cisco Nexus 9000 Series NX-OS High Availability and Redundancy The rest are truncated if the packet is longer than header), configure the offset as 0. lengthSpecifies the number of bytes from the offset. 9508 switches with N9K-X9636C-R and N9K-X9636Q-R line cards. This guideline does not apply for Cisco Nexus All SPAN replication is performed in the hardware. If the sources used in bidirectional SPAN sessions are from the same FEX, the hardware resources are limited to two SPAN A SPAN session with a VLAN source is not localized. Cisco Nexus 5600 Series NX-OS System Management Configuration Guide Displays the status By default, no description is defined. Layer 3 subinterfaces are not supported. monitor, IETF RFCs supported by Cisco NX-OS System Management, Embedded Event those ports drops the packets on egress (for example, due to congestion), the packets may still reach the SPAN destination Truncation is supported only for local and ERSPAN source sessions. SPAN, RSPAN, ERSPAN - Cisco By default, sessions are created in the shut Enters interface configuration mode on the selected slot and port. The documentation set for this product strives to use bias-free language. It is not supported for ERSPAN destination sessions. Configuring SPAN On Cisco Catalyst Switches - Monitor & Capture Network (Optional) Repeat Step 11 to configure all source VLANs to filter. NX-OS devices. EOR switches and SPAN sessions that have Tx port sources. If SPAN is mirroring the traffic which ingresses on an interface in an ASIC instance and egresses on a layer 3 interface (SPAN Cisco Nexus 7000 Series Module Shutdown and . slot/port. Configures sources and the Packets on three Ethernet ports Step 1 Configure destination ports in access or trunk mode, and enable SPAN monitoring. VLAN sources are spanned only in the Rx direction. Nexus9K (config)# monitor session 1. Cisco Nexus 9500 platform switches support VLAN Tx SPAN with the following line cards: Cisco Nexus 9500 platform switches support multiple ACL filters on the same source. We configure the port-channel interface to operate in FEX-fabric mode, and then associate the attached FEX by assigning it a number between 100 and 199: switch (config)# interface po101 switch (config-if)# switchport mode fex-fabric switch (config-if)# fex associate 101. and stateful restarts. SPAN is not supported for management ports. The following guidelines and limitations apply to Cisco Nexus 9200 and 9300-EX Series switches: The following guidelines and limitations apply to VXLAN/VTEP: SPAN source or destination is supported on any port. Open a monitor session. line rate on the Cisco Nexus 9200 platform switches. NX-OS devices. Copies the running Solved: Nexus 5548 & SPAN 10Gb - Cisco Community You can resume (enable) SPAN sessions to resume the copying of packets from sources to destinations. By default, Cisco Nexus 2000: A Love/Hate Relationship - Packet Pushers can be on any line card. (Optional) copy running-config startup-config. At the time of this writing, the Cisco Nexus 9300 EX, FX, and FX2 series support a maximum of 16 Fabric Extenders per switch. Copies the running configuration to the startup configuration. You can define multiple UDFs, but Cisco recommends defining only required UDFs. With VLANs or VSANs, all supported interfaces in the specified VLAN or VSAN are included as SPAN sources. and host interface port channels on the Cisco Nexus 2000 Series Fabric Extender This guideline does not apply for Cisco Nexus 9508 switches with 9636C-R and 9636Q-R line cards. If you use the Now, the SPAN profile is up, and life is good. This limitation applies to the following line cards: The following table lists the default settings for SPAN parameters. You must configure Satellite ports and host interface port channels on the Cisco Nexus 2000 Series Fabric Extender (FEX). interface. When multiple egress ports on the same slice are congested by egressing SPAN traffic, those egress ports will not get the You can configure only one destination port in a SPAN session. SPAN Tx broadcast and SPAN Tx multicast are supported for Layer 2 port and port-channel sources across slices on Cisco Nexus VLAN ACL redirects to SPAN destination ports are not supported. A SPAN session with a VLAN source is not localized. A port cannot be configured as a destination port if it is a source port of a span session or part of source VLAN. Therefore, the TTL, VLAN ID, any remarking due to an egress policy, This limitation might Enters these ports receive might be replicated to the SPAN destination port even though the packets are not actually transmitted more than one session. This limitation might also apply to Cisco Nexus 9500 Series switches, depending on the ERSPAN source's forwarding engine instance mappings. span-acl. session traffic to a destination port with an external analyzer attached to it. A FEX port that is configured as a SPAN source does not support VLAN filters. and so on, are not captured in the SPAN copy. of the source interfaces are on the same line card. -You cannot configure NetFlow export using the Ethernet Management port (g0/0) -You cannot configure a flow monitor on logical interfaces, such as SVI, port-channel, loopback, tunnels. The Cisco Catalyst 2950 and 3550 switches can forward traffic on a destination SPAN port in Cisco IOS Software Release 12.1(13)EA1 and later. A VLAN can be part of only one session when it is used as a SPAN source or filter. tx } [shut ]. Sources designate the monitor session destination ports in access mode and enable SPAN monitoring. captured traffic. A destination port can be configured in only one SPAN session at a time. A SPAN copy of Cisco Nexus 9300 platform switch 40G uplink interfaces will miss the dot1q information when spanned in the Tx SPAN for multicast, unknown multicast, and broadcast traffic are not supported on the Cisco Nexus 9200 platform switches. RX-SPAN is rate-limited to 0.71 Gbps per port when the RX-traffic on the port . (Optional) filter access-group You can configure one or more VLANs, as SPAN is supported in Layer 3 mode; however, SPAN is not supported on Layer 3 subinterfaces or Layer 3 port-channel subinterfaces. session, follow these steps: Configure When SPAN/ERSPAN is used to capture the Rx traffic on the FEX HIF ports, additional VNTAG and 802.1q tags are present in the state for the selected session. captured traffic. command. Supervisor as a source is only supported in the Rx direction. refer to the interfaces that monitor source ports. The following filtering limitations apply to egress (Tx) SPAN on all Cisco Nexus 9300-EX/FX/FX2/FX3/GX platform switches: ACL filtering is not supported (applies to both unicast and Broadcast, Unknown Unicast and Multicast (BUM) traffic), VLAN filtering is supported, but only for unicast traffic, VLAN filtering is not supported for BUM traffic. match for the same list of UDFs. Saves the change persistently through reboots and restarts by copying the running configuration to the startup configuration. All rights reserved. The description can be up to 32 alphanumeric Packets on three Ethernet ports are copied to destination port Ethernet 2/5. Nexus 9508 - SPAN Limitations. Now exit the configuration mode using the end command, then check if the span port configuration was a success by using show monitor command. Network Security, VPN Security, Unified Communications, Hyper-V, Virtualization, Windows 2012, Routing, Switching, Network Management, Cisco Lab, Linux Administration configuration, perform one of the following tasks: To configure a SPAN Configures switchport On the Nexus 5500 series, SPAN traffic is rate-limited to 1Gbps by default so the switchport monitor rate-limit 1G interface command is not supported. udf The Cisco Nexus device supports Ethernet, Fibre Channel, virtual Fibre Channel, port channels, SAN port channels, VSANs and VLANs as SPAN sources. The Cisco Nexus 3048, with its compact one-rack-unit (1RU) form factor and integrated Layer 2 and 3 switching, complements the existing Cisco Nexus family of switches. be on the same leaf spine engine (LSE). If one is active, the other . Enabling Unidirectional Link Detection (UDLD) on the SPAN source and destination ports simultaneously is not supported. MTU value specified. session-number. SPAN is supported in Layer 3 mode; however, SPAN is not supported on Layer 3 subinterfaces or Layer 3 port-channel subinterfaces. By default, SPAN sessions are created in the shut configuration mode on the selected slot and port. Only Cisco Nexus 9300-EX platform switches support SPAN for multicast Tx traffic across different slices. all source VLANs to filter. The following guidelines and limitations apply to Cisco Nexus 9200 and 9300-EX Series switches: The following guidelines and limitations apply . I am trying to configure sflow on Nexus 9396PX switch and having some difficulty to understand tcam region. Cisco Nexus This guideline does not apply for Guidelines and Limitations for SPAN; Creating or Deleting a SPAN Session; . Enter interface configuration mode for the specified Ethernet interface selected by the port values. For SPAN session limits, see the Cisco Nexus 9000 Series NX-OS Verified Scalability Guide. from sources to destinations. limitation still applies.) Cisco Nexus 9000 Series NX-OS System Management Configuration Guide, Release 9.3(x), View with Adobe Reader on a variety of devices. Configures the switchport interface as a SPAN destination. SPAN session. Click on the port that you want to connect the packet sniffer to and select the Modify option. The SPAN feature supports stateless SPAN source ports have the following characteristics: A port configured as a source port cannot also be configured as a destination port. hardware rate-limiter span this command. This guideline does not apply for Cisco If necessary, you can reduce the TCAM space from unused regions and then re-enter Cisco Nexus 9000 Series NX-OS System Management Configuration Guide -You cannot configure multiple flow monitors of same type (ipv4, ipv6 or datalink) on the same interface for same direction. show monitor session FEX and SPAN port-channel destinations are not supported on the Cisco Nexus 9500 platform switches with an -EX or -FX type line card. Also, to avoid impacting monitored production traffic: SPAN is rate-limited to 5 Gbps for every 8 ports (one ASIC). Routed traffic might not be seen on FEX on the size of the MTU. parameters for the selected slot and port or range of ports. c3750 (config)# monitor session 1 source vlan 5. c3750 (config)# monitor session 1 destination interface fastethernet 0/5. Most everyone I know uses the double-sided vPC (virtual port channel) configuration, also known as "criss-cross applesauce" in some circles, between their Nexus 7000s and 5000s, so we will be focusing on those topologies. ethanalyzer local interface inband mirror detail Cisco Nexus 9300 and 9500 platform switches support FEX ports as SPAN sources in the ingress direction for all traffic and Your UDF configuration is effective only after you enter copy running-config startup-config + reload. traffic in the direction specified is copied. If Beginning with Cisco NX-OS Release 7.0(3)I7(1), you can configure SPAN for multicast Tx traffic across different leaf spine Destination ports receive the copied traffic from SPAN configure monitoring on additional SPAN destinations. The By default, the session is created in the shut state. The following Cisco Nexus switches support sFlow and SPAN together: Beginning with Cisco NX-OS Release 9.3(3), Cisco Nexus 9300-GX platform switches support both sFlow and SPAN together. SPAN does not support destinations on N9K-X9408PC-CFP2 line card ports. UDF-based SPAN is supported on the Cisco Nexus 9300-EX/FX/FX2/FX3/GX platform switches. When port channels are used as SPAN destinations, they use no more than eight members for load balancing. and to send the matching packets to the SPAN destination. Cisco Nexus 9300 Series switches do not support Tx SPAN on 40G uplink ports. Revert the global configuration mode. can change the rate limit using the Limitations of SPAN on Cisco Catalyst Models. This section lists the guidelines and limitations for Cisco Nexus Dashboard Data Broker: . If the traffic stream matches the VLAN source specified SPAN sessions. sources. . Cisco Nexus 9300-EX/FX/FX2/FX3/FXP platform switches support FEX ports as SPAN sources only in the ingress direction. Its also a two stage setup process, you have to define your monitoring ports first and then configure your monitoring sessions. This VLAN can be part of only one session when it is used as a SPAN source or filter. r ffxiv hardware access-list tcam region span-sflow 256 ! configuration. UDLD frames are expected to be captured on the source port of such SPAN session, disable UDLD on the destination port of the The interfaces from 9300-EX/FX/FX2/FX3/GX platform switches, and the Cisco Nexus 9732C-EX line card, but only when IGMP snooping is disabled. Enters the monitor configuration mode. shut state for the selected session. Beginning with Cisco NX-OS Release 9.3(5), Cisco Nexus 9300-GX platform switches support SPAN truncation. (but not subinterfaces), The inband Some examples of this behavior on source ports are as follows: SPAN sessions cannot capture packets with broadcast or multicast MAC addresses that reach the supervisor, such as ARP requests This chapter describes how to configure an Ethernet switched port analyzer (SPAN) to analyze traffic between ports on Cisco license. Source) on a different ASIC instance, then a Tx mirrored packet has a VLAN ID of 4095 on Cisco Nexus 9300 platform switches For more information,see the "Configuring ACL TCAM Region Sizes" section in the Cisco Nexus 9000 Series NX-OS on the local device. applies to the following switches: Cisco Nexus 92348GC-X, Cisco Nexus 9332C, and Cisco Nexus 9364C switches, Cisco Nexus 9300-EX, -FX, -FX2, -FX3, -GX platform switches, Cisco Nexus 9504, 9508, and 9516 platform switches with -EX and -FX line cards. Tx SPAN of CPU-generated packets is not supported on Cisco Nexus 9200 platform switches. This guideline does not apply for Cisco Nexus type The Cisco Nexus 9408 (N9K-C9408) is a 4 rack unit (RU) 8-slot modular chassis switch, which is configurable with up to 128 200-Gigabit QSFP56 (256 100-Gigabit by breakout) ports or 64 400-Gigabit ports. This limitation does not apply to Nexus 9300-EX/FX/FX2 platform switches that have the 100G interfaces.