For example, a workstation connecting to port 6/9 failed. We copied the packets from this port to port 10/1, which is used as the analysis port. The LAN analyzer can be connected to port 10/1 and can be troubleshooted without interrupting and intervening in the current message flow.
c5505>(enable)set span enable
c5505>(enable)set span 6/9 10/1
Enable monitoring of port 6/9 transmit/receive traffic by port 10/1
c5505>(enable)sh span
status :enable
Admin source ort 6/9
OPer source ort 6/9
Destination ort 10/1
Direction :transmit/receive
Incoming packet :disable
c5505>(enable)
We can also listen to multiple ports through the above method. In addition, we can copy the entire VLAN packets to the destination SPAN port. at the same time
We can also obtain only sent or received messages through attributes. The prohibited entry statement indicates that the destination port is a SPAN port by default.
The message will be banned.
Example The following example only transmits frames sent from VLAN2 to the 10/1 SPAN port. Ports 11/7-9 are all located within VLAN2, so we can set 11/7-9 as the source port to achieve the same effect.
When configuring and using SPAN. We need to pay attention
1. Switches are different from hubs, and each switch port separates conflict domains. Therefore, when copying a certain port or a certain group of ports to a SPAN port, the user cannot simply listen to the line. The SPAN port only obtains frames sent from the source port to other network segments or other network segments to the source port, including broadcasting. The rules of transparent bridges can be applied here. For example, if a hub is connected to the source port, messages sent between two workstations will not be copied to the SPAN port because it does not pass through the source switch port.
2. The span port can be part of a normal vlan, but since this port cannot be added to the spanning tree, it is best not to set it like this. It should be noted that by default, this port is located in VLAN1 like other ports. To avoid loops, set the span destination port to its own VLAN.
3. When copying a port in a G-bit Ethernet module, two-way forwarded packets must be monitored. Another limitation for this module is when the source and destination SPAN ports must be in the same interface card.
4. At the same time, you should also pay attention to the catalyst5000 series switches. The FDDI module supports SPAN.
c5505>(enable)set span 2 10/1 tx
Enable monitoring of VLAN transmit traffic by port 10/1
c5505>(enable)sh span
Status :enable
Admin Source :vlan 2
oper source ort 11/7-9
Destination ort 10/1
Direction :transmit
Incoming Packet :disabled
c5505>(enable)