Untitled document

CCIE Routing & Switching v5 Workbook -

CCIE R&S v5 Advanced Technology Labs -

LAN Switching

SPAN

You must load the initial configuration files for the section, LAN

Switching Initial Spanning Tree, which can be found in

CCIE R&S v5 Topology Diagrams & Initial Configurations

. Reference

the Virtual Routers & Physical Switches Diagram to complete this

task.

Task

Configure SW1 so that all traffic transiting VLAN 146 is redirected to a host located

on port Fa0/24.

Configure SW4 so that all interface Fa0/8 traffic is redirected to a host located on

port Fa0/24.

Untagged inbound traffic from the host on port Fa0/24 should be placed into

VLAN 146.

Configuration

SW1:

monitor session 1 source vlan 146

monitor session 1 destination interface FastEthernet0/24

SW4:

monitor session 1 source interface FastEthernet0/8

monitor session 1 destination interface FastEthernet0/24 ingress vlan 146

Verification

The Switchport Analyzer (SPAN) feature is used to redirect traffic from a port or

VLAN onto another port for analysis by devices such as a packet sniffer or Intrusion

Prevention Sensor (IPS). There are three variations of SPAN: Local SPAN (or just

SPAN), Remote SPAN (or RSPAN), and Encapsulated Remote SPAN (or

ERSPAN). ERSPAN is only supported on high-end platforms, such as the Cisco

6500/7600 or Nexus 7000. Instead of having the destination of the SPAN be a local

port (SPAN) or a VLAN (SPAN), ERSPAN can send the traffic to be analyzed over a

Layer 3 network using GRE encapsulation.

With Local SPAN, as shown in this design, traffic coming from or going to a

particular port is redirected to another local port. The source of traffic can also be a

VLAN, as shown on SW1. Normally when the SPAN feature is configured, the

switch drops all traffic coming back in from the SPAN destination port. The

ingress

keyword tells the switch to accept inbound traffic from a SPAN destination port and

assign the traffic to a particular VLAN.

SW1#show monitor session 1

Session 1

---------

Type: Local Session

Source VLANs:Both: 146

Destination Ports

: Fa0/24

Encapsulation

: NativeIngress: Disabled

!SW4#show monitor session 1

Session 1

---------

Type: Local Session

Source Ports:Both: Fa0/8

Destination Ports

: Fa0/24

Encapsulation

: NativeIngress: Enabled, default VLAN = 146

Ingress encap : Untagged