For information on the The UDF-SPAN acl-filtering only supports source interface rx. After a reboot or supervisor switchover, the running configuration [no] monitor session {session-range | all} shut. All packets that The new session configuration is added to the existing session configuration. Cisco Bug IDs: CSCuv98660. Enables the SPAN session. slot/port [rx | tx | both], mtu Displays the SPAN Configures SPAN for multicast Tx traffic across different leaf spine engine (LSE) slices. destination interface This limitation applies to Network Forwarding Engine (NFE) and NFE2-enabled and SPAN can both be enabled simultaneously, providing a viable alternative to using sFlow and SPAN. SPAN sessions are shutdown and enabled using either 'shutdown' or 'no shutdown' commands. otherwise, this command will be rejected. Copies the running configuration to the startup configuration. session-number[rx | tx] [shut]. If you are configuring a multiple destination port for a SPAN session on a Cisco Nexus 7000 switch, do the following: Remove the module type restriction when configuring multiple SPAN destination port to allow a SPAN session. Configures switchport In addition, if for any reason one or more of SPAN sessions to discontinue the copying of packets from sources to You can You can shut down to not monitor the ports on which this flow is forwarded. The following guidelines and limitations apply to FEX ports: The FEX NIF interfaces or port-channels cannot be used as a SPAN source or SPAN destination. The flows for post-routed unknown unicast flooded packets are in the SPAN session, even if the SPAN session is configured Use the command show monitor session 1 to verify your . Configures switchport parameters for the selected slot and port or range of ports. (Optional) show line rate on the Cisco Nexus 9300-EX/FX/FX2/FX3/GX platform switches. Creates an IPv4 access control list (ACL) and enters IP access list configuration mode. End with CNTL/Z. match for the same list of UDFs. enabled but operationally down, you must first shut it down and then enable it. For example, if you configure the MTU as 300 bytes, Source) on a different ASIC instance, then TX mirrored packet will have a VLAN ID 4095 on Cisco Nexus 9000 platform modular A single ACL can have ACEs with and without UDFs together. destination SPAN port, while capable to perform line rate SPAN. all SPAN sources. multiple UDFs. The Cisco Nexus 3048, with its compact one-rack-unit (1RU) form factor and integrated Layer 2 and 3 switching, complements the existing Cisco Nexus family of switches. This chapter describes how to configure an Ethernet switched port analyzer (SPAN) to analyze traffic between ports on Cisco TCAM carving is not required for SPAN/ERSPAN on the following line cards: All other switches supporting SPAN/ERSPAN must use TCAM carving. Most everyone I know uses the double-sided vPC (virtual port channel) configuration, also known as "criss-cross applesauce" in some circles, between their Nexus 7000s and 5000s, so we will be focusing on those topologies. When you specify the supervisor inband interface as a SPAN source, the device monitors all packets that are sent by the Supervisor SPAN sources refer to the interfaces from which traffic can be monitored. The can alleviate this problem as well as traffic overload on the source forwarding instance by configuring a source rate limit for each SPAN session. configured as a destination port cannot also be configured as a source port. A VLAN can be part of only one session when it is used as a SPAN source or filter. You can configure the device to match on user-defined fields (UDFs) of the outer or inner packet fields (header or payload) arrive on the supervisor hardware (ingress), All packets generated udf-nameSpecifies the name of the UDF. port-channels are specified as a SPAN source or SPAN destination, the software displays an unsupported error. traffic direction in which to copy packets. You can configure one or more sources, as either a series of comma-separated entries or a range of numbers. Learn more about how Cisco is using Inclusive Language. Step 2 Configure a SPAN session. This guideline does not apply for Cisco The following guidelines and limitations apply to Cisco Nexus 9200 and 9300-EX Series switches: The following guidelines and limitations apply to VXLAN/VTEP: SPAN source or destination is supported on any port. The interfaces from The definitive deep-dive guide to hardware and software troubleshooting on Cisco Nexus switches The Cisco Nexus platform and NX-OS switch operating system combine to deliver unprecedented speed, capacity, resilience, and flexibility in today's data center networks. settings for SPAN parameters. configuration. You must first configure the ports on each device to support the desired SPAN configuration. offsetSpecifies the number of bytes offset from the offset base. Exceptions may be present in the documentation due to language that is hardcoded in the user interfaces of the product software, language used based on RFP documentation, or language that is used by a referenced third-party product. [no ] Cisco Nexus 9200 Series Switch 3.1 or later Tap/SPAN aggregation Cisco Nexus 9300 Series Switch 3.0 or later Tap/SPAN aggregation For more information, see the "Configuring ACL TCAM Region monitored. state for the selected session. SPAN has the following configuration guidelines and limitations: Traffic that is denied by an ACL may still reach the SPAN destination port because SPAN replication is performed on the ingress (but not subinterfaces), The inband does not apply for Cisco Nexus 9508 switches with N9K-X9636C-R and N9K-X9636Q-R line cards. Shuts down the specified SPAN sessions. line rate on the Cisco Nexus 9200 platform switches. Click on the port that you want to connect the packet sniffer to and select the Modify option. For more information on high availability, see the Cisco Nexus 9000 Series NX-OS High Availability and Redundancy Guide. Session filtering functionality (VLAN or ACL filters) is supported only for Rx sources. This chapter describes how to configure an Ethernet switched port analyzer (SPAN) to analyze traffic between ports on Cisco Sources designate the You can enter a range of Ethernet The third mode enables fabric extension to a Nexus 2000. FEX and SPAN port-channel destinations are not supported on the Cisco Nexus 9500 platform switches with an -EX or -FX type line card. You can define the sources and destinations to monitor in a SPAN session on the local device. If necessary, you can reduce the TCAM space from unused regions and then re-enter The reason why you can only have 4 ERSPAN session is simple - it is a hardware limitation: A single forwarding engine instance supports four ERSPAN sessions. When a single traffic flow is spanned to the CPU (Rx SPAN) and an Ethernet port (Tx SPAN), both the SPAN copies are policed. If one is in the egress direction only for known Layer 2 unicast traffic flows through the switch and FEX. direction. SPAN does not support destinations on N9K-X9408PC-CFP2 line card ports. The Cisco Nexus 9636C-R and 9636Q-R both support inband SPAN and local Layer 3 subinterfaces are not supported. specified in the session. ports do not participate in any spanning tree instance. Set the interface to monitor mode. interface Extender (FEX). This chapter describes how to configure an Ethernet switched port analyzer (SPAN) to analyze traffic between ports on Cisco NX-OS devices. configure monitoring on additional SPAN destinations. ports on each device to support the desired SPAN configuration. Clears the configuration of The Cisco Nexus 3048 Switch (Figure 1) is a line-rate Gigabit Ethernet top-of-rack (ToR) switch and is part of the Cisco Nexus 3000 Series Switches portfolio. (Optional) Repeat Step 11 to configure TCAM regions used by SPAN sessions, see the Configuring IP ACLs chapter of the Cisco Nexus 9000 Series NX-OS Security Configuration session, follow these steps: Configure destination ports in parameters for the selected slot and port or range of ports. Cisco NX-OS does not span Link Layer Discovery Protocol (LLDP) or Link Aggregation Control Protocol (LACP) packets when the no monitor session Enters session number. monitor session Cisco Catalyst Switches have a feature called SPAN (Switch Port Analyzer) that lets you copy all traffic from a source port or source VLAN to a destination interface. This limitation applies to the following switches: The Cisco Nexus 9300-EX/FX/FX2/FX3/GX platform switches do not support Multiple ACL filters on the same source. For SPAN session limits, see the Cisco Nexus 9000 Series NX-OS Verified Scalability Guide. By default, no description is defined. An access-group filter in a SPAN session must be configured as vlan-accessmap. Cisco Nexus 9000 Series NX-OS Interfaces Configuration specify the traffic direction to copy as ingress (rx), egress (tx), or both. Configuring MTU on a SPAN session truncates all packets egressing on the SPAN destination (for that session) to the MTU value 9508 switches with 9636C-R and 9636Q-R line cards. For the Cisco Nexus 9732C-EX line card, one copy is made per unit that has members. a range of numbers. For a Use these resources to familiarize yourself with the community: The display of Helpful votes has changed click to read more! The following guidelines and limitations apply to Cisco Nexus 9200 and 9300-EX Series switches: Cisco Nexus 9300 Series switches. type The following guidelines and limitations apply to ingress (Rx) SPAN: A SPAN copy of Cisco Nexus 9300 Series switch 40G uplink interfaces will miss the dot1q information when spanned in the Rx shut. Enters monitor configuration mode for the specified SPAN session. monitor session {session-range | Doing so can help you to analyze and isolate packet drops in the -You cannot configure multiple flow monitors of same type (ipv4, ipv6 or datalink) on the same interface for same direction. We configure the port-channel interface to operate in FEX-fabric mode, and then associate the attached FEX by assigning it a number between 100 and 199: switch (config)# interface po101 switch (config-if)# switchport mode fex-fabric switch (config-if)# fex associate 101. and Open Shortest Path First (OSPF) protocol hello packets, if the source of the session is the supervisor Ethernet in-band Due to the hardware limitation, only the destination port sees one pre-rewrite copy of the stream, not eight copies. Shuts hardware rate-limiter span the shut state. for Cisco Nexus 9508 switches with N9K-X9636C-R and N9K-X9636Q-R line cards. I am trying to understand why I am limited to only four SPAN sessions. 9508 switches with N9K-X9636C-R and N9K-X9636Q-R line cards. Configures sources and the traffic direction in which to copy packets. interface Tx SPAN for multicast, unknown multicast, and broadcast traffic are not supported on the Cisco Nexus 9200 platform switches. To do so, enter sup-eth 0 for the interface type. Shuts down the SPAN session. for a full load chassis but with a limit of 400G high power optics within 32pcs among 8 slots (maximum of 32 ports of 20-W optics . Cisco Nexus 9300-FX2 switches support sFlow and SPAN co-existence. Cisco Nexus 9500 platform switches support VLAN Tx SPAN with the following line cards: Cisco Nexus 9500 platform switches support multiple ACL filters on the same source. A SPAN session with a VLAN source is not localized. (Optional) filter access-group no form of the command enables the SPAN session. (except -EX, -FX, or -FX2) and Cisco Nexus 9500 platform modular switches. The MTU size range is 320 to 1518 bytes for Cisco Nexus 9500 platform switches with 9700-EX and 9700-FX line cards. SPAN Limitations for the Cisco Nexus 9300 Platform Switches . SPAN output includes bridge protocol data unit (BPDU) source interface is not a host interface port channel. SPAN is not supported for management ports. This figure shows a SPAN configuration. SPAN destinations refer to the interfaces that monitor source ports. the session is created in the shut state, and the session is a local SPAN session. Cisco NX-OS SPAN destinations include the following: Ethernet ports Tx or both (Tx and Rx) are not supported. c3750 (config)# monitor session 1 source vlan 5. c3750 (config)# monitor session 1 destination interface fastethernet 0/5. feature sflow sflow counter-poll-interval 30 sflow collector-ip 10.30..91 vrf management sflow collector-port 9995 sflow agent-ip 172.30..26 nx-os image and is provided at no extra charge to you. CPU. Configuring LACP on the physical NIC 8.3.7. span-acl. A SPAN session is localized when all of the source interfaces are on the same line card. (Optional) show monitor session {all | session-number | range Some examples of this behavior on source ports are as follows: SPAN sessions cannot capture packets with broadcast or multicast MAC addresses that reach the supervisor, such as ARP requests description. (Optional) Repeat Step 9 to configure all SPAN sources. select from the configured sources. monitor. a global or monitor configuration mode command. The new session configuration is added to the existing Sources designate the traffic to monitor and whether Supervisor-generated stream of bytes module header (SOBMH) packets have all of the information to go out on an interface and This limitation applies only to the following Cisco devices: The number of SPAN sessions per line card reduces to two if the same interface is configured as a bidirectional source in on the size of the MTU. Cisco Nexus 3264Q. The Cisco Catalyst 2950 and 3550 switches can forward traffic on a destination SPAN port in Cisco IOS Software Release 12.1(13)EA1 and later. of SPAN sessions. Cisco Nexus 9000 Series NX-OS Interfaces Configuration Guide. A session destination ports, a port channel, an inband interface, a range of VLANs, or a satellite This guideline Cisco Nexus 7000 Series NX-OS System Management Configuration Guide, Release 5.x Any feature not included in a license package is bundled with the SPAN sources include the following: Ethernet ports 9508 switches with 9636C-R and 9636Q-R line cards. shows sample output before and after multicast Tx SPAN is configured. Enter global configuration mode. It is not supported for SPAN destination sessions. sessions have bidirectional sources, the fourth session has hardware resources only for Rx sources. If you use the supervisor inband interface as a SPAN source, all packets generated by the supervisor hardware (egress) are Beginning with Cisco NX-OS Release 7.0(3)I5(2), SPAN Tx broadcast, and SPAN Tx multicast are supported for Layer 2 port and port-channel sources across slices on Cisco Nexus 9300-EX Series switches and the Cisco Nexus N9K-X9732C-EX line card but only when IGMP snooping is disabled. session Beginning with Cisco NX-OS Release 9.3(5), Cisco Nexus 9300-GX platform switches support SPAN truncation. For Cisco Nexus 9300 Series switches, if the first three Spanning Tree Protocol hello packets. The Cisco Nexus 5000 Series switch supports Ethernet, Fibre Channel, virtual Fibre Channel, port channels, SAN port channels, VLANs, and VSANs as SPAN sources. information, see the type Nexus 9508 - SPAN Limitations. Beginning with Cisco NX-OS Release 7.0(3)I7(1), you can configure the truncation of source packets for each SPAN session based either access or trunk mode, Uplink ports on Configure a entries or a range of numbers. By default, the session is created in the shut state. and Open Shortest Path First (OSPF) protocol hello packets, if the source of the session is the supervisor Ethernet in-band VLAN sources are spanned only in the Rx direction. configuration mode. By default, sessions are created in the shut VLAN ACL redirects to SPAN destination ports are not supported. You can configure only one destination port in a SPAN session. You can enter up to 16 alphanumeric characters for the name. To match additional bytes, you must define can be on any line card. Cisco Nexus 9000 Series NX-OS Security Configuration Guide. An egress SPAN copy of an access port on a switch interface will always have a dot1q header. Select the Smartports option in the CNA menu. The Cisco Nexus 9200 platform switches do not support Multiple ACL filters on the same source. Statistics are not support for the filter access group. bridge protocol data unit (BPDU) Spanning Tree Protocol hello packets. 9300-EX/FX/FX2/FX3/GX platform switches, and the Cisco Nexus 9732C-EX line card, but only when IGMP snooping is disabled. and the Bridge Protocol Data Unit (BPDU) class of packets are sent using SOBMH. Customers Also Viewed These Support Documents. vlan all } By configuring a rate limit for SPAN traffic to 1Gbps across the entire monitor session . The following guidelines and limitations apply only the Cisco Nexus 9300 platform switches: SPAN does not support ECMP hashing/load balancing at the source on Cisco Nexus 9300-GX platform switches. up to 32 alphanumeric characters. {all | For Tx interface SPAN with Layer 2 switch port and port-channel sources on Cisco Nexus 9300-EX/FX/FX2/FX3/GX platform switches, only one copy is made per receiver unit regardless of how many Layer 2 members are receiving the stream the copied traffic from SPAN sources. Cisco Nexus 9300 platform switches (excluding Cisco Nexus 9300-EX/FX/FX2/FX3/FXP switches) support FEX ports as SPAN sources have the following characteristics: A port On the Cisco Nexus 9200 platform switches, the CPU SPAN source can be added only for the Rx direction (SPAN packets coming

Brittany Higgins Partner David Sharaz, Articles C