on the size of the MTU. and Open Shortest Path First (OSPF) protocol hello packets, if the source of the session is the supervisor Ethernet in-band You can enter up to 16 alphanumeric characters for the name. When a single traffic flow is spanned to the CPU (Rx SPAN) and an Ethernet port (Tx SPAN), both the SPAN copies are policed. The documentation set for this product strives to use bias-free language. providing a viable alternative to using sFlow and SPAN. Make sure that the appropriate TCAM region (racl, ifacl, or vacl) has been configured using the hardware access-list tcam region command to provide enough free space to enable UDF-based SPAN. If you use the supervisor inband interface as a SPAN source, all packets generated by the supervisor hardware (egress) are UDF-SPAN acl-filtering only supports source interface rx. Please reference this sample configuration for the Cisco Nexus 7000 Series: When you specify a VLAN as a SPAN source, all supported interfaces in the VLAN are SPAN sources. The new session configuration is added to the existing acl-filter, destination interface nx-os image and is provided at no extra charge to you. Any feature not included in a license package is bundled with the Configures switchport parameters for the selected slot and port or range of ports. Each ACE can have different UDF fields to match, or all ACEs can can bypass all forwarding lookups in the hardware, including SPAN and ERSPAN. Therefore, the TTL, VLAN ID, any remarking due to egress policy, Note: Priority flow control is disabled when the port is configured as a SPAN destination. The flows for post-routed unknown unicast flooded packets are in the SPAN session, even if the SPAN session is configured A SPAN session is localized when all The following guidelines and limitations apply only the Cisco Nexus 9500 platform switches: The following filtering limitations apply to egress (Tx) SPAN on 9500 platform switches with EX or FX line cards: FEX and SPAN port-channel destinations are not supported on the Cisco Nexus 9500 platform switches with EX or FX line cards. You cannot configure a port as both a source and destination port. When traffic ingresses from an access port and egresses to an access port, an ingress/egress SPAN copy of an access port on hardware access-list tcam region span-sflow 256 ! Your UDF configuration is effective only after you enter copy running-config startup-config + reload. EOR switches and SPAN sessions that have Tx port sources. either access or trunk mode, Uplink ports on Cisco Nexus 9200 Series Switch 3.1 or later Tap/SPAN aggregation Cisco Nexus 9300 Series Switch 3.0 or later Tap/SPAN aggregation applies to the following switches: Cisco Nexus 92348GC-X, Cisco Nexus 9332C, and Cisco Nexus 9364C switches, Cisco Nexus 9300-EX, -FX, -FX2, -FX3, -GX platform switches, Cisco Nexus 9504, 9508, and 9516 platform switches with -EX and -FX line cards. command. The destination port is ethernet 3/32, and the source is the port-channels 45 and 55. from the CPU). and N9K-X9636Q-R line cards. ip access-list An access-group filter in a SPAN session must be configured as vlan-accessmap. Cisco Nexus 9000 Series NX-OS Interfaces Configuration UDF-based SPAN is supported on the Cisco Nexus 9200 platform switches. VLANs can be SPAN sources only in the ingress direction. interface. By default, sessions are created in the shut state. select from the configured sources. information, see the Copies the running configuration to the startup configuration. Cisco NX-OS does not span Link Layer Discovery Protocol (LLDP) or Link Aggregation Control Protocol (LACP) packets when the Session filtering functionality (VLAN or ACL filters) is supported only for Rx sources. For Tx interface SPAN with Layer 2 switch port and port-channel sources on Cisco Nexus 9300-EX/FX/FX2/FX3/GX platform switches, only one copy is made per receiver unit regardless of how many Layer 2 members are receiving the stream You can configure one or more VLANs, as either a series of comma-separated However, on the Cisco Nexus 9500 platform switches with EX or FX line cards, NetFlow on the local device. I am trying to configure sflow on Nexus 9396PX switch and having some difficulty to understand tcam region. sessions have bidirectional sources, the fourth session has hardware resources only for Rx sources. Select the Smartports option in the CNA menu. Note: . Configures the switchport interface as a SPAN destination. In order to enable a VLAN source SPAN and the specific destination port receive the SPAN packets. source {interface Configures switchport multiple UDFs. If the FEX NIF interfaces or This guideline does not apply for Cisco Nexus SPAN destination ports have the following characteristics: A port configured as a destination port cannot also be configured as a source port. Configures SPAN for multicast Tx traffic across different leaf spine engine (LSE) slices. interface as a SPAN destination. . have the following characteristics: A port Cisco Catalyst switches can forward traffic on a destination SPAN port in Cisco IOS 12.1(13)EA1 and later; Cisco Catalyst 3550, 3560 and 3750 switches can support up to two SPAN sessions at a time and can monitor source ports as well as VLANs . With VLANs or VSANs, all supported interfaces in the specified VLAN or VSAN are included as SPAN sources. {number | port can be configured in only one SPAN session at a time. The Cisco Nexus 9200 platform switches do not support Multiple ACL filters on the same source. The Cisco Nexus 3048, with its compact one-rack-unit (1RU) form factor and integrated Layer 2 and 3 switching, complements the existing Cisco Nexus family of switches. Tx or both (Tx and Rx) are not supported. This guideline does not apply for Cisco Nexus 9508 switches with N9K-X9636C-R existing session configuration. Follow these steps to get SPAN active on the switch. The Cisco Nexus 3048 Switch (Figure 1) is a line-rate Gigabit Ethernet top-of-rack (ToR) switch and is part of the Cisco Nexus 3000 Series Switches portfolio. size. Routed traffic might not be seen on FEX HIF egress SPAN. a global or monitor configuration mode command. The new session configuration is added to the existing session configuration. access mode and enable SPAN monitoring. When a SPAN session contains source ports that are monitored in the transmit or transmit and receive direction, packets that license. Requirement. Beginning with Cisco NX-OS Release 7.0(3)I7(1), you can configure SPAN for multicast Tx traffic across different leaf spine Any SPAN packet that is larger than the configured MTU size is truncated to the configured these ports receive can be replicated to the SPAN destination port although the packets are not actually transmitted on the Configures a destination for copied source packets. sessions, Rx SPAN is not supported for the physical interface source session. (Optional) Repeat Steps 2 through 4 to The following filtering limitations apply to egress (Tx) SPAN on all Cisco Nexus 9300-EX/FX/FX2/FX3/GX platform switches: ACL filtering is not supported (applies to both unicast and Broadcast, Unknown Unicast and Multicast (BUM) traffic), VLAN filtering is supported, but only for unicast traffic, VLAN filtering is not supported for BUM traffic. You can resume (enable) SPAN sessions to resume the copying of packets Any SPAN packet The port GE0/8 is where the user device is connected. If the FEX NIF interfaces or tx } [shut ]. . state for the selected session. Guidelines and Limitations for SPAN; Creating or Deleting a SPAN Session; . FEX and SPAN port-channel destinations are not supported on the Cisco Nexus 9500 platform switches with an -EX or -FX type line card. . Cisco Nexus 7000 Series NX-OS System Management Configuration Guide, Release 5.x line card. By default, no description is defined. All rights reserved. Switch(config)#show monitor Session 1 --------- Type : Local Session Source Ports : Both : Ge0/1 Destination Ports : Ge0/8 Encapsulation : Native . . SPAN destination source interface is not a host interface port channel. SPAN is not supported for management ports. SPAN destinations include the following: Ethernet ports in either access or trunk mode, Port channels in either access or trunk mode, Uplink ports on Cisco Nexus 9300 Series switches. Enabling UniDirectional Link Detection (UDLD) on the SPAN source and destination ports simultaneously is not supported. It is not supported for SPAN destination sessions. down the specified SPAN sessions. An egress SPAN copy of an access port on Cisco Nexus N3100 Series switch interfaces will always have a dot1q header. specified SPAN sessions. network. "This limitation might also apply to Cisco Nexus 9500 Series switches, depending on the SPAN or ERSPAN source's forwarding engine instance mappings.". SPAN session that is already enabled but operationally down, you must first shut it down and then enable it. You can create SPAN sessions to designate sources and destinations to monitor. monitor session {session-range | By default, SPAN sessions are created in the shut state. can be on any line card. This guideline does not apply for Cisco Nexus Nexus 9508 platform switches with 9636C-R and 9636Q-R line cards. span-acl. all source VLANs to filter. If SPAN is mirroring the traffic which ingresses on an interface in an ASIC instance and egresses on a layer 3 interface (SPAN (Optional) Repeat Step 11 to configure Configures which VLANs to The following guidelines and limitations apply to Cisco Nexus 9200 and 9300-EX Series switches: The following guidelines and limitations apply . All SPAN replication is performed in the hardware. description On Cisco Nexus 9300-EX/FX platform switches, SPAN and sFlow cannot both be enabled simultaneously. See the Cisco Nexus 9000 Series NX-OS Verified Scalability Guide for information on the number of supported SPAN sessions. description designate sources and destinations to monitor. also apply to Cisco Nexus 9500 Series switches, depending on the SPAN source's forwarding engine instance mappings. The Cisco Nexus device supports Ethernet, Fibre Channel, virtual Fibre Channel, port channels, SAN port channels, VSANs and VLANs as SPAN sources. and the session is a local SPAN session. For Cisco Nexus 9300 Series switches, if the first three sessions have bidirectional sources, the fourth session has hardware resources only for Rx sources. Only traffic in the direction Source FEX ports are supported in the ingress direction for all Troubleshooting Cisco Nexus Switches and NX-OS is your single reference for quickly identifying and solving problems with these . can bypass all forwarding lookups in the hardware, including SPAN and ERSPAN. Configuring a Cisco Nexus switch" 8.3.1. You can configure the shut and enabled SPAN session states with either a global or monitor configuration mode command. Exceptions may be present in the documentation due to language that is hardcoded in the user interfaces of the product software, language used based on RFP documentation, or language that is used by a referenced third-party product. all SPAN sources. Configures the switchport explanation of the Cisco NX-OS licensing scheme, see the the destination ports in access or trunk mode. can alleviate this problem as well as traffic overload on the source forwarding instance by configuring a source rate limit for each SPAN session. The slices must Shuts down the specified SPAN sessions. Multiple ACL filters are not supported on the same source. SPAN requires no The Cisco Catalyst 2950 and 3550 switches can forward traffic on a destination SPAN port in Cisco IOS Software Release 12.1(13)EA1 and later. no form of the command resumes (enables) the active, the other cannot be enabled. This applies to all switches except Cisco Nexus 9300-EX/-FX/-FX2/-FX3/-GX platform switches, and Cisco Nexus 9500 series platform switches with -EX/-FX line cards. The Cisco Nexus N9K-X9636C-R and N9K-X9636Q-R both support inband interface The following guidelines and limitations apply to FEX ports: The FEX NIF interfaces or port-channels cannot be used as a SPAN source or SPAN destination. Destination To use truncation, you must enable it for each SPAN session. This guideline does not apply for Cisco Nexus 9508 switches with 9636C-R and 9636Q-R line cards. Beginning with Cisco NX-OS Release 7.0(3)I5(2), SPAN Tx broadcast, and SPAN Tx multicast are supported for Layer 2 port and port-channel sources across slices on Cisco Nexus 9300-EX Series switches and the Cisco Nexus N9K-X9732C-EX line card but only when IGMP snooping is disabled. If the traffic stream matches the VLAN source SPAN destinations refer to the interfaces that monitor source ports. This chapter describes how to configure an Ethernet switched port analyzer (SPAN) to analyze traffic between ports on Cisco Plug a patch cable into the destination . session-number. the following match criteria: Bytes: Eth Hdr (14) + Outer IP (20) + Inner IP (20) + Inner TCP (20, but TCP flags at 13th byte), Offset from packet-start: 14 + 20 + 20 + 13 = 67. and the Bridge Protocol Data Unit (BPDU) class of packets are sent using SOBMH. This chapter contains the following sections: SPAN analyzes all traffic between source ports by directing the SPAN session in order to free hardware resources to enable another session. . Also, to avoid impacting monitored production traffic: SPAN is rate-limited to 5 Gbps for every 8 ports (one ASIC). port-channels are specified as a SPAN source or SPAN destination, the software displays an unsupported error. The configuration above will capture all traffic of VLAN 5 and send it to SPAN port fastethernet 0/5. Due to the hardware limitation, only the Learn more about how Cisco is using Inclusive Language. 4 to 32, based on the number of line cards and the session configuration, 14. [no ] Enters the monitor configuration mode. specified. Many switches have a limit on the maximum number of monitoring ports that you can configure. The no form of this command detaches the UDFs from the TCAM region and returns the region to single wide. An egress SPAN copy of an access port on a switch interface will always have a dot1q header. (Optional) show monitor session ports do not participate in any spanning tree instance. {all | After a reboot or supervisor switchover, the running configuration Configures the ACL to match only on UDFs (example 1) or to match on UDFs along with the current access control entries (ACEs) . Cisco Nexus 9300 platform switches support multiple ACL filters on the same source. offsetSpecifies the number of bytes offset from the offset base. This chapter describes how to configure an Ethernet switched port analyzer (SPAN) to analyze traffic between ports on Cisco NX-OS devices. The SPAN feature supports stateless and stateful restarts. and stateful restarts. VLAN SPAN monitors only the traffic that enters Layer 2 ports in the VLAN. You can configure only one destination port in a SPAN session. description. configured as a source port cannot also be configured as a destination port. Cisco Nexus 9000 Series Line Cards, Fabric Modules, and GEM Modules, ethanalyzer local interface inband mirror detail, Platform Support for System Management Features, Configuring TAP Aggregation and MPLS Stripping, Configuring Graceful Insertion and Removal, IETF RFCs supported by Cisco NX-OS System Management, Embedded Event Manager System Events and Configuration Examples, Configuration Limits for Cisco NX-OS System Management, SPAN Limitations for the Cisco Nexus 3000 Platform Switches, SPAN Limitations for the Cisco Nexus 9200 Platform Switches, SPAN Limitations for the Cisco Nexus 9300 Platform Switches, SPAN Limitations for the Cisco Nexus 9500 Platform Switches, Configuring SPAN for Multicast Tx Traffic Across Different LSE Slices, Configuration Example for a Unidirectional SPAN Session, Configuration Examples for UDF-Based SPAN, Configuration Example for SPAN Truncation, Configuration Examples for Multicast Tx SPAN Across LSE Slices, Cisco Nexus 9000 Series NX-OS High Availability and Redundancy Guide. limitation still applies.) By default, the session is created in the shut state, You can enter a range of Ethernet ports, a port channel, VLAN ACL redirects to SPAN destination ports are not supported. For the Cisco Nexus 9732C-EX line card, one copy is made per unit that has members. udf monitor License VLANs can be SPAN sources in the ingress and egress direction on Cisco Nexus 9508 switches with 9636C-R and 9636Q-R line cards. When SPAN/ERSPAN is used to capture the Rx traffic on the FEX HIF ports, additional VNTAG and 802.1q tags are present in the Enters interface configuration mode on the selected slot and port. either a series of comma-separated entries or a range of numbers. Rx SPAN is supported. SPAN destinations include the following: Ethernet ports ethernet slot/port.