- Device Manager Help
- Configuring Cisco DCNM-SAN Server
- Configuring Authentication in Cisco DCNM-SAN
- Configuring Cisco DCNM-SAN Client
- Device Manager
- Configuring Performance Manager
- Configuring High Availability
- Configuring Trunking
- Configuring PortChannels
- Configuring N Port Virtualization
- Configuring Interfaces
- Configuration of Fibre Channel Interfaces
- Using the CFS Infrastructure
- Configuring SNMP
- Configuring Domain Parameters
- Configuring and Managing Zones
- Configuring FCoE
- Configuring Dense Wavelength Division Multiplexing
- Configuring and Managing VSANs
- Discovering SCSI Targets
- Configuring SAN Device Virtualization
- Configuring Fibre Channel Routing Services and Protocols
- Managing FLOGI, Name Server, FDMI, and RSCN Databases
- Configuring FICON
- Creating Dynamic VSANs
- Distributing Device Alias Services
- Configuring Advanced Fabric Features
- Configuring Users and Common Role
- Configuring Security Features on an External AAA Server
- Configuring Certificate Authorities and Digital Certificates
- Configuring FC-SP and DHCHAP
- Configuring Cisco TrustSec Fibre Channel Link Encryption
- Configuring FIPS
- Configuring IPv4 and IPv6 Access Control Lists
- Configuring IPsec Network Security
- Configuring Port Security
- Configuring Fabric Binding
- Configuring FCIP
- Configuring the SAN Extension Tuner
- Configuring iSCSI
- Configuring IP Services
- Configuring IP Storage
- Configuring IPv4 for Gigabit Ethernet Interfaces
- Configuring IPv6 for Gigabit Ethernet Interfaces
- Configuring SCSI Flow Services
- Configuring SCSI Flow Statistics
- Configuring Fibre Channel Write Acceleration
- Monitoring the Network
- Monitoring Performance
- Configuring Call Home
- Configuring System Message Logging
- Scheduling Maintenance Jobs
- Configuring RMON
- Configuring Fabric Configuration Server
- Monitoring Network Traffic Using SPAN
- Monitoring System Processes and Logs
- Configuring QoS
- Configuring Port Tracking
- Configuring FlexAttach Virtual pWWN
- Configuring Interface Buffers
- Verifying Ethernet Interfaces
- Information About SPAN
- SPAN Sources
- IPS Source Ports
- Allowed Source Interface Types
- VSAN as a Source
- SPAN Sessions
- Specifying Filters
- SD Port Characteristics
- SPAN Conversion Behavior
- Monitoring Traffic Using Fibre Channel Analyzers
- Single SD Port to Monitor Traffic
- SD Port Configuration
- Mapping the FC Tunnel
- Creating VSAN Interfaces
- Remote SPAN
- Advantages of Using RSPAN
- FC and RSPAN Tunnels
- ST Port Configuration
- ST Port Characteristics
- Creating Explicit Paths
- Guidelines and Limitations
- Default SPAN and RSPAN Settings
- Configuring SPAN
- Configuring SD Ports for SPAN
- Configuring SPAN max-queued-packets
- Creating SPAN Sessions
- Configuring SPAN for Generation 2 Fabric Switches
- Editing SPAN Sources
- Suspending and Reactivating SPAN Sessions
- Deleting SPAN Sessions
- Encapsulating Frames
- Configuring Fibre Channel Analyzers Using SPAN
- Configuring Single SD Port to Monitor Traffic
- Configuring RSPAN
- Configuring the Source Switch
- Configuring All Intermediate Switches
- Configuring the Destination Switch
- Verifying SPAN Configuration
- Configuration Examples for RSPAN
Monitoring Network Traffic Using SPAN
This chapter describes the Switched Port Analyzer (SPAN) features provided in switches in the Cisco MDS 9000 Family.
Information About SPAN
The SPAN feature is specific to switches in the Cisco MDS 9000 Family. It monitors network traffic through a Fibre Channel interface. Traffic through any Fibre Channel interface can be replicated to a special port called the SPAN destination port (SD port). Any Fibre Channel port in a switch can be configured as an SD port. Once an interface is in SD port mode, it cannot be used for normal data traffic. You can attach a Fibre Channel Analyzer to the SD port to monitor SPAN traffic.
SD ports do not receive frames, they only transmit a copy of the SPAN source traffic. The SPAN feature is nonintrusive and does not affect switching of network traffic for any SPAN source ports (see Figure 55-1).
This section covers the following topics:
- SPAN Sources
- IPS Source Ports
- Allowed Source Interface Types
- VSAN as a Source
- SPAN Sessions
- Specifying Filters
- SD Port Characteristics
- SPAN Conversion Behavior
- Monitoring Traffic Using Fibre Channel Analyzers
- Monitoring Without SPAN
- Monitoring with SPAN
- Single SD Port to Monitor Traffic
- SD Port Configuration
- Mapping the FC Tunnel
- Creating VSAN Interfaces
- Remote SPAN
- Advantages of Using RSPAN
- FC and RSPAN Tunnels
- ST Port Configuration
- ST Port Characteristics
- Creating Explicit Paths
SPAN Sources
SPAN sources refer to the interfaces from which traffic can be monitored. You can also specify VSAN as a SPAN source, in which case, all supported interfaces in the specified VSAN are included as SPAN sources. When a VSAN as a source is specified, then all physical ports and PortChannels in that VSAN are included as SPAN sources. You can choose the SPAN traffic in the ingress direction, the egress direction, or both directions for any source interface:
- Ingress source (Rx)—Traffic entering the switch fabric through this source interface is spanned or copied to the SD port (see Figure 55-2).
Figure 55-2 SPAN Traffic from the Ingress Direction
- Egress source (Tx)—Traffic exiting the switch fabric through this source interface is spanned or copied to the SD port (see Figure 55-3).
Figure 55-3 SPAN Traffic from Egress Direction
IPS Source Ports
SPAN capabilities are available on the IP Storage Services (IPS) module. The SPAN feature is only implemented on the FCIP and iSCSI virtual Fibre Channel port interfaces, not the physical Gigabit Ethernet ports. You can configure SPAN for ingress traffic, egress traffic, or traffic in both directions for all eight iSCSI and 24 FCIP interfaces that are available in the IPS module.
Note You can configure SPAN for Ethernet traffic using Cisco switches or routers connected to the Cisco MDS 9000 Family IPS modules.
Allowed Source Interface Types
The SPAN feature is available for the following interface types:
- Physical ports such as F ports, FL ports, TE ports, E ports, and TL ports.
- Interface sup-fc0 (traffic to and from the supervisor):
– The Fibre Channel traffic from the supervisor module to the switch fabric through the sup-fc0 interface is called ingress traffic. It is spanned when sup-fc0 is chosen as an ingress source port.
– The Fibre Channel traffic from the switch fabric to the supervisor module through the sup-fc0 interface is called egress traffic. It is spanned when sup-fc0 is chosen as an egress source port.
– All ports in the PortChannel are included and spanned as sources.
– You cannot specify individual ports in a PortChannel as SPAN sources. Previously configured SPAN-specific interface information is discarded.
VSAN as a Source
SPAN sources refer to the interfaces from which traffic can be monitored. When a VSAN as a source is specified, then all physical ports and PortChannels in that VSAN are included as SPAN sources. A TE port is included only when the port VSAN of the TE port matches the source VSAN. A TE port is excluded even if the configured allowed VSAN list may have the source VSAN, but the port VSAN is different.
You cannot configure source interfaces (physical interfaces, PortChannels, or sup-fc interfaces) and source VSANs in the same SPAN session.
SPAN Sessions
Each SPAN session represents an association of one destination with a set of source(s) along with various other parameters that you specify to monitor the network traffic. One destination can be used by one or more SPAN sessions. You can configure up to 16 SPAN sessions in a switch. Each session can have several source ports and one destination port.
To activate any SPAN session, at least one source and the SD port must be up and functioning. Otherwise, traffic is not directed to the SD port.
Tip A source can be shared by two sessions, however, each session must be in a different direction—one ingress and one egress.
You can temporarily deactivate (suspend) any SPAN session. The traffic monitoring is stopped during this time.
Specifying Filters
You can perform VSAN-based filtering to selectively monitor network traffic on specified VSANs. You can apply this VSAN filter to all sources in a session (see Figure 55-14). Only VSANs present in the filter are spanned.
You can specify session VSAN filters that are applied to all sources in the specified session. These filters are bidirectional and apply to all sources configured in the session. Each SPAN session represents an association of one destination with a set of source(s) along with various other parameters that you specify to monitor the network traffic.
SD Port Characteristics
An SD port has the following characteristics:
- Ignores BB_credits.
- Allows data traffic only in the egress (Tx) direction.
- Does not require a device or an analyzer to be physically connected.
- Supports only 1 Gbps or 2 Gbps speeds. The auto speed option is not allowed.
- Multiple sessions can share the same destination ports.
- If the SD port is shut down, all shared sessions stop generating SPAN traffic.
- The outgoing frames can be encapsulated in Extended Inter-Switch Link (EISL) format.
- The SD port does not have a port VSAN.
- SD ports cannot be configured using Storage Services Modules (SSMs).
- The port mode cannot be changed if it is being used for a SPAN session.
Note If you need to change an SD port mode to another port mode, first remove the SD port from all sessions and then change the port mode using the switchport mode command.
SPAN Conversion Behavior
SPAN features (configured in any prior release) are converted as follows:
- If source interfaces and source VSANs are configured in a given session, then all the source VSANs are removed from that session.
For example, before Cisco MDS SAN-OS Release 1.0(4):
Once upgraded to Cisco MDS SAN-OS Release 1.1(1):
Session 1 had both source interfaces and source VSANs before the upgrade. After the upgrade, the source VSANs were removed (rule 1).
- If interface level VSAN filters are configured in source interfaces, then the source interfaces are also removed from the session. If this interface is configured in both directions, it is removed from both directions.
For example, before Cisco MDS SAN-OS Release 1.0(4):
Once upgraded to Cisco MDS SAN-OS Release 1.1(1):
Note The deprecated configurations are removed from persistent memory once a switchover or a new startup configuration is implemented.
Session 2 had a source VSAN 12 and a source interface fc1/6 with VSAN filters specified in Cisco MDS SAN-OS Release 1.0(4). When upgraded to Cisco MDS SAN-OS Release 1.1(1) the following changes are made:
– The source VSAN (VSAN 12) is removed (rule 1).
– The source interface fc1/6 had VSAN filters specified—it is also removed (rule 2).
Monitoring Traffic Using Fibre Channel Analyzers
You can use SPAN to monitor traffic on an interface without any traffic disruption. This feature is especially useful in troubleshooting scenarios in which traffic disruption changes the problem environment and makes it difficult to reproduce the problem. You can monitor traffic in either of the following two ways:
Monitoring Without SPAN
You can monitor traffic using interface fc1/1 in a Cisco MDS 9000 Family switch that is connected to another switch or host. You need to physically connect a Fibre Channel analyzer between the switch and the storage device to analyze the traffic through interface fc1/1 (see Figure 55-4).
Figure 55-4 Fibre Channel Analyzer Usage Without SPAN
This type of connection has the following limitations:
- It requires you to physically insert the FC analyzer between the two network devices.
- It disrupts traffic when the Fibre Channel analyzer is physically connected.
- The analyzer captures data only on the Rx links in both port 1 and port 2. Port 1 captures traffic exiting interface fc1/1 and port 2 captures ingress traffic into interface fc1/1.
Monitoring with SPAN
Using SPAN you can capture the same traffic scenario (see Figure 55-4) without any traffic disruption. The Fibre Channel analyzer uses the ingress (Rx) link at port 1 to capture all the frames going out of the interface fc1/1. It uses the ingress link at port 2 to capture all the ingress traffic on interface fc1/1.
Using SPAN you can monitor ingress traffic on fc1/1 at SD port fc2/2 and egress traffic on SD port fc2/1. This traffic is seamlessly captured by the FC analyzer (see Figure 55-5).
Figure 55-5 Fibre Channel Analyzer Using SPAN
Single SD Port to Monitor Traffic
You do not need to use two SD ports to monitor bidirectional traffic on any interface (see Figure 55-5). You can use one SD port and one FC analyzer port by monitoring traffic on the interface at the same SD port fc2/1.
Figure 55-6 shows a SPAN setup where one session with destination port fc2/1 and source interface fc1/1 is used to capture traffic in both ingress and egress directions. This setup is more advantageous and cost effective than the setup shown in Figure 55-5. It uses one SD port and one port on the analyzer, instead of using a full, two-port analyzer.
Figure 55-6 Fibre Channel Analyzer Using a Single SD Port
To use this setup, the analyzer should have the capability of distinguishing ingress and egress traffic for all captured frames.
SD Port Configuration
The SD port in the destination switch enables the FC analyzer to receive the RSPAN traffic from the Fibre Channel tunnel. Figure 55-7 depicts an RSPAN tunnel configuration, now that tunnel destination is also configured.
Figure 55-7 RSPAN Tunnel Configuration
Note SD ports cannot be configured using Storage Services Modules (SSMs).
Mapping the FC Tunnel
The tunnel-id-map option specifies the egress interface of the tunnel at the destination switch (see Figure 55-8).
Figure 55-8 FC Tunnel Configuration
Creating VSAN Interfaces
Figure 55-9 depicts a basic FC tunnel configuration.
Figure 55-9 FC Tunnel Configuration
Note This example assumes that VSAN 5 is already configured in the VSAN database.
Remote SPAN
Note Remote SPAN is not supported on the Cisco Fabric Switch for HP c-Class BladeSystem and the Cisco Fabric Switch for IBM BladeSystem.
The Remote SPAN (RSPAN) feature enables you to remotely monitor traffic for one or more SPAN sources distributed in one or more source switches in a Fibre Channel fabric. The SPAN destination (SD) port is used for remote monitoring in a destination switch. A destination switch is usually different from the source switch(es) but is attached to the same Fibre Channel fabric. You can replicate and monitor traffic in any remote Cisco MDS 9000 Family switch or director, just as you would monitor traffic in a Cisco MDS source switch.
The RSPAN feature is nonintrusive and does not affect network traffic switching for those SPAN source ports. Traffic captured on the remote switch is tunneled across a Fibre Channel fabric which has trunking enabled on all switches in the path from the source switch to the destination switch. The Fibre Channel tunnel is structured using trunked ISL (TE) ports. In addition to TE ports, the RSPAN feature uses two other interface types (see Figure 55-10):
- SD ports—A passive port from which remote SPAN traffic can be obtained by the FC analyzer.
- ST ports—A SPAN tunnel (ST) port is an entry point port in the source switch for the RSPAN Fibre Channel tunnel. ST ports are special RSPAN ports and cannot be used for normal Fibre Channel traffic.
Figure 55-10 RSPAN Transmission
Advantages of Using RSPAN
The RSPAN features has the following advantages:
- Enables nondisruptive traffic monitoring at a remote location.
- Provides a cost effective solution by using one SD port to monitor remote traffic on multiple switches.
- Works with any Fibre Channel analyzer.
- Is compatible with the Cisco MDS 9000 Port Analyzer adapters.
- Does not affect traffic in the source switch, but shares the ISL bandwidth with other ports in the fabric.
FC and RSPAN Tunnels
An FC tunnel is a logical data path between a source switch and a destination switch. The FC tunnel originates from the source switch and terminates at the remotely located destination switch.
RSPAN uses a special Fibre Channel tunnel (FC tunnel) that originates at the ST port in the source switch and terminates at the SD port in the destination switch. You must bind the FC tunnel to an ST port in the source switch and map the same FC tunnel to an SD port in the destination switch. Once the mapping and binding is configured, the FC tunnel is referred to as an RSPAN tunnel (see Figure 55-11).
Figure 55-11 FC and RSPAN Tunnel
ST Port Configuration
Once the FC tunnel is created, be sure to configure the ST port to bind it to the FC tunnel at the source switch. The FC tunnel becomes an RSPAN tunnel once the binding and mapping is complete.
Figure 55-12 depicts a basic FC tunnel configuration.
Figure 55-12 Binding the FC Tunnel
Creating Explicit Paths
You can specify an explicit path through the Cisco MDS Fibre Channel fabric (source-based routing), using the explicit-path option. For example, if you have multiple paths to a tunnel destination, you can use this option to specify the FC tunnel to always take one path to the destination switch. The software then uses this specified path even if other paths are available.
This option is especially useful if you prefer to direct the traffic through a certain path although other paths are available. In an RSPAN situation, you can specify the explicit path so the RSPAN traffic does not interfere with the existing user traffic. You can create any number of explicit paths in a switch (see Figure 55-13).
Figure 55-13 Explicit Path Configuration
Guidelines and Limitations
SPAN Configuration Guidelines
The following guidelines and limitations apply for SPAN configurations:
- You can configure up to 16 SPAN sessions with multiple ingress (Rx) sources.
- You can configure a maximum of three SPAN sessions with one egress (Tx) port.
- In a 32-port switching module, you must configure the same session in all four ports in one port group (unit). If you wish, you can also configure only two or three ports in this unit.
- SPAN frames are dropped if the sum of the bandwidth of the sources exceeds the speed of the destination port.
- Frames dropped by a source port are not spanned.
- SPAN does not capture pause frames in a Fibre Channel over Ethernet (FCoE) network because pause frames sent from the virtual expansion (VE) port are generated and terminated by the outermost MAC layer. For more information on FCoE, see the Cisco NX-OS FCoE Configuration Guide for Cisco Nexus 7000 and Cisco MDS 9500.
Guidelines to Configure VSANs as a Source
The following guidelines apply when configuring VSANs as a source:
- Traffic on all interfaces included in a source VSAN is spanned only in the ingress direction.
- If a VSAN is specified as a source, you cannot perform interface-level SPAN configuration on the interfaces that are included in the VSAN. Previously configured SPAN-specific interface information is discarded.
- If an interface in a VSAN is configured as a source, you cannot configure that VSAN as a source. You must first remove the existing SPAN configurations on such interfaces before configuring VSAN as a source.
- Interfaces are only included as sources when the port VSAN matches the source VSAN. Figure 55-14 displays a configuration using VSAN 2 as a source:
– All ports in the switch are in VSAN 1 except fc1/1.
– Interface fc1/1 is the TE port with port VSAN 2. VSANs 1, 2, and 3 are configured in the allowed list.
– VSAN 1 and VSAN 2 are configured as SPAN sources.
For this configuration, the following apply:
– VSAN 2 as a source includes only the TE port fc1/1 that has port VSAN 2.
Guidelines to Specifying Filters
The following guidelines apply to SPAN filters:
- PortChannel configurations are applied to all ports in the PortChannel.
- If no filters are specified, the traffic from all active VSANs for that interface is spanned by default.
- While you can specify arbitrary VSAN filters in a session, traffic can only be monitored on the port VSAN or on allowed-active VSANs in that interface.
RSPAN Configuration Guidelines
The following guidelines apply for a SPAN configuration:
- All switches in the end-to-end path of the RSPAN tunnel must belong to the Cisco MDS 9000 Family.
- All VSANs with RSPAN traffic must be enabled. If a VSAN containing RSPAN traffic is not enabled, it is dropped.
- The following configurations must be performed on each switch in the end-to-end path of the Fibre Channel tunnel in which RSPAN is to be implemented:
– Trunking must be enabled (enabled by default) and the trunk enabled link must be the lowest cost link in the path.
– VSAN interface must be configured.
– The Fibre Channel tunnel feature must be enabled (disabled by default).
– IP routing must be enabled (disabled by default).
Note If the IP address is in the same subnet as the VSAN, the VSAN interface does not have to be configured for all VSANs on which the traffic is spanned.
Default SPAN and RSPAN Settings
Table 55-1 lists the default settings for SPAN parameters.
Table 55-2 lists the default settings for RSPAN parameters.
Configuring SPAN
The SPAN feature is specific to switches in the Cisco MDS 9000 Family. It monitors network traffic through a Fibre Channel interface.
This section covers the following topics:
- Configuring SD Ports for SPAN
- Configuring SPAN max-queued-packets
- Creating SPAN Sessions
- Configuring SPAN for Generation 2 Fabric Switches
- Editing SPAN Sources
- Suspending and Reactivating SPAN Sessions
- Deleting SPAN Sessions
- Encapsulating Frames
- Configuring Fibre Channel Analyzers Using SPAN
- Configuring Single SD Port to Monitor Traffic
- Configuring RSPAN
Configuring SD Ports for SPAN
To configure an SD port for SPAN monitoring, follow these steps:
To configure a SPAN session, follow these steps:
To configure a SPAN filter, follow these steps:
Configures the source fc9/1 interface in the egress (Tx) direction. |
||
Configures the source fc7/1 interface in the ingress (Rx) direction. |
To monitor network traffic using SD ports, follow these steps:
Step 2 Attach the SD port to a specific SPAN session.
Step 3 Monitor network traffic by adding source interfaces to the session.
To configure an SD port for SPAN monitoring using Device Manager, follow these steps:
Step 1 Right-click the port you want to configure and select Configure .
You see the general port configuration dialog.
Step 2 Under Mode, choose SD .
Step 3 Click Apply to accept the change.
Configuring SPAN max-queued-packets
When a SPAN destination port is oversubscribed or has more source traffic than the speed of the destination port, the source ports of the SPAN session will reduce in their throughput. The impact is proportional to the amount of source traffic flowing in. Lowering the max-queued-packets value from the default value of 15 to 1 prevents the impact on the source ports. It is necessary to reconsider the default value for this setting as it may impact the source interface throughput.
Restrictions
- The span max-queued-packets can be changed only if no SPAN sessions are currently active on the switch.
- If you are spanning the traffic going through an FCIP interface, SPAN copies may be dropped even if the SD interface has more bandwidth than the amount of traffic being replicated. To avoid SPAN drops, set the max-queued-packets to a higher value; for example, 100.
To configure SPAN max-queued-packets for a SPAN session, follow these steps:
By default, SPAN frames are dropped if the sum of the bandwidth of the source interfaces exceed the bandwidth of the destination port. With a higher value, the SPAN traffic has a higher probability of reaching the SPAN destination port instead of being dropped at the expense of data traffic throughput.
Creating SPAN Sessions
To create SPAN sessions, follow these steps:
Step 1 Choose Interface > SPAN. You see the SPAN dialog box.
Step 2 Click the Sessions tab.
You see the Create SPAN Sessions dialog box.
Step 4 Choose the session ID (the ID range may vary depending on platform type and version) using the up or down arrows and click Create.
Step 5 Repeat Step 4 for each session you want to create.
Step 6 Enter the destination interface in the Dest Interface field for the appropriate session.
Step 7 Enter the filter VSAN list in the Filter VSAN List field for the appropriate session.
Step 8 Choose active or in active admin status in the Admin drop-down list.
Step 9 Click Apply to save your changes.
Step 10 Close the two dialog boxes.
Configuring SPAN for Generation 2 Fabric Switches
Cisco Generation 2 fabric switches (such as MDS 9124) support SPAN sessions in both directions, Rx and Tx.
Note While using Generation 2 fabric switches, you cannot create an additional active SPAN session when you already have one.
Restrictions
- You can specify multiple SPAN source interfaces in Rx and Tx directions. However, the direction should be explicitly mentioned at the end of the command. The SPAN will reject any source interface configuration that fails to mention the direction.
- You cannot mix ingress and egress interfaces in the same SPAN session. The SPAN will reject any configuration that mixes Rx ad Tx directions. However, you can specify multiple SPAN source interfaces in a single direction.
To configure for ingress SPAN sessions, follow these steps:
Examples
This example shows how to configure Cisco MDS 9124 for Multiple SPAN Interfaces
Generation 2 Fabric Switches support VSAN filters for one VSAN only in the egress direction; this restriction does not apply to the ingress direction. For example, if you have an interface that is a TE port, with an active VSAN of 1 to 5, and you specify a VSAN filter for VSAN 2, then only the traffic on VSAN 2 will be filtered.
However, if you specify the VSAN filter for VSANs 1 to 2, then traffic from all VSANs (1 to 5) is filtered, which makes the filter useless.
Editing SPAN Sources
To edit a SPAN source, follow these steps:
Step 1 Choose Interface > SPAN.
Step 3 Enter the VSAN list name in the VSAN List field.
Step 4 Click Edit Interface List.
You see the Source Interfaces dialog box.
You see the Source Interfaces Interface Sources dialog box.
Step 6 Click the browse button to display the list of available FC ports.
Step 7 Choose a port and click OK.
Step 8 Click the direction ( receive or transmit ) you want.
Step 9 Click Create to create the FC interface source.
Step 10 Click Close in each of the three open dialog boxes.
Suspending and Reactivating SPAN Sessions
You can temporarily deactivate (suspend) any SPAN session. The traffic monitoring is stopped during this time.
To temporarily suspend or reactivate a SPAN session filter, follow these steps:
Deleting SPAN Sessions
To delete a SPAN session, follow these steps:
Step 1 Choose Interface > SPAN.
Step 2 Click the Sessions tab.
Step 3 Click the SPAN session you want to delete.
Encapsulating Frames
The frame encapsulation feature is disabled by default. If you enable the encapsulation feature, all outgoing frames are encapsulated.
The
switchport encap eisl
command only applies to SD port interfaces. If encapsulation is enabled, you see a new line (
Encapsulation is eisl
) in the
show interface
SD_port_interface
command output.
To encapsulate outgoing frames (optional), follow these steps:
Configuring Fibre Channel Analyzers Using SPAN
To configure SPAN on the source and destination interfaces, follow these steps:
Configures the source interface fc1/1 in the ingress direction. |
||
Configures the source interface fc1/1 in the egress direction. |
To configure Fibre Channel Analyzers using SPAN for the example in Figure 55-5, follow these steps:
Step 1 Configure SPAN on interface fc1/1 in the ingress (Rx) direction to send traffic on SD port fc2/1 using session 1.
Step 2 Configure SPAN on interface fc1/1in the egress (Tx) direction to send traffic on SD port fc2/2 using session 2.
Step 3 Physically connect fc2/1 to port 1 on the Fibre Channel analyzer.
Step 4 Physically connect fc2/2 to port 2 on the Fibre Channel analyzer.
Configuring Single SD Port to Monitor Traffic
Configuring RSPAN
The RSPAN tunnel begins in the source switch and terminates in the destination switch. This section assumes Switch S to be the source and Switch D to be the destination.
Prerequisites
- In addition to the source and destination switches, the VSAN must also be configured in each Cisco MDS switch in the Fibre Channel fabric, if they exist.
To monitor network traffic using the RSPAN feature, follow these steps:
Step 1 Create VSAN interfaces in destination switch (Switch D) and source switch (Switch S) to facilitate the Fibre Channel tunnel (FC tunnel) creation.
Step 2 Enable the FC tunnel in each switch in the end-to-end path of the tunnel.
Step 3 Initiate the FC tunnel (in Switch S) and map the tunnel to the VSAN interface’s IP address (in Switch D) so all RSPAN traffic from the tunnel is directed to the SD port.
Step 4 Configure SD ports for SPAN monitoring in the destination switch (Switch D).
Step 5 Configure the ST port in the source switch (Switch S) and bind the ST port to the FC tunnel.
Step 6 Create an RSPAN session in the source switch (in Switch S) to monitor network traffic.
Configuring the Source Switch
This section identifies the tasks that must be performed in the source switch (Switch S):
- Creating VSAN Interfaces
- Enabling FC Tunnels
- Initiating the FC Tunnel
- Configuring All Intermediate Switches
- Configuring an RSPAN Session
Creating VSAN Interfaces
To create a VSAN interface in the source switch for the scenario in Figure 55-14, follow these steps:
Restrictions
- FC tunnels do not work over nontrunking ISLs.
- The interface cannot be operationally up until the FC tunnel mapping is configured in the destination switch.
To enable the FC tunnel feature, follow these steps:
Note Be sure to enable this feature in each switch in the end-to-end path in the fabric.
Initiating the FC Tunnel
To initiate the FC tunnel in the source switch for the scenario in Figure 55-14, follow these steps:
Restrictions
Configuring an RSPAN Session
A RSPAN session is similar to a SPAN session, with the destination interface being an RSPAN tunnel.
To configure an RSPAN session in the source switch for the scenario in Figure 55-15, follow these steps:
Configuring All Intermediate Switches
This section identifies the tasks that must be performed in all intermediate switches in the end-to-end path of the RSPAN tunnel:
Configuring VSAN Interfaces
An RSPAN tunnel configuration is terminated in the destination switch (Switch D).
Note This example assumes that VSAN 5 is already configured in the VSAN database.
To create a VSAN interface in the destination switch for the scenario in Figure 55-16, follow these steps:
Configuring the Destination Switch
This section identifies the tasks that must be performed in the destination switch (Switch D):
Restrictions
Note SD ports cannot be configured using Storage Services Modules (SSMs).
To configure an SD port for the scenario in Figure 55-16, follow these steps:
Mapping the FC Tunnel
To terminate the FC tunnel in the destination switch for the scenario in Figure 55-17, follow these steps:
Prerequisites
- The explicit path must be created in the source switch. To configure an explicit path, you must first create the path and then configure the use of any one path. If an explicit path is not configured, the minimum cost path is used by default. If an explicit path is configured and is functioning, the specified path is used.
To create an explicit path for the scenario in Figure 55-13, follow these steps:
Places you at the explicit path prompt for the path named Path 1. |
||
switchS(config-explicit-path)# next-address 10.10.10.2 strict switchS(config-explicit-path)# next-address 10.10.10.3 strict switchS(config-explicit-path)# next-address 10.10.10.4 strict |
Specifies that the next hop VSAN interface IPv4 addresses and the previous hops specified in the explicit path do not require direct connection. |
|
switchS(config-explicit-path)# next-address 10.10.10.5 strict switchS(config-explicit-path)# next-address 10.10.10.4 strict |
Specifies that the next hop VSAN interface IPv4 addresses and the previous hops specified in the explicit path do not require direct connection. |
|
switchS(config-explicit-path)# next-address 10.10.10.3 loose |
Configures a minimum cost path in which the 10.10.10.3 IPv4 address exists. Note In Figure 55-13, Path 3 is the same as Path 1—10.10.10.3 exists in Path 1. Using the loose option, you can achieve the same effect with one command instead of issuing three commands (using the strict option) in Step 3. |
To reference the explicit path, follow these steps:
This configuration explicitly specifies Path 1 to be used for the RSPAN traffic. Refer to RFC 3209 for further details on explicit paths and source-based routing.
Monitoring RSPAN Traffic
Once the session is configured, other SPAN sources for this session can also be configured as required. Figure 55-15 shows an RSPAN setup where one session with destination port fc2/1 and source interface fc1/1 is used to capture traffic in both ingress and egress directions.
Figure 55-15 Fibre Channel Analyzer Using a Single SD Port to Monitor RSPAN Traffic
To use this setup, the analyzer should have the capability of distinguishing ingress and egress traffic for all captured frames.
Verifying SPAN Configuration
To display the SPAN configuration information, perform one of the following tasks:
For detailed information about the fields in the output from these commands, refer to the Cisco MDS 9000 Family Command Reference .
This section includes the following topics:
Displaying SPAN Information
Use the show span command to display configured SPAN information. See Examples 55-1 to 55-6 .
Example 55-1 Displays SPAN Sessions in a Brief Format
Example 55-2 Displays a Specific SPAN Session in Detail
Example 55-3 Displays ALL SPAN Sessions
Example 55-4 Displays SPAN drop-counters for the SPAN Sessions
Note The show span drop-counters command displays the dropped counters. You can configure the show span max-queued-packets command only if the dropped counter value is greater than zero.
Example 55-5 Displays SPAN max-queued-packets for the SPAN Sessions
Note The default value for all the SPAN sessions is 15. The span max-queued-packets command can be issued only if the sessions are inactive.
Example 55-6 Displays an SD Port Interface with Encapsulation Enabled
Displaying RSPAN Information
Use the show commands to display configured RSPAN information. See Examples 55-7 to 55-13 .
Example 55-7 Displays ST Port Interface Information
Example 55-8 Displays Detailed Information for the ST Port Interface
Example 55-9 Displays the FC Tunnel Status
Example 55-10 Displays FC Tunnel Egress Mapping Information
Note Multiple tunnel IDs can terminate at the same interface.
Example 55-11 Displays FC Tunnel Explicit Mapping Information
Configuration Examples for RSPAN
This section covers the following topic:
Note RSPAN can be combined with the local SPAN feature so SD ports forward local SPAN traffic along with remote SPAN traffic. Various SPAN source and tunnel scenarios are described in this section.
Single Source with One RSPAN Tunnel
The source Switch S and the destination Switch D are interconnected through a Fibre Channel fabric. An RSPAN tunnel is configured as a destination interface for the SPAN session and the ST port forwards SPAN traffic through the RSPAN tunnel (see Figure 55-16).
Figure 55-16 RSPAN Scenario with One Source Switch, One Destination Switch, and One Tunnel
Single Source with Multiple RSPAN Tunnels
Figure 55-17 displays two separate RSPAN tunnels configured between Switches S and N. Each tunnel has an associated ST port in the source switch and a separate SD port in the destination switch. This configuration is useful for troubleshooting purposes.
Figure 55-17 RSPAN Scenario with One Source Switch, One Destination Switch, and Multiple Tunnels
Multiple Sources with Multiple RSPAN Tunnels
Figure 55-18 displays two separate RSPAN tunnels configured between Switches S1 and S2. Both tunnels have an associated ST port in their respective source switch and terminate in the same SD port in the destination switch.
Figure 55-18 RSPAN Scenario with Two Source Switches, a Destination Switch, and Multiple Tunnels
This configuration is useful for remote monitoring purposes. For example, the administrator may be at the destination switch and can remotely monitor the two source switches.
Feedback