From: Carlos (cchorao@xtra.co.nz)
Date: Mon Dec 09 2002 - 06:02:55 GMT-3
Hi ,
Of the suggestions and comment made so for to the original question none of
the suggestions have considered using RSPAN combined with Vlan maps.
My thoughts and rationale are as follows :
1. Lets assume that the intent of original question is to somehow configure
the switch to monitor only IP ( as opposed to filtering by packet
analyzer).If this is so then ideally want to filter at the source.
2.Reasons why SPAN wont work
- Span mirrors all received and/or sent traffic on the source port to
the destination port;
- Span mirror the source port before acl's, vlan maps,qos,pbr or any
other features that may be configured on the source port and cause he
packet to be dropped;
These 2 points are clearly explained in chapter 23 to the 3550 config
guide
3. Reasons why RSPAN may work
- Rspan does not support layer 2 protocols
- You can apply Vlan maps to the Rspan.
On the basis of the above one approach at solving the original problem would
be to
- Configure Rspan on the switch
- Configure a vlan map to only permit IP traffic onto the Rspan Vlan
- Direct the output from the rspan vlan to the output interface
Chapter 23 and 27 of the 3550 config guide rel 12.1(12c) cover these
features well.
My suggestion seems so radically different to what has been suggested so far
that I would appreciate some feedback on where my reasoning/interpretation
may be wrong.
Carlos
Telecom New Zealand - Advanced Solutions
----- Original Message -----
From: "CCOnlineLabs.com" <tschaffran@cconlinelabs.com>
To: "'Karl Young'" <kaelwyoung@netscape.net>; "'"Chuck Church"'"
<cchurch@optonline.net>; "'"Massimiliano Tognon"'" <mtognon@tecnonetspa.it>;
<ccielab@groupstudy.com>
Sent: Monday, December 09, 2002 4:47 AM
Subject: RE: question about 3550
> I concur. You might be reading too deep into the question.
>
>
> Tony Schaffran
> CCOnlineLabs.com
> http://www.cconlinelabs.com
>
>
>
> -----Original Message-----
> From: nobody@groupstudy.com [mailto:nobody@groupstudy.com] On Behalf Of
> Karl Young
> Sent: Saturday, December 07, 2002 11:44 AM
> To: "Chuck Church"; "Massimiliano Tognon"; ccielab@groupstudy.com
> Subject: Re: question about 3550
>
> Chuck,
> It seems that all they ask is for you to Mirror one port to a
> second port period.You can then use the Protocol Analyzer to monitor IP
> only traffic on the mirrored port .
> Karl
>
> Viz:
>
> http://www.cisco.com/en/US/products/hw/switches/ps646/products_configura
> tion_guide_chapter09186a008007f3d5.html#14293
>
> __________________________________________________________________
> The NEW Netscape 7.0 browser is now available. Upgrade now!
> http://channels.netscape.com/ns/browsers/download.jsp
>
> Get your own FREE, personal Netscape Mail account today at
> http://webmail.netscape.com/
> .
> .
.
This archive was generated by hypermail 2.1.4 : Fri Jan 17 2003 - 17:21:41 GMT-3