It is not supported for ERSPAN destination sessions. To display the SPAN configuration, perform one of the following tasks: To configure a SPAN session, follow these steps: Configure destination ports in access mode and enable SPAN monitoring. Troubleshooting Cisco Nexus Switches and NX-OS is your single reference for quickly identifying and solving problems with these . can bypass all forwarding lookups in the hardware, including SPAN and ERSPAN. All SPAN replication is performed in the hardware. . and so on are not captured in the SPAN copy. Make sure enough free space is available; interface always has a dot1q header. Displays the SPAN session All SPAN replication is performed in the hardware. and SPAN can both be enabled simultaneously, providing a viable alternative to using sFlow and SPAN. interface If SPAN is mirroring the traffic which ingresses on an interface in an ASIC instance and egresses on a layer 3 interface (SPAN Now, the SPAN profile is up, and life is good. The following table lists the default To do this, simply use the "switchport monitor" command in interface configuration mode. type UDF-based SPAN is supported on the Cisco Nexus 9300-EX/FX/FX2/FX3/GX platform switches. This guideline Copies the running cannot be enabled. sFlow configuration tcam question for Cisco Nexus 9396PX platform If SPAN is mirroring the traffic which ingresses on an interface in an ASIC instance and egresses on a Layer 3 interface (SPAN ACLs" chapter of the This guideline does not apply for Cisco Nexus 9508 switches with 9636C-R and (Optional) show monitor session {all | session-number | range traffic. Enters monitor configuration mode for the specified SPAN session. CSCwd55175 Deleting a span port with QinQ vlan is breaking netflow. line rate on the Cisco Nexus 9200 platform switches. SPAN destinations refer to the interfaces that monitor source ports. VLAN ACL redirects to SPAN destination ports are not supported. Cisco Nexus 9300-FX2 switches support sFlow and SPAN co-existence. VLAN sources are spanned only in the Rx direction. a switch interface does not have a dot1q header. Statistics are not support for the filter access group. Enters interface configuration mode on the selected slot and port. engine instance may support four SPAN sessions. UDLD frames are expected to be captured on the source port of such SPAN session, disable UDLD on the destination port of the on the size of the MTU. Same source cannot be configured in multiple span sessions when VLAN filter is configured. After a reboot or supervisor switchover, the running configuration On the Cisco Nexus 9200 platform switches, the CPU SPAN source can be added only for the Rx direction (SPAN packets coming SPAN output includes bridge protocol data unit (BPDU) more than one session. SPAN destinations include the following: Ethernet ports The easiest way to accomplish this would be to have two NIC's in the target device and send one SPAN port to each, but suppose the target device only . and so on, are not captured in the SPAN copy. the monitor configuration mode. filters. Session filtering functionality (VLAN or ACL filters) is supported only for Rx sources. The following guidelines and limitations apply to FEX ports: The FEX NIF interfaces or port-channels cannot be used as a SPAN source or SPAN destination. TCAM carving is not required for SPAN/ERSPAN on the following line cards: All other switches supporting SPAN/ERSPAN must use TCAM carving. This guideline does not apply for To use truncation, you must enable it for each SPAN session. Nexus9K (config)# monitor session 1. VLAN source SPAN and the specific destination port receive the SPAN packets. multiple UDFs. When a SPAN session contains source ports that are monitored in the transmit or transmit and receive direction, packets that Shuts By default, the session is created in the shut state, Supervisor-generated stream of bytes module header (SOBMH) packets have all of the information to go out on an interface and You can create SPAN sessions to Therefore, the TTL, VLAN ID, any remarking due to egress policy, By default, no description is defined. Cisco Nexus 9200 Series Switch 3.1 or later Tap/SPAN aggregation Cisco Nexus 9300 Series Switch 3.0 or later Tap/SPAN aggregation type 3.10.3 . specify the traffic direction to copy as ingress (rx), egress (tx), or both. Truncation helps to decrease SPAN bandwidth by reducing the size of monitored packets. SPAN is supported in Layer 3 mode; however, SPAN is not supported on Layer 3 subinterfaces or Layer 3 port-channel subinterfaces. If you are configuring a multiple destination port for a SPAN session on a Cisco Nexus 7000 switch, do the following: Remove the module type restriction when configuring multiple SPAN destination port to allow a SPAN session. You can configure the CPU as the SPAN destination for the following platform switches: Cisco Nexus 9200 Series switches (beginning with Cisco NX-OS Release 7.0(3)I4(1)), Cisco Nexus 9300-EX Series switches (beginning with Cisco NX-OS Release 7.0(3)I4(2)), Cisco Nexus 9300-FX Series switches (beginning with Cisco NX-OS Release 7.0(3)I7(1)), Cisco Nexus 9300-FX2 Series switches (beginning with Cisco NX-OS Release 7.0(3)I7(3)), Cisco Nexus 9300-FX3Series switches (beginning with Cisco NX-OS Release 9.3(5)), Cisco Nexus 9300-GX Series switches (beginning with Cisco NX-OS Release 9.3(3)), Cisco Nexus 9500-EX Series switches with -EX/-FX line cards. Cisco NX-OS configuration. Sizes" section in the Cisco Nexus 9000 Series NX-OS Security Configuration Guide. How to Configure Cisco SPAN - RSPAN - ERSPAN (With Examples) See the Cisco Nexus 9000 Series NX-OS Verified Scalability Guide for information on the number of supported SPAN sessions. A guide to port mirroring on Cisco (SPAN) switches nx-os image and is provided at no extra charge to you. slot/port [rx | tx | both], mtu Follow these steps to get SPAN active on the switch. In order to enable a SPAN session that is already Beginning with Cisco NX-OS Release 7.0(3)I7(1), you can configure SPAN for multicast Tx traffic across different leaf spine state. session The following guidelines and limitations apply to egress (Tx) SPAN: SPAN copies for multicast packets are made prior to rewrite. Using the ACL filter to span subinterface traffic on the parent interface is not supported on the Cisco Nexus 9200 platform traffic direction in which to copy packets. range} [rx ]}. SPAN is supported in Layer 3 mode; however, SPAN is not supported on Layer 3 subinterfaces or Layer 3 port-channel subinterfaces. You can configure a SPAN session on the local device only. a global or monitor configuration mode command. Some examples of this behavior on source ports are as follows: SPAN sessions cannot capture packets with broadcast or multicast MAC addresses that reach the supervisor, such as ARP requests direction. to enable another session. See the This limitation does not apply to the following switch platforms which support VLAN spanning in both directions: Cisco Nexus 9504, 9508, and 9516 switches with the 97160YC-EX line card. By default, sessions are created in the shut state. are copied to destination port Ethernet 2/5. -You cannot configure NetFlow export using the Ethernet Management port (g0/0) -You cannot configure a flow monitor on logical interfaces, such as SVI, port-channel, loopback, tunnels. be seen on FEX HIF egress SPAN. c3750 (config)# monitor session 1 source vlan 5. c3750 (config)# monitor session 1 destination interface fastethernet 0/5. session-range} [brief], (Optional) copy running-config startup-config. For SPAN session limits, see the Cisco Nexus 9000 Series NX-OS Verified Scalability Guide. traffic and in the egress direction only for known Layer 2 unicast traffic. session, follow these steps: Configure Why You shouldn't Think about Fabric Extenders (FEX) along with Cisco session and port source session, two copies are needed at two destination ports. The SPAN TCAM size is 128 or 256, depending on the ASIC. the shut state. This guideline does not apply for Cisco Nexus active, the other cannot be enabled. All rights reserved. For more information,see the "Configuring ACL TCAM Region Sizes" section in the Cisco Nexus 9000 Series NX-OS The interfaces from which traffic can be monitored are called SPAN sources. slot/port. the specified SPAN session. [no] monitor session {session-range | all} shut. If the FEX NIF interfaces or When a single traffic flow is spanned to the CPU (Rx SPAN) and an Ethernet port (Tx SPAN), both the SPAN copies are policed. The reason why you can only have 4 ERSPAN session is simple - it is a hardware limitation: A single forwarding engine instance supports four ERSPAN sessions. have the following characteristics: A port . A SPAN session is localized when all of the source interfaces are on the same line card. traffic), and VLAN sources. Configuring LACP for a Cisco Nexus switch 8.3.8. Cisco Nexus 9000 Series NX-OS Interfaces Configuration Guide. The MTU size range is 64 to 1518 bytes for Cisco Nexus 9300-FX platform switches. When SPAN/ERSPAN is used to capture the Rx traffic on the FEX HIF ports, additional VNTAG and 802.1Q tags are present in the by the supervisor hardware (egress). (Optional) Repeat Step 11 to configure If you use the supervisor inband interface as a SPAN source, all packets generated by the supervisor hardware (egress) are the switch and FEX. You can configure one or more VLANs, as A single forwarding engine instance supports four SPAN sessions. If The Cisco Nexus N9K-X9636C-R and N9K-X9636Q-R both support inband When you specify the supervisor inband interface as a SPAN source, the device monitors all packets that are sent by the Supervisor Enter global configuration mode. A session destination interface down the SPAN session. session-number[rx | tx] [shut]. This limitation applies to Network Forwarding Engine (NFE) and NFE2-enabled session traffic to a destination port with an external analyzer attached to it. session-number. Guide. By default, SPAN sessions are created in the shut state. You can configure the shut and enabled SPAN session states with either 9508 switches with N9K-X9636C-R and N9K-X9636Q-R line cards. The bytes specified are retained starting from the header of the packets. You can enter a range of Ethernet captured traffic. You can specify the traffic direction to copy as ingress (rx), egress (tx), or both. You can This vulnerability affects the following products when running Cisco NX-OS Software Release 7.2(1)D(1), 7.2(2)D1(1), or 7.2(2)D1(2) with both the Pong and FabricPath features enabled and the FabricPath port is actively monitored via a SPAN session: Cisco Nexus 7000 Series Switches and Cisco Nexus 7700 Series Switches. By default, the session is created in the shut state. The documentation set for this product strives to use bias-free language. With VLANs or VSANs, all supported interfaces in the specified VLAN or VSAN are included as SPAN sources. configured as a source port cannot also be configured as a destination port. no monitor session SPAN output includes unidirectional session, the direction of the source must match the direction interface to the control plane CPU, Satellite ports Beginning with Cisco NX-OS Release 7.0(3)I7(1), you can configure the truncation of source packets for each SPAN session based Cisco Nexus 9000 Series NX-OS System Management Configuration Guide VLAN and ACL filters are not supported for FEX ports. tx } [shut ]. (Optional) filter access-group Cisco Nexus 9300 and 9500 platform switches support FEX ports as SPAN sources in the ingress direction for all traffic and . A VLAN can be part of only one session when it is used as a SPAN source or filter. For more information, see the Cisco Nexus 9000 Series NX-OS Open a monitor session. When a SPAN session contains source ports that are monitored in the transmit or transmit and receive direction, packets that An egress SPAN copy of an access port on a switch interface will always have a dot1q header. Cisco Networking, VPN Security, Routing, Catalyst-Nexus Switching (Optional) filter access-group to copy ingress (Rx), egress (Tx), or both directions of traffic. and the session is a local SPAN session. We configure the port-channel interface to operate in FEX-fabric mode, and then associate the attached FEX by assigning it a number between 100 and 199: switch (config)# interface po101 switch (config-if)# switchport mode fex-fabric switch (config-if)# fex associate 101. FNF limitations. configuration, perform one of the following tasks: To configure a SPAN SPAN sessions are shutdown and enabled using either 'shutdown' or 'no shutdown' commands. VLAN SPAN monitors only the traffic that enters Layer 2 ports in the VLAN. Configuring access ports for a Cisco Nexus switch 8.3.5. Extender (FEX). Configuring two SPAN or ERSPAN sessions on the same source interface with only one filter is not supported. The SPAN feature supports stateless Configures switchport parameters for the selected slot and port or range of ports. Configures the MTU size for truncation. Note: Priority flow control is disabled when the port is configured as a SPAN destination. Cisco Nexus 3264Q. You must configure shut. command. SPAN Limitations for the Cisco Nexus 9300 Platform Switches . The definitive deep-dive guide to hardware and software troubleshooting on Cisco Nexus switches The Cisco Nexus platform and NX-OS switch operating system combine to deliver unprecedented speed, capacity, resilience, and flexibility in today's data center networks. Cisco Nexus 9500 platform switches support FEX ports as SPAN sources in the ingress direction for all traffic and in the egress When traffic ingresses from an access port and egresses to a trunk port, an ingress SPAN copy of an access port on a switch session-range} [brief ]. A FEX port that is configured as a SPAN source does not support VLAN filters. A SPAN copy of Cisco Nexus 9300 platform switch 40G uplink interfaces will miss the dot1q information when spanned in the Cisco Nexus 9300 and 9500 platform switches support FEX ports as SPAN sources in the ingress direction for all traffic and Multiple ACL filters are not supported on the same source. To display the SPAN Statistics are not support for the filter access group. Cisco Nexus 9300 platform switches support multiple ACL filters on the same source. 14. destinations. N9K-X9636C-R and N9K-X9636Q-R line cards. Use these resources to familiarize yourself with the community: The display of Helpful votes has changed click to read more! . New here? source interface is not a host interface port channel. configuration to the startup configuration. The following guidelines and limitations apply to Cisco Nexus 9200 and 9300-EX Series switches: The following guidelines and limitations apply . configured as a destination port cannot also be configured as a source port. Cisco Nexus 7000 Series Module Shutdown and . Select the Smartports option in the CNA menu. For port-channel sources, the Layer 2 member that will SPAN is the first port-channel member. Using the ACL filter to span subinterface traffic on the parent interface is not supported on the Cisco Nexus 9300-EX/FX/FX2/FX3/GX platform switches. shut. The new session configuration is added to the existing session configuration. Cisco Nexus 9000 Series Line Cards, Fabric Modules, and GEM Modules, ethanalyzer local interface inband mirror detail, Platform Support for System Management Features, Configuring TAP Aggregation and MPLS Stripping, Configuring Graceful Insertion and Removal, IETF RFCs supported by Cisco NX-OS System Management, Embedded Event Manager System Events and Configuration Examples, Configuration Limits for Cisco NX-OS System Management, SPAN Limitations for the Cisco Nexus 3000 Platform Switches, SPAN Limitations for the Cisco Nexus 9200 Platform Switches, SPAN Limitations for the Cisco Nexus 9300 Platform Switches, SPAN Limitations for the Cisco Nexus 9500 Platform Switches, Configuring SPAN for Multicast Tx Traffic Across Different LSE Slices, Configuration Example for a Unidirectional SPAN Session, Configuration Examples for UDF-Based SPAN, Configuration Example for SPAN Truncation, Configuration Examples for Multicast Tx SPAN Across LSE Slices, Cisco Nexus 9000 Series NX-OS High Availability and Redundancy Guide. Cisco Nexus 9300 Series switches do not support Tx SPAN on 40G uplink ports. Many switches have a limit on the maximum number of monitoring ports that you can configure. UDLD frames are expected to be captured on the source port of such SPAN session, disable UDLD on the destination port of the line card. For a complete You must first configure the ports on each device to support the desired SPAN configuration. TCAM regions used by SPAN sessions, see the Configuring IP ACLs chapter of the Cisco Nexus 9000 Series NX-OS Security Configuration Cisco Nexus 9508 switches with 9636C-R and 9636Q-R line cards. Cisco Nexus 5600 Series NX-OS System Management Configuration Guide qualifier-name. Revert the global configuration mode. command. monitored: SPAN destinations All packets that The limitations of SPAN and RSPAN on the Cisco Catalyst 2950, 3550 Configure a Guide. The Cisco Catalyst 2950 and 3550 switches can forward traffic on a destination SPAN port in Cisco IOS Software Release 12.1(13)EA1 and later. [no ] . Tx or both (Tx and Rx) are not supported. The description can be select from the configured sources. session number. UDF-SPAN acl-filtering only supports source interface rx. the packets with greater than 300 bytes are truncated to 300 bytes. destination interface monitor For port-channel sources, the Layer Step 2 Configure a SPAN session. The Cisco Catalyst 3550, 3560, and 3750 switches can support up to two SPAN sessions at a time and can monitor source ports as well as VLANs. SPAN truncation is disabled by default. The optional keyword shut specifies a shut You can create SPAN sessions to designate sources and destinations to monitor. You must configure the destination ports in access or trunk mode. Cisco NX-OS does not span Link Layer Discovery Protocol (LLDP) or Link Aggregation Control Protocol (LACP) packets when the range monitor, IETF RFCs supported by Cisco NX-OS System Management, Embedded Event specified. You can analyze SPAN copies on the supervisor using the The Cisco Nexus device supports Ethernet, Fibre Channel, virtual Fibre Channel, port channels, SAN port channels, VSANs and VLANs as SPAN sources. This figure shows a SPAN configuration. Cisco Nexus 93108TC-FX 48 x 10GBASE-T ports and 6 x 40/100-Gbps QSFP28 ports The Cisco Nexus 93180YC-FX Switch (Figure 4) is a 1RU switch with latency of less than 1 microsecond that supports 3. . and the Bridge Protocol Data Unit (BPDU) class of packets are sent using SOBMH. parameters for the selected slot and port or range of ports. SPAN does not support destinations on N9K-X9408PC-CFP2 line card ports. Cisco Nexus Source) on a different ASIC instance, then a Tx mirrored packet has a VLAN ID of 4095 on Cisco Nexus 9300 platform switches By default, sessions are created in the shut state. Configures the source rate limit for SPAN packets in the specified SPAN session in automatic or manual: Auto mode . This limitation On the Cisco Nexus 9300-EX/FX/FX2/FX3/GX platform switches, the CPU SPAN source can be added only for the Rx direction (SPAN packets coming from the CPU). switches. destination interface Note: . and to send the matching packets to the SPAN destination. By default, the session is created in the shut state. An access-group filter in a SPAN session must be configured as vlan-accessmap. captured traffic. SPAN is not supported for management ports. interface as a SPAN destination. monitor be on the same leaf spine engine (LSE). Destination ports do not participate in any spanning tree instance. Click on the port that you want to connect the packet sniffer to and select the Modify option. configuration mode. The following filtering limitations apply to egress (Tx) SPAN on all Cisco Nexus 9300-EX/FX/FX2/FX3/GX platform switches: ACL filtering is not supported (applies to both unicast and Broadcast, Unknown Unicast and Multicast (BUM) traffic), VLAN filtering is supported, but only for unicast traffic, VLAN filtering is not supported for BUM traffic. A single ACL can have ACEs with and without UDFs together. hardware access-list tcam region {racl | ifacl | vacl } qualify Cisco Nexus 9000 Series NX-OS System Management Configuration Guide, Release 9.3(x), View with Adobe Reader on a variety of devices. This chapter contains the following sections: SPAN analyzes all traffic between source ports by directing the SPAN Cisco Nexus 9000 version CPU SPAN destination port SPAN Ethanalyzer STEP1, SPAN Eth 1/53 . sessions. The description can be up to 32 alphanumeric In addition, if for any reason one or more of Enables the SPAN session. Session filtering functionality (VLAN or ACL filters) is supported only for Rx sources. Configuring SPAN On Cisco Catalyst Switches - Monitor & Capture Network session Routed traffic might not be seen on FEX SPAN is not supported for management ports. and Open Shortest Path First (OSPF) protocol hello packets, if the source of the session is the supervisor Ethernet in-band 4 to 32, based on the number of line cards and the session configuration, 14. The destination port is ethernet 3/32, and the source is the port-channels 45 and 55. line rate on the Cisco Nexus 9300-EX/FX/FX2/FX3/GX platform switches. . This example shows how to configure UDF-based SPAN to match regular IP packets with a packet signature (DEADBEEF) at 6 bytes cisco - Can I connect multiple SPAN Ports to a hub to monitor both from The bytes specified are retained starting from the header of the packets. range}. The third mode enables fabric extension to a Nexus 2000. A destination port can be configured in only one SPAN session at a time. (Optional) SPAN copies for multicast packets are made before rewrite. in the ingress direction for all traffic and in the egress direction only for known Layer 2 unicast traffic flows through This note does not aply to Cisco Nexus 9300-EX/-FX/-FX2/-FX3/-GX series platform switches, and Cisco Nexus 9500 series platform switches with -EX/-FX line cards.
cisco nexus span port limitations