Source SPAN ports are monitored for received (RX - Ingress), transmitted (TX - Egress) or bidirectional (both) traffic. The network diagram above helps us understand the terminology and implementation of SPAN. RSPAN explanation and configuration will be covered in another article.įigure 1.
RSPAN is an advanced feature that requires a special VLAN to carry the monitored traffic and is not supported by all switches. Remote SPAN ( RSPAN): When Source ports are not located on the same switch as the Destination port.This is usually the point to which a network analyser is connected. Destination (SPAN) port: A port that monitors source ports.Source (SPAN) VLAN: A VLAN whose traffic is monitored.Source (SPAN) port: A port that is monitored.Egress Traffic: Traffic that leaves the switch.Ingress Traffic: Traffic that enters the switch.The Cisco method is called Switched Port Analyser also known as SPAN. Thankfully, monitoring network traffic on Cisco Catalyst switches is a straightforward process and does not require the presence of a hub. Of course switches work on an entirely different principle and do not replicate unicast packets out of every port on the switch, but keep them isolated unless it’s a broadcast or multicast. Those interested in hub fundamentals can read our Hubs & Repeaters article. Being able to monitor your network traffic is essential when it comes to troubleshooting problems, performing a security audit or even casually checking your network for suspicious traffic.īack in the old days whenever there was a need to monitor or capture network traffic, a hub would be introduced somewhere in the network link and, thanks to the hub’s inefficient design, it would copy all packets incoming from one port out to all the rest of the ports, making it very easy to monitor network traffic.
0 kommentar(er)
