Buy or Renew
Buy or Renew
Cisco + Splunk: It’s a new day for your data. Learn more.
 
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
2327
Views
5
Helpful
5
Replies

how to configure span ports in SDA/DNAC environment

nancyrawls
Level 1
Level 1

‎08-12-2021 12:23 PM

How do you configure a span port on an SDA router?  C9500

Thanks.

Labels:
0 Helpful
5 Replies 5

jalejand
Cisco Employee
Cisco Employee

‎08-13-2021 11:32 AM

What kind of SPAN?

SPAN (mirror a port and send the traffic to another port directly connected to the switch):

monitor session 1 
   source interface x/x both
   destination interface x/x encapsulation-replicate 

RSPAN (mirror a port and send the traffic on a VLAN instead): Rarely used in SDA as there are no trunks to work with

 

ERSPAN (mirror a port and send the traffic to a remote device, encapsulating the traffic on an IP /GRE tunnel):

ip access-list extended RTP

10 permit udp any any eq 1234 

monitor session 10 type erspan-source

 description RTP_Test     -

 source interface/vlan/etc

  filter ip access-group RTP   ----- ACL to only replicate relevant traffic

 destination

  erspan-id 100  

   mtu 9000 ----- Set by default

   ip address 192.168.32.11   ------- Remote recording / capture server

   origin ip address 172.19.1.72 --- Loopback 0 IP from the fabric node
   no shut

 

 

None of these can be yet automated by DNAC; the traffic copy feature can only support router platforms as per the time of this writting

Mike.Cifelli
VIP Alumni
VIP Alumni
In response to jalejand

‎02-01-2022 05:16 AM

@jalejand Does SDA support ERSPAN session across the fabric between two ENs? I have conducted several tests, but not getting expected results.  My test case platform info: Both ENs are C9300-48UXM running 17.03.04

0 Helpful

nancyrawls
Level 1
Level 1

‎08-16-2021 10:18 AM

Running DNAC 1.3.3.6 and don't have the service.

0 Helpful

markus.forrer
Level 4
Level 4
In response to nancyrawls

‎02-03-2022 12:13 PM

I think you have to go for a upgrade of your DNAC.

 

At least DNAC Version 2.2.3.4 brings the following support.

You can configure Switched Port Analyzer (SPAN) and Encapsulated Remote Switched Port Analyzer (ERSPAN) sessions on switches to share IP traffic for application assurance and endpoint analytics.

0 Helpful
Customers Also Viewed These Support Documents