Buy or Renew
Buy or Renew
Cisco + Splunk: It’s a new day for your data. Learn more.
 
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
1408
Views
0
Helpful
4
Replies

How to make a cisco 3560 switch port work as receive only

Moahmed Sadek
Level 1
Level 1

‎10-04-2010 11:36 AM - edited ‎03-06-2019 01:18 PM

I have a setup that i need to capture traffic from 6 non cisco switches for a one port traffic analyzer.

(the solution of remote span and span vlan is not supported on these switches)

So my solution would be to get the traffic from the 6 switches on 6 ports on the 3560 switch.

So to prevent loops, i need to make the ports receiving the traffic from the non-cisco switched to be receive only ports.

To receive the tarffic on 6 ports ( receive only) and then span the traffic to the analyzer


Is a thing like this possible?

How I could configure a port so as not to forward any frames?

Best Regards

Mohamed Sadek

1 person had this problem
Labels:
0 Helpful
4 Replies 4

rahurao
Level 1
Level 1

‎10-04-2010 12:10 PM

Hi Md. Sadek,

I have checked the requirements which you have but we really cannot make the switch to just receive traffic and not to send it acrross. If we talk about a layer 3 or a layer 2 traffic that cannot be limited on the port itselft. I have tried thinking of many ways but didn't came across any which accomplish this.

SPAN/RSPAN is the only way byt which we can make the port to just receive/listen to the traffic but not to forward any kind of traffic.

HTH

Rahul

0 Helpful

Amit Singh
Cisco Employee
Cisco Employee

‎10-04-2010 12:13 PM

Make your toplogy a little simple in this case. Donot inter-connect all these switch
, let these switches connect back to 3560 switch as the spoke-only. Configure the SPAN and monitor all the ports. that's the only way you can make this solution work, else no receive only option.

Cheers,

0 Helpful

Moahmed Sadek
Level 1
Level 1

‎10-04-2010 11:28 PM

I appreciate all the replies, but isn't there a workaround like VACL to deny any any IP traffic,

or forcing a port to be in spanning tree blocked state.

Thanks

Mohamed

0 Helpful

rahurao
Level 1
Level 1
In response to Moahmed Sadek

‎10-05-2010 02:50 AM

Hi Sadek,

As i said i thought about VACL as an option but as we know VACLs provide access control for all packets that  are bridged within a VLAN or that are routed into or out of a VLAN.  Unlike regular Cisco IOS ACLs that are configured on router interfaces  and applied on routed packets only, VACLs apply to all packets. So we reaaly cannot distinguish the packets which are coming in and going out.

Also the spanning tree blocked ports will never get packets as they are blocked.

HTH

Rahul

0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking products for a $25 gift card