Buy or Renew
Buy or Renew
NOTICE: The community will be in READ-ONLY Sept. 6 – 9 to add Umbrella release notes and announcements. Learn more.
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
538
Views
0
Helpful
3
Replies

SPAN port on 6509e

carl_townshend
Spotlight
Spotlight

‎04-12-2013 12:43 AM - edited ‎03-07-2019 12:46 PM

Hi all

I need to SPAN a port on my 6509 to a NAC server, to enable to NAC to work correctly I need to span all my client vlans, there is about 100 off them, about 2500 clients on there.

If I span all these vlans to a single port, will it cause any issues?

cheers

Carl

Labels:
0 Helpful
3 Replies 3

Steve Fuller
Level 9
Level 9

‎04-12-2013 12:57 AM

Hi,

There are a couple of things to be mindful of.

First of is the volume of traffic you're going to be sending on the link to the to the NAC server. If the total volume of traffic within the VLANs exceeds the capacity of the link, you'll get output drops on that lin and so false positives.

The other possible issue one of the capacity of the replication engine i.e., the ASIC on the I/O module that creates the packets to send on the SPAN destination port. This ASIC has some finite total replication capacity, and is the same ASIC that does packet replication for IP multicast traffic. If you have very high volumes you could see issues with packet loss on your multicast as well.

What is the speed of the link to the NAC server and the hardware (I/O module) build of the switch?

Regards

0 Helpful

carl_townshend
Spotlight
Spotlight
In response to Steve Fuller

‎04-12-2013 04:58 AM

hi, the speed of the server port is 1 gig, but it has multiple ports

the switch is a  6509e with sup 720, the card is a ws-6748ge-tx

cheers

Carl

0 Helpful

Steve Fuller
Level 9
Level 9
In response to carl_townshend

‎04-12-2013 09:08 AM

Hi Carl,

In the WS-X6748-GE-TX, the Janus Fabric ASIC is where the  replication engine is located and this is capable of multi Gbit/s replication.

So the NAC server is GE connected to the WS-X6748-GE-TX I/O module in the Catalyst 6509 and you say it has multiple interfaces. Are these all connected to the same I/O module and are you intending to SPAN to multiple GE connections?

Also you've stated you have approximately 100 VLANs and 2500 clients, so I would think it safe to assume these clients are not all connected to the same switch. I presume the 6509 is the aggregation/distribution layer device with your clients connected to a number of access switches?

Are you intending to try and use all 100 VLANs as SPAN sources?

I don't know the traffic levels, but clearly you can only send 1GE of traffic to each GE connection of the NAC server before you start to see output drops on the GE interface of the switch. If you're then using multiple GE connections as SPAN destinations, depending upon the number, you could possibly hit the limit of the replication engine.

Regards

0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking for a $25 gift card