In this special service pack episode, the head geeks answer viewer questions on analyzing packet traffic using span ports and how it correlates with netflow traffic data. In my case i had a lan base image on a cisco 3850 so my only option is a span port. How to configure span or port mirroring on a cisco router or switch. To see how to setup sinefa to receive span mirror traffic see how to setup span and mirror port monitoring. Cisco ucs manager network management guide, release 3. The vlan and interface ids in the configuration provided below are only examples to assist in visualising whats required.
Configure an erspan source session on the 6500 and send the captured traffic directly to the vms ip address. Dcit troubleshooting cisco data center infrastructure v7. Monitor your physical, virtual, and cloud environments from a single console. The cisco ucs m71kre emulex and m71krq qlogic con verged network adapters cnas present two 10 gigabit ethernet nics and two 4gbps fibre channel hbas to the operating system or hypervisor. So effectively i needed to setup port mirroring from a physical network port to a vmware esxi virtual machine. For span source ports, configure one of the port types and then configure the port as span source. About 10 years ago i was able to download a very simple snmp software for windows that. Cisco span port is a switchport analyzer on the cisco catalyst that allows to select and span or copy traffic from one or more source switchports or source vlans onto one or more destination ports. Eight part series, describing how to configure a cisco ucs from start to finish for a vsphere deployment. Opmanager monitors cisco ucs system using xml soap protocol. If the cisco ucs domain has a cluster configuration that is set up for high availability and servers with. They are to group sets of vlans together to make config easier and also to conserve the vlan port count. If you are asking yourself, what is policybased computing. Portfast is a cisco network function which can be configured to resolve this problem.
End to end visibility for your cisco infrastructure gigamon. Span ports are commonly used for network traffic analysis applications. How to configure span or port mirroring on a cisco router. How to configure span and rspan on cisco catalyst 4500. The specifics are different between different switch models, so be sure to check the cisco documentation. Ucs fabric interconnect fc port will not autonegotiate to anything greater than 2gbps conditions. Note span traffic can be sent from one network device through other devices using an rspan configuration.
The continue reading port mirroring from a cisco switch to a virtual. Ucs implements an integrated, holistic concept with consistent, central administration and can ensure the operation of all the components in an interrelated security and trust. Cisco ucs central network management guide, release 1. Cisco ucs configuration guide for vsphere part 3 lan. Source ports are ports whose data will be copied, and sent to the destination, or span port. As with most hardware software capabilities of the fabric interconnects, unified ports came from the cisco nexus 5500 line that has been around for about a year now. Four active sessionsif each session is configured to monitor traffic in only one. Cisco span the switch port analyzer span functionality is offered in all cisco switching solutions. The answer is very straightforward, you can actually specify two destinations for one span session. Port mirroring from a cisco switch to a virtual machine on. Solutions guide endtoend visibility and security for. Cisco ucs fabric interconnect port licensing explained.
A port or interface on any line card of the switch should be on the same vlan as the sc0 interface of the switch, which is. Span ports work by sending a copy of the traffic destined to one or more ports or vlans to another port on the switch that has been connected to a network traffic analysis or security device. Cisco ucs configuring ntp and configuration backup to provide to the external network connectivity to ucs environment,it needs to be connected to the external lan switches. I needed to capture all traffic from a particular network port an ip phone system connected to a cisco sg300 switch and mirror this data to a virtual machine in our virtual infrastructure. Ccnp and ccie data center core dccor 350601 official cert. Cisco ucs manager network management guide, release 4. The time spanning tree protocol stp takes to transition ports over to the forwarding state can cause problems. Cisco ucs 6200 span traffic is ratelimited by the span destination port. Hello, i will resume my issue on a simple question, but its a inner realy complicated problem. This is part 3 of the cisco ucs configuration guide. Cisco ucs and different types of ports on fabric interconnect.
The troubleshooting cisco data center infrastructure dcit v7. Cisco ucs central network management guide, release 2. Cisco ucs fabric interconnect any software version q. You can monitor or use span on port channels only for ingress traffic. Rspan remote span, which enables you to copy traffic to a special vlan, which houses one or more network analyzers connected to a different physical switch reflector port a port that copies rspan packets onto the rspan vlan. The destination ports runs a sniffing or a packet capture program like ethereal, wireshark or tcpdump.
Cisco ucs 6248 unified port configuration jeremy waldrop. For span source ports, configure one of the port types and then. Cisco 2960s switch span and etherchannel configuration. Creating a mirroring port also called a span port switched port analyzer might be required for some network appliances to analyze network traffic. Learn about ucs monitoring in opmanager opmanager help. Here you define a vlan, state that it is a remote span vlan. In the following example we have our firewall connected to port 10 on the core switch and we want to send a copy of the traffic going to and from this port to ports. Configuring span ports, packet analysis and netflow. Have a look at some of the cisco live presos on ucs networking.
If a traffic monitoring session was configured on a dynamic vnic. Infrastructure aci and software defined networking sdn environments can be. Save and reset the phone so it can retrieve the new configuration file. Port 48 is an uplink to another switch in trunk mode. Ethernet span is port based on the cisco ucs 6300 fabric. Of these 8 ports are prelicensed and up to 8 additional ports can be licensed using ucslic10ge per port. How to configure ports for the cisco ucs bseries blades environment by lauren malhoit lauren malhoit has been in the it. If you are using cisco nexus 5548 switches to connect a ucs platform using fabric interconnects, then judging by the number of posts out there you may run into problems with port channels. We have a span port set up on the core switch 4507 and want to forward it to the ucsb chassis. Since we have switches which run in separate collision domains per port we have to do some configuration on the switch first before we can analyze traffic.
You have been given the task of bringing a brand new cisco ucs online. Configure span port on cisco 6500 running ios solutions. Span port the port that receives the copy of all traffic, also referred to as the destination port when configuring span. The following example will demonstrate how to configure a single span session on a cisco catalyst switch. From the ip phone configuration page, scroll down to the protocol specific configuration section, and enable the span to pc port configuration option. Univention corporate server ucs is a linuxbased server operating system for the operation and administration of it infrastructures for companies and authorities. The ucsfie16up 16 port unified expansion module has 16 physical ports.
Four active sessionsif each session is configured to monitor traffic. Physically linking span port to ucsb cisco community. Configure virtual machine on ucs blade server as span. You will learn methodologies and tools to identify issues that may occur in data center network architecture. A span port copies data from one or more source ports to a destination port. With wireshark installed on a laptop with a span port configured on the switch, it gives you access to all the packets which are traversing the link you are monitoring.
This factor of time is not an issue for many people, but it can cause problems for. Set ucs span destination interface speed if the sniffer connected to the traffic monitoring port on the fabric interconnect port 18 on a 6120 is running at 1gbps, the status of the port will be failed with the additional information as sfp validation failed even with a valid sfp in the port. This will trigger a change to the phones tftp configuration file. The eight default licenses that come with a 6200 series fabric interconnect expansion module can be used to enable ports on the base module, but will travel with. Hi team, we have a customer scenario wherein we are using ucs chassis along with fabric interconnects in a virtualized environment using vmware. The cisco ucs 82598krci 10 gigabit ethernet adapte r is designed as an efficient, highperformance ethernet interface. Figure 1 shows an example of how the span function operates. Is it possible to do this physically with a cable interlinking the. Configuring the fabric interconnect ports fc vs ethernet. Find answers to cisco 2960s switch span and etherchannel configuration from the expert community at experts exchange. How to configure local span port on cisco catalyst switch. C h a p t e r launching ucs server configuration utility ucs server configuration utility scu is a bootable image based on a 64bit linux kernel and can be used to perform operations such as configure raid logical volume, install operating systems, and perform diagnostics on cisco rack servers.
Troubleshooting cisco data center infrastructure dcit. Ucs flapping port channel in the picture above, the ucs is networked using a pair of ucs 6248up fabric interconnects to a. How to configure ports for the cisco ucs bseries blades. This however works well with the excellent packet analysis software wireshark. Cisco ucs manager system monitoring guide using the cli. Cisco ucs configuring ntp and configuration backup. I wanted to post this as a general guideline for those new to ucs who may be setting up their first lab or production environments. Cisco ucs configuring the lan uplinks and port channels. You can monitor or use span on port channels sources for traffic in the transmit and receive directions. Assign destination port for mirror traffic wireshark port a switch mirroringgroup 1 monitorport g10yy.
Installation and basic config below youll find stepbystep instructions on setting up a cisco ucs environment for the first time. Configure an ethernet traffic monitoring in fabric. Ethernet span is port based on the cisco ucs 6300 fabric interconnect. Cisco ucs manager gui configuration guide, release 2. Then on the source switch you would do a monitor session 1 source interface fastethernet 02 and monitor session 1 destination remote vlan 901 on the destination switch you do monitor session 1 source remote vlan 901 and monitor session 1 destination fastethernet 03. In cisco 6100 series fabric interconnect, the fixed module ports can be used only for server ports and ethernet uplinks ports. Mystery of the ucs flapping port channel networkofthings. Have a 6248up or 6296up fabric interconnect and curious on exactly how you change the ports from ethernet to fc and back again. However, you are used to traditional server infrastructure eg. Chapter 11 cisco unified computing systems overview 514 do i know this already.
When you create a traffic monitoring session, you can. Cisco ucs manager system monitoring guide, release 3. The use case for the uplink manager is if you have disjointed l2 networks e. Fabric interconnect is highly customizable and you have to decide the each port functionality. Cisco ucs 6200 and 6324 supports monitoring traffic in the transmit tx direction for up to two sources per fabric interconnect. Four active sessions if each session is configured to monitor traffic in only one.
Chapters 2 5 are documented to provide detailed explanation of ucs server installation to. Switch port analyzer span remote switch port analyzer rspan encapsulated remote switch port analyzer erspan span feature is local to the switch and requires the monitored ports and the destination port are on the same switch. Cisco ucs manager storage management guide using the cli. Cisco ucs 6200 span traffic is ratelimited by the span destination port speed. Ucsbb420m4, ucsspfi48, cisco ucs vic 80 mezzanine, cisco ucs vic 40 modular lom, cisco ucs port expander card mezz with ucsm 3. The span port sends the traffic out the line expecting something to hear it. Other than the added traffic passed to the span port, the port is a standard port, which means you can manage the ids by any machine that can route ip packets to the ids.
251 1372 1550 503 197 1594 764 792 1364 930 223 1369 976 756 885 315 1556 1100 454 206 374 1025 799 1574 52 738 957 104 802 1551 927 978 138 640 778 1452 447 1396 1487 1137 1241 1170 217 403 625 1016 329 950