Configuring Traffic Mirroring on the Cisco ASR 9000 Series Router

Save this PDF as:
 WORD  PNG  TXT  JPG

Size: px
Start display at page:

Download "Configuring Traffic Mirroring on the Cisco ASR 9000 Series Router"

Transcription

1 Configuring Traffic Mirring on the Cisco ASR 9000 Series Router This module describes the configuration of traffic mirring on the Cisco ASR 9000 Series Router. Traffic mirring is sometimes called pt mirring, switched pt analyzer (SPAN). Feature Histy f Configuring Traffic Mirring on the Cisco ASR 9000 Series Router Release Release Release Modification This feature was introduced on the Cisco ASR 9000 Series Router. The following traffic mirring features were added: Traffic mirring over a pseudowire Flow ACL-based traffic mirring Layer 3 interface suppt Partial packet mirring Contents Restrictions f Traffic Mirring, page 269 Infmation about Traffic Mirring, page 270 Configuring Traffic Mirring, page 275 Traffic Mirring Configuration Examples, page 288 Where to Go Next, page 295 Additional References, page 295 Restrictions f Traffic Mirring A maximum of eight moniting sessions, and 800 source pts are suppted. You can configure 800 source pts on a single moniting session, configure an aggregate total of 800 source pts on a maximum of eight moniting sessions. The following fms of traffic mirring are not suppted: Configuration Guide HR-269

2 Infmation about Traffic Mirring Configuring Traffic Mirring on the Cisco ASR 9000 Series Router Mirring traffic to a GRE tunnel (also known as Encapsulated Remote Switched Pt Analyzer [ER-SPAN] in Cisco IOS Software). Mirring traffic from a full bridge domain (also known as VLAN-based SPAN in Cisco IOS Software). Mirring traffic on an individual bundle member interface is not suppted. SPAN must only be configured on a bundle interface and it is applied to all members. Perfmance Impact with Traffic Mirring Cisco recommends that you do not mirr me than 15% of your total transit traffic. On Ten Gigabit Ethernet interfaces bundle interfaces there is a limit of 1.5G on each ingress amount to be mirred and 1.5G on each egress amount to be mirred. Infmation about Traffic Mirring The following sections provide infmation about traffic mirring: Introduction to Traffic Mirring, page 270 Traffic Mirring Terminology, page 271 Suppted Traffic Mirring Types, page 273 Introduction to Traffic Mirring Traffic mirring, which is sometimes called pt mirring, Switched Pt Analyzer (SPAN) is a Cisco proprietary feature that enables you to monit Layer 2 Layer 3 netwk traffic passing in, out of, a set of Ethernet interfaces. You can then pass this traffic to a netwk analyzer f analysis. Traffic mirring copies traffic from one me Layer 3 interfaces Layer 2 interfaces sub-interfaces, including Layer 2 link bundle interfaces sub-interfaces, and sends the copied traffic to one me destinations f analysis by a netwk analyzer other moniting device. Traffic mirring does not affect the switching of traffic on the source interfaces sub-interfaces, and allows the mirred traffic to be sent to a destination interface sub-interface. Traffic mirring was introduced on switches because of a fundamental difference between switches and hubs. When a hub receives a packet on one pt, the hub sends out a copy of that packet from all pts except from the one to which the hub received the packet. In the case of switches, after a switch boots, it starts to build up a Layer 2 fwarding table on the basis of the source MAC address of the different packets that the switch receives. After this fwarding table is built, the switch fwards traffic that is destined f a MAC address directly to the cresponding pt. F example, if you want to capture Ethernet traffic that is sent by host A to host B, and both are connected to a hub, just attach a traffic analyzer to this hub. All other pts see the traffic between hosts A and B (Figure 17). HR-270

3 Configuring Traffic Mirring on the Cisco ASR 9000 Series Router Infmation about Traffic Mirring Figure 17 Traffic Mirring Operation on a Hub B A Hub Netwk analyzer On a switch router, after the host B MAC address is learned, unicast traffic from A to B is only fwarded to the B pt. Therefe, the traffic analyzer does not see this traffic (Figure 18). Figure 18 Netwk Analysis Does Not Wk on a Router Without Traffic Mirring B A Router Netwk analyzer In this configuration, the traffic analyzer only captures traffic that is flooded to all pts, such as: Broadcast traffic Multicast traffic with CGMP Internet Group Management Protocol (IGMP) snooping disabled Unknown unicast traffic on a switch An extra feature is necessary that artificially copies unicast packets that host A sends. This extra feature is traffic mirring. When traffic mirring is enabled, the traffic analyzer is attached to a pt that is configured to receive a copy of every packet that host A sends. This pt is called a traffic mirring pt. The other sections of this document describe how you can fine tune this feature. Implementing Traffic Mirring on the Cisco ASR 9000 Series Router Traffic Mirring Terminology Ingress traffic Traffic that enters the switch. Egress traffic Traffic that leaves the switch. Source pt A pt that is monited with the use of traffic mirring. It is also called a monited pt. Destination pt A pt that monits source pts, usually where a netwk analyzer is connected. It is also called a moniting pt. HR-271

4 Infmation about Traffic Mirring Configuring Traffic Mirring on the Cisco ASR 9000 Series Router Monit session A designation f a collection of traffic mirring configurations consisting of a single destination and, potentially, many source interfaces. Characteristics of the Source Pt A source pt, also called a monited pt, is a switched routed pt that you monit f netwk traffic analysis. In a single local remote traffic mirring session, you can monit source pt traffic, such as received (Rx) f ingress traffic, transmitted (Tx) f egress traffic, bidirectional (f both ingress and egress traffic). Your router suppts any number of source pts (up to the maximum number of 800). A source pt has these characteristics: It can be any pt type, such as Bundle Interface, Gigabit Ethernet, 10-Gigabit Ethernet, EFPs. Note Bridge group virtual interfaces (BVIs) are not suppted. Each source pt can be monited in one traffic mirring session. It cannot be a destination pt. Each source pt can be configured with a direction (ingress, egress, both) to monit. F bundles, the monited direction applies to all physical pts in the group. Figure 19 Netwk Analysis on a Cisco ASR 9000 Router With Traffic Mirring B A Router Netwk analyzer In Figure 19, the netwk analyzer is attached to a pt that is configured to receive a copy of every packet that host A sends. This pt is called a traffic mirring pt. Characteristics of the Monit Session A monit session is a collection of traffic mirring configurations consisting of a single destination and, potentially, many source interfaces. F any given monit session, the traffic from the source interfaces (called source pts) is sent to the moniting pt (called the destination pt). Some optional operations such as VLAN tag imposition and ACL filtering can be perfmed on the mirred traffic streams. If there is me than one source pt in a moniting session, the traffic from the several mirred traffic streams is combined at the destination pt. The result is that the traffic that comes out of the destination pt is a combination of the traffic from one me source pts, and the traffic from each source pt may may not have VLAN push operations ACLs applied to it. Monit sessions have the following characteristics: A single Cisco ASR 9000 Router can have a maximum of eight monit sessions. HR-272

5 Configuring Traffic Mirring on the Cisco ASR 9000 Series Router Infmation about Traffic Mirring A single monit session can have only one destination pt. A single destination pt can belong to only one monit session. A single Cisco ASR 9000 Router can have a maximum of 800 source pts. A monit session can have a maximum of 800 source pts, as long as the maximum number of source pts from all moniting sessions does not exceed 800. Characteristics of the Destination Pt Each local session remote destination session must have a destination pt (also called a moniting pt) that receives a copy of the traffic from the source pts. A destination pt has these characteristics: A destination pt must reside on the same router as the source pt. A destination pt can be any Ethernet physical pt, EFP, pseudowire, but not a bundle interface. A destination pt can only be a Layer 2 transpt interface. A Layer 3 interface as a SPAN destination is not suppted on the Cisco ASR 9000 Series Router. A destination pt and can be a trunk (main) interface a subinterface. At any one time, a destination pt can participate in only one traffic mirring session. A destination pt in one traffic mirring session cannot be a destination pt f a second traffic mirring session. In other wds, no two monit sessions can have the same destination pt. A destination pt cannot also be a source pt. Figure 20 Netwk Analysis on a Cisco ASR 9000 Router With Traffic Mirring Egress 1 traffic 2 Ingress traffic Router Netwk analyzer Source traffic mirring pts (can be ingress egress traffic pts) 2 Destination traffic mirring pt Suppted Traffic Mirring Types The following traffic mirring types are suppted: Local traffic mirring. This is the most basic fm of traffic mirring. The netwk analyzer sniffer is directly attached to the destination interface. In other wds, all monited pts are all located on the same switch as the destination pt. HR-273

6 Infmation about Traffic Mirring Configuring Traffic Mirring on the Cisco ASR 9000 Series Router Pseudowire Traffic Mirring Remote traffic mirring (known as R-SPAN). In this case, the netwk analyzer is not attached directly to the destination interface, but is on a VLAN accessible to the switch. F example, the destination interface is a sub-interface with a VLAN encapsulation. A restricted fm of remote traffic mirring can be implemented by sending traffic to a single destination pt that pushes a VLAN tag, instead of switching via a bridge domain. Allows decoupling the netwk analyzer and destination, but there is no on-the-box redundancy. Allows multiple remote netwk analyzers as long as they can attach to the traffic mirring VLAN. This is suppted on Cisco IOS XR software, because the destination pt is an EFP that can push a VLAN tag. Pseudowire traffic mirring (known as PW-SPAN in Cisco IOS Software). Instead of using a standard destination interface, traffic is mirred to a remote site via an MPLS pseudowire. ACL-based traffic mirring. Traffic is mirred based on the configuration of the global interface ACL. Partial Packet Mirring. The first 64 to 256 bytes of the packet can be mirred. Layer 2 Layer 3 traffic mirring. Both Layer 2 and Layer 3 source pts can be mirred. The traffic mirring destination pt can be configured to be a pseudowire rather than a physical pt. In this case, the designated traffic on the source pt is mirred over the pseudowire to a central location. This allows the centralization of expensive netwk traffic analysis tools. Because the pseudowire is carrying only the mirred traffic, this traffic is generally unidirectional. There should not be any traffic coming from the remote provider edge. To protect the pseudowire traffic mirring path against netwk failures, it is possible to configure a traffic engineering tunnel as the preferred path and enable fast reroute protection f the pseudowire. Figure 21 Pseudowire Traffic Mirring Centralized NOC Netwk Pseudowire over EoMPLS Pseudowire to NOC Mirring to Pseudowire GE Pt Cisco ASR 9000 Series Router GE Pt HR-274

7 Configuring Traffic Mirring on the Cisco ASR 9000 Series Router Configuring Traffic Mirring ACL-Based Traffic Mirring You can mirr traffic based on the definition of a global interface access list (ACL). If you are mirring Layer 2 traffic, the ACL is configured using the ethernet-services access-list command with the capture keywd. If you are mirring Layer 3 traffic, the ACL is configured using the ipv4 access-list ipv6 access-list command with the capture keywd. The permit and deny commands determine the behavi of regular traffic. The capture keywd designates that the packet is to be mirred to the destination pt. Configuring Traffic Mirring The following tasks describe how to configure traffic mirring: How to Configure Local Traffic Mirring, page 275 How to Configure Remote Traffic Mirring, page 277 How to Configure Traffic Mirring over Pseudowire, page 279 How to Configure ACL-Based Traffic Mirring, page 283 How to Configure Partial Packet Mirring, page 286 How to Configure Local Traffic Mirring SUMMARY STEPS 1. configure 2. monit-session session-name 3. destination interface dest-interface 4. exit 5. interface source-interface 6. l2transpt 7. monit-session session-name [direction {rx-only tx-only] 8. end commit 9. show monit-session [session-name] status [detail] [err] HR-275

8 Configuring Traffic Mirring Configuring Traffic Mirring on the Cisco ASR 9000 Series Router DETAILED STEPS Step 1 Command Action configure Purpose Enters global configuration mode. Step 2 Step 3 Step 4 Step 5 Step 6 Step 7 monit-session session-name RP/0/RSP0/CPU0:router(config)# monit-session mon1 RP/0/RSP0/CPU0:router(config-mon)# destination interface dest-interface RP/0/RSP0/CPU0:router(config-mon)# destination interface gigabitethernet0/0/0/15 exit RP/0/RSP0/CPU0:router(config-mon)# exit RP/0/RSP0/CPU0:router(config)# interface source-interface RP/0/RSP0/CPU0:router(config)# interface gigabitethernet0/0/0/11 l2transpt RP/0/RSP0/CPU0:router(config-if)# l2transpt monit-session session-name [direction {rx-only tx-only] RP/0/RSP0/CPU0:router(config-if-l2)# monit-session mon1 Defines a monit session, and enters monit session configuration mode. Specifies the destination interface to which traffic should be replicated. This interface must be a Layer 2 transpt interface. Exits monit session configuration mode, and returns to global configuration mode. Enters interface configuration mode f the specified interface. The interface number is entered in rack/slot/module/pt notation. F me infmation about the syntax f the router, use the question mark (?) online help function. (Optional) Enables Layer 2 transpt mode on the interface and enters Layer 2 transpt configuration mode. Note F Layer 3 traffic mirring, do not use the l2transpt command. Specifies the monit session to be used on this interface. Use the direction keywd to specify that only ingress only egress traffic is mirred. HR-276

9 Configuring Traffic Mirring on the Cisco ASR 9000 Series Router Configuring Traffic Mirring Step 8 Step 9 Command Action end commit RP/0/RSP0/CPU0:router(config-if-l2)# end RP/0/RSP0/CPU0:router(config-if-l2)# commit show monit-session [session-name] status [detail] [err] Purpose Saves configuration changes. When you issue the end command, the system prompts you to commit changes: Uncommitted changes found, commit them befe exiting (yes/no/cancel)? [cancel]: Entering yes saves configuration changes to the running configuration file, exits the configuration session, and returns the router to EXEC mode. Entering no exits the configuration session and returns the router to EXEC mode without committing the configuration changes. Entering cancel leaves the router in the current configuration session without exiting committing the configuration changes. Use the commit command to save the configuration changes to the running configuration file and remain within the configuration session. Displays infmation about the monit session. RP/0/RSP0/CPU0:router# show monit-session How to Configure Remote Traffic Mirring SUMMARY STEPS 1. configure 2. monit-session session-name 3. destination interface dest-subinterface 4. exit 5. interface dest-subinterface l2transpt 6. encapsulation dot1q vlan 7. rewrite ingress tag pop tag-to-remove 8. interface source-interface [l2transpt] 9. monit-session session-name [direction {rx-only tx-only] 10. end commit 11. show monit-session [session-name] status [detail] [err] HR-277

10 Configuring Traffic Mirring Configuring Traffic Mirring on the Cisco ASR 9000 Series Router DETAILED STEPS Step 1 Command Action configure Purpose Enters global configuration mode. Step 2 Step 3 Step 4 Step 5 Step 6 Step 7 monit-session session-name RP/0/RSP0/CPU0:router(config)# monit-session mon1 RP/0/RSP0/CPU0:router(config-mon)# destination interface dest-subinterface RP/0/RSP0/CPU0:router(config-mon)# destination interface gigabitethernet0/0/0/15 exit RP/0/RSP0/CPU0:router(config-mon)# exit RP/0/RSP0/CPU0:router(config)# interface dest-subinterface l2transpt RP/0/RSP0/CPU0:router(config)# interface gigabitethernet0/0/0/11.10 l2transpt encapsulation dot1q vlan RP/0/RSP0/CPU0:router(config-if)# encapsulation dot1q 1 rewrite ingress tag pop tag-to-remove Defines a monit session, and enters monit session configuration mode. Specifies the destination subinterface to which traffic should be replicated. This interface must be a Layer 2 transpt interface. Exits monit session configuration mode, and returns to global configuration mode. Enters interface configuration mode f the specified sub-interface. The interface number is entered in rack/slot/module/pt notation. F me infmation about the syntax f the router, use the question mark (?) online help function. The l2transpt keywd is used to enable Layer 2 transpt mode on the destination subinterface. Specifies 802.1Q encapsulation and the VLAN number that is used. Specifies to remove the outer tag only f the EFP. RP/0/RSP0/CPU0:router(config-if)# rewrite ingress tag pop 1 HR-278

11 Configuring Traffic Mirring on the Cisco ASR 9000 Series Router Configuring Traffic Mirring Step 8 Step 9 Step 10 Step 11 Command Action interface source-subinterface [l2transpt] RP/0/RSP0/CPU0:router(config)# interface gigabitethernet0/0/0/11.10 l2transpt monit-session session-name [direction {rx-only tx-only] RP/0/RSP0/CPU0:router(config-if-l2)# monit-session mon1 end commit RP/0/RSP0/CPU0:router(config-if)# end RP/0/RSP0/CPU0:router(config-if)# commit show monit-session [session-name] status [detail] [err] Purpose Enters interface configuration mode f the specified subinterface. The interface number is entered in rack/slot/module/pt notation. F me infmation about the syntax f the router, use the question mark (?) online help function. To configure a Layer 2 subinterface to be the source interface, use the l2transpt keywd to enable Layer 2 transpt mode on the subinterface. Specifies the monit session to be used on this interface. Use the direction keywd to specify that only ingress egress traffic is mirred. Saves configuration changes. When you issue the end command, the system prompts you to commit changes: Uncommitted changes found, commit them befe exiting (yes/no/cancel)? [cancel]: Entering yes saves configuration changes to the running configuration file, exits the configuration session, and returns the router to EXEC mode. Entering no exits the configuration session and returns the router to EXEC mode without committing the configuration changes. Entering cancel leaves the router in the current configuration session without exiting committing the configuration changes. Use the commit command to save the configuration changes to the running configuration file and remain within the configuration session. Displays infmation about the traffic mirring session. RP/0/RSP0/CPU0:router# show monit-session How to Configure Traffic Mirring over Pseudowire SUMMARY STEPS 1. configure 2. monit-session session-name 3. destination pseudowire HR-279

12 Configuring Traffic Mirring Configuring Traffic Mirring on the Cisco ASR 9000 Series Router 4. exit 5. interface source-interface 6. l2transpt 7. monit-session session-name 8. exit 9. exit 10. exit 11. l2vpn 12. pw-class class-name 13. encapsulation mpls 14. exit 15. exit 16. xconnect group group-name 17. p2p xconnect-name 18. monit-session session-name 19. neighb peer-ip pw-id pseudowire-id 20. pw-class class-name 21. end commit 22. show monit-session [session-name] status [detail] [err] DETAILED STEPS Step 1 Command Action configure Purpose Enters global configuration mode. Step 2 Step 3 monit-session session-name RP/0/RSP0/CPU0:router(config)# monit-session mon1 RP/0/RSP0/CPU0:router(config-mon)# destination psuedowire RP/0/RSP0/CPU0:router(config-mon)# destination pseudowire Defines a monit session, and enters monit session configuration mode. Specifies that the traffic should be replicated to a pseudowire. HR-280

13 Configuring Traffic Mirring on the Cisco ASR 9000 Series Router Configuring Traffic Mirring Step 4 Step 5 Step 6 Step 7 Step 8 Step 9 Step 10 Step 11 Command Action exit RP/0/RSP0/CPU0:router(config-mon)# exit RP/0/RSP0/CPU0:router(config)# interface source-interface RP/0/RSP0/CPU0:router(config)# interface gigabitethernet0/0/0/11.10 l2transpt RP/0/RSP0/CPU0:router(config-if)# l2transpt monit-session session-name [direction {rx-only tx-only] RP/0/RSP0/CPU0:router(config-if-l2)# monit-session mon1 exit RP/0/RSP0/CPU0:router(config-if-mon)# exit RP/0/RSP0/CPU0:router(config-if-l2)# exit RP/0/RSP0/CPU0:router(config-if-l2)# exit RP/0/RSP0/CPU0:router(config-if)# exit RP/0/RSP0/CPU0:router(config-if)# exit RP/0/RSP0/CPU0:router(config)# l2vpn Purpose Exits monit session configuration mode and returns to global configuration mode. Enters interface configuration mode f the specified interface. The interface number is entered in rack/slot/module/pt notation. F me infmation about the syntax f the router, use the question mark (?) online help function. (Optional) Enables Layer 2 transpt mode on the subinterface and enters Layer 2 transpt configuration mode. Note F Layer 3 traffic mirring, do not use the l2transpt command. Specifies the monit session to be used on this interface. Use the direction keywd to specify that only ingress egress traffic is mirred. Exits monit session configuration mode and returns to l2transpt configuration mode. Exits l2transpt configuration mode and returns to interface configuration mode. Exits interface configuration mode and returns to global configuration mode. Enters Layer 2 VPN configuration mode. Step 12 RP/0/RSP0/CPU0:router(config)# l2vpn RP/0/RSP0/CPU0:router(config-l2vpn)# pw-class class-name RP/0/RSP0/CPU0:router(config-l2vpn)# pw-class pw1 Configures a pseudowire class template and enters pseudowire class template configuration mode. HR-281

14 Configuring Traffic Mirring Configuring Traffic Mirring on the Cisco ASR 9000 Series Router Step 13 Command Action encapsulation mpls Purpose Configures the pseudowire encapsulation to MPLS. Step 14 RP/0/RSP0/CPU0:router(config-l2vpn-pwc)# encapsulation mpls exit Exits pseudowire encapsulation configuration mode. Step 15 RP/0/RSP0/CPU0:router(config-l2vpn-pwc-mpls)# exit RP/0/RSP0/CPU0:router(config-l2vpn-pwc) exit Exits pseudowire class template configuration mode. Step 16 RP/0/RSP0/CPU0:router(config-l2vpn-pwc)# exit RP/0/RSP0/CPU0:router(config-l2vpn) xconnect group group-name Configures a group cross connect. Step 17 RP/0/RSP0/CPU0:router(config-l2vpn)# xconnect group g1 p2p xconnect-name Configures a point-to-point cross connect. Step 18 Step 19 RP/0/RSP0/CPU0:router(config-l2vpn-xc)# p2p xc1 monit-session session-name RP/0/RSP0/CPU0:router(config-l2vpn-xc-p2p)# monit-session mon1 neighb peer-ip pw-id pseudowire-id Attaches a traffic mirring session to the point-to-point cross connect. Configures the point-to-point cross connect. Step 20 RP/0/RSP0/CPU0:router(config-l2vpn-xc-p2p)# neighb pw-id 3 pw-class class-name RP/0/RSP0/CPU0:router(config-l2vpn-xc-p2p)# pw-class pw1 Specifies the pseudowire class template to use f this cross connect. HR-282

15 Configuring Traffic Mirring on the Cisco ASR 9000 Series Router Configuring Traffic Mirring Step 21 Step 22 Command Action end commit RP/0/RSP0/CPU0:router(config-l2vpn-xc-p2p-pw)# end RP/0/RSP0/CPU0:router(config-l2vpn-xc-p2p-pw)# commit show monit-session [session-name] status [detail] [err] Purpose Saves configuration changes. When you issue the end command, the system prompts you to commit changes: Uncommitted changes found, commit them befe exiting (yes/no/cancel)? [cancel]: Entering yes saves configuration changes to the running configuration file, exits the configuration session, and returns the router to EXEC mode. Entering no exits the configuration session and returns the router to EXEC mode without committing the configuration changes. Entering cancel leaves the router in the current configuration session without exiting committing the configuration changes. Use the commit command to save the configuration changes to the running configuration file and remain within the configuration session. Displays infmation about the traffic mirring session. RP/0/RSP0/CPU0:router# show monit-session How to Configure ACL-Based Traffic Mirring Prerequisites SUMMARY STEPS The global interface ACL should be configured using one of the following commands with the capture keywd: ipv4 access-list ipv6 access-list ethernet-services access-list F me infmation, refer to the Cisco ASR 9000 Series Aggregation Services Router IP Addresses and Services Command Reference the ASR 9000 Series Aggregation Services Router Layer_2 VPN and Ethernet Services Command Reference. 1. configure 2. monit-session session-name 3. destination interface dest-interface 4. exit HR-283

16 Configuring Traffic Mirring Configuring Traffic Mirring on the Cisco ASR 9000 Series Router 5. interface source-interface 6. l2transpt 7. exit 8. ethernet-services access-group access-list-name ingress 9. acl 10. monit-session session-name 11. end commit 12. show monit-session [session-name] status [detail] [err] DETAILED STEPS Step 1 Command Action configure Purpose Enters global configuration mode. Step 2 Step 3 Step 4 Step 5 Step 6 monit-session session-name RP/0/RSP0/CPU0:router(config)# monit-session mon1 RP/0/RSP0/CPU0:router(config-mon)# destination interface dest-interface RP/0/RSP0/CPU0:router(config-mon)# destination interface gigabitethernet0/0/0/15 exit RP/0/RSP0/CPU0:router(config-mon)# exit RP/0/RSP0/CPU0:router(config)# interface source-interface RP/0/RSP0/CPU0:router(config)# interface gigabitethernet0/0/0/11 l2transpt RP/0/RSP0/CPU0:router(config-if)# l2transpt Defines a monit session and enters monit session configuration mode. Specifies the destination interface to which traffic should be replicated. This interface must be a Layer 2 transpt interface. Exits monit session configuration mode and returns to global configuration mode. Enters interface configuration mode f the specified interface. The interface number is entered in rack/slot/module/pt notation. F me infmation about the syntax f the router, use the question mark (?) online help function. (Optional) Enables Layer 2 transpt mode on the subinterface and enters Layer 2 transpt configuration mode. Note F Layer 3 traffic mirring, do not use the l2transpt command. HR-284

17 Configuring Traffic Mirring on the Cisco ASR 9000 Series Router Configuring Traffic Mirring Step 7 Step 8 Command Action exit RP/0/RSP0/CPU0:router(config-if-l2)# exit RP/0/RSP0/CPU0:router(config-if)# ethernet-services access-group access-list-name [ingress egress] Purpose Exits Layer 2 transpt configuration mode and returns to interface configuration mode. Associates the access list definition with the interface being mirred. Step 9 Step 10 RP/0/RSP0/CPU0:router(config-if)# ethernet-services access-group acl1 ingress acl RP/0/RSP0/CPU0:router(config-if-mon)# acl monit-session session-name Specifies that the traffic mirred is accding to the defined global interface ACL. Specifies the monit session to be used on this interface. Step 11 Step 12 RP/0/RSP0/CPU0:router(config-if)# monit-session mon1 end commit RP/0/RSP0/CPU0:router(config-if)# end RP/0/RSP0/CPU0:router(config-if)# commit show monit-session [session-name] status [detail] [err] Saves configuration changes. When you issue the end command, the system prompts you to commit changes: Uncommitted changes found, commit them befe exiting (yes/no/cancel)? [cancel]: Entering yes saves configuration changes to the running configuration file, exits the configuration session, and returns the router to EXEC mode. Entering no exits the configuration session and returns the router to EXEC mode without committing the configuration changes. Entering cancel leaves the router in the current configuration session without exiting committing the configuration changes. Use the commit command to save the configuration changes to the running configuration file and remain within the configuration session. Displays infmation about the monit session. RP/0/RSP0/CPU0:router# show monit-session HR-285

18 Configuring Traffic Mirring Configuring Traffic Mirring on the Cisco ASR 9000 Series Router Troubleshooting ACL-Based Traffic Mirring Note the following configuration issues: Even when the acl command is configured on the source mirring pt, if the ACL configuration command does not use the capture keywd, no traffic gets mirred. If the ACL configuration uses the capture keywd, but the acl command is not configured on the source pt, although traffic is mirred, no access list configuration is applied. All ingress traffic is mirred, regardless of the ACL definition; only egress traffic permitted in the ACL definition is mirred. The following example crectly shows both the capture keywd in the ACL definition and the acl command configured on the interface: monit-session tm_example! ethernet-services access-list tm_filter 10 deny abcd.abcd any capture! interface GigabitEthernet0/2/0/0 monit-session tm_example direction rx-only acl! l2transpt! ethernet-services access-group tm_filter ingress! end How to Configure Partial Packet Mirring SUMMARY STEPS 1. configure 2. monit-session session-name 3. destination interface dest-interface 4. exit 5. interface source-interface 6. monit-session session-name 7. mirr first bytes 8. end commit 9. show monit-session [session-name] status HR-286

19 Configuring Traffic Mirring on the Cisco ASR 9000 Series Router Configuring Traffic Mirring DETAILED STEPS Step 1 Command Action configure Purpose Enters global configuration mode. Step 2 Step 3 Step 4 Step 5 Step 6 Step 7 monit-session session-name RP/0/RSP0/CPU0:router(config)# monit-session mon1 RP/0/RSP0/CPU0:router(config-mon)# destination interface dest-interface RP/0/RSP0/CPU0:router(config-mon)# destination interface gigabitethernet0/0/0/15 exit RP/0/RSP0/CPU0:router(config-mon)# exit RP/0/RSP0/CPU0:router(config)# interface source-interface RP/0/RSP0/CPU0:router(config)# interface gigabitethernet0/0/0/11.10 monit-session session-name [direction {rx-only tx-only] RP/0/RSP0/CPU0:router(config-if-l2)# monit-session mon1 mirr first bytes RP/0/RSP0/CPU0:router(config-if-mon)# mirr first bytes Defines a monit session, and enters monit session configuration mode. Specifies the destination interface to which traffic should be replicated. This interface must be a Layer 2 transpt interface. Exits monit session configuration mode and returns to global configuration mode. Enters interface configuration mode f the specified interface. The interface number is entered in rack/slot/module/pt notation. F me infmation about the syntax f the router, use the question mark (?) online help function. Specifies the monit session to be used on this interface. Use the direction keywd to specify that only ingress egress traffic is mirred. Specifies the number of bytes of the packet to mirr. Values can range from 64 to 256 bytes. HR-287

20 Traffic Mirring Configuration Examples Configuring Traffic Mirring on the Cisco ASR 9000 Series Router Step 8 Step 9 Command Action end commit RP/0/RSP0/CPU0:router(config-if)# end RP/0/RSP0/CPU0:router(config-if)# commit show monit-session [session-name] status Purpose Saves configuration changes. When you issue the end command, the system prompts you to commit changes: Uncommitted changes found, commit them befe exiting (yes/no/cancel)? [cancel]: Entering yes saves configuration changes to the running configuration file, exits the configuration session, and returns the router to EXEC mode. Entering no exits the configuration session and returns the router to EXEC mode without committing the configuration changes. Entering cancel leaves the router in the current configuration session without exiting committing the configuration changes. Use the commit command to save the configuration changes to the running configuration file and remain within the configuration session. Displays infmation about the traffic mirring session. RP/0/RSP0/CPU0:router# show monit-session Traffic Mirring Configuration Examples This section contains examples of how to configure traffic mirring: Traffic Mirring with Physical Interfaces (Local): Example, page 288 Traffic Mirring with EFPs (Remote): Example, page 289 Viewing Monit Session Status: Example, page 289 Monit Session Statistics: Example, page 290 Traffic Mirring over Pseudowire: Example, page 291 Layer 3 ACL-Based Traffic Mirring: Example, page 291 Layer 2 ACL-Based Traffic Mirring: Example, page 291 Traffic Mirring with Physical Interfaces (Local): Example The following example shows a basic configuration f traffic mirring with physical interfaces. When traffic flows over the point to point cross connect between gig0/2/0/19 and gig0/2/0/11, packets received and transmitted on gig0/2/0/19 are also mirred to gig0/2/0/15. RP/0/RSP0/CPU0:router(config)# monit-session ms1 RP/0/RSP0/CPU0:router(config-mon)# destination interface gig0/2/0/15 RP/0/RSP0/CPU0:router(config-mon)# commit HR-288

21 Configuring Traffic Mirring on the Cisco ASR 9000 Series Router Traffic Mirring Configuration Examples RP/0/RSP0/CPU0:router(config)# interface gig0/2/0/11 RP/0/RSP0/CPU0:router(config-subif)# l2transpt RP/0/RSP0/CPU0:router(config-if-l2)# commit RP/0/RSP0/CPU0:router(config)# interface gig0/2/0/15 RP/0/RSP0/CPU0:router(config-subif)# l2transpt RP/0/RSP0/CPU0:router(config-if-l2)# commit RP/0/RSP0/CPU0:router(config)# interface gig0/2/0/19 RP/0/RSP0/CPU0:router(config-subif)# l2transpt RP/0/RSP0/CPU0:router(config-subif-l2)# monit-session ms1 RP/0/RSP0/CPU0:router(config-if-l2)# commit RP/0/RSP0/CPU0:router(config)# l2vpn RP/0/RSP0/CPU0:router(config-l2vpn)# xconnect group xg1 RP/0/RSP0/CPU0:router(config-l2vpn-xc)# p2p xg1_p1 RP/0/RSP0/CPU0:router(config-l2vpn-xc-p2p)# interface gig0/2/0/11 RP/0/RSP0/CPU0:router(config-l2vpn-xc-p2p)# interface gig0/2/0/19 RP/0/RSP0/CPU0:router(config-if-l2)# commit Traffic Mirring with EFPs (Remote): Example The following example shows a basic configuration f remote traffic mirring with EFP interfaces. When traffic flows over the point-to-point cross connect between gig0/2/0/19.10 and gig0/2/0/11.10, packets received and transmitted on gig0/2/0/19.10 are also mirred to gig0/2/0/10.1. RP/0/RSP0/CPU0:router#monit-session ms1 RP/0/RSP0/CPU0:router(config)# destination interface gig0/2/0/10.1 RP/0/RSP0/CPU0:router(config)# interface gig0/2/0/10.1 l2transpt RP/0/RSP0/CPU0:router(config-if-l2)# encapsulation dot1q 1 RP/0/RSP0/CPU0:router(config-if-l2)# rewrite ingress tag pop 1 RP/0/RSP0/CPU0:router(config)# interface gig0/2/0/11.10 l2transpt RP/0/RSP0/CPU0:router(config-if-l2)# encapsulation dot1q 10 RP/0/RSP0/CPU0:router(config)# interface gig0/2/0/19.10 l2transpt RP/0/RSP0/CPU0:router(config-if-l2)# encapsulation dot1q 10 RP/0/RSP0/CPU0:router(config-if-l2)# monit-session ms1 RP/0/RSP0/CPU0:router(config)# l2vpn RP/0/RSP0/CPU0:router(config-l2vpn)# xconnect group xg1 RP/0/RSP0/CPU0:router(config-l2vpn-xc)# p2p xg1_p1 RP/0/RSP0/CPU0:router(config-l2vpn-xc-p2p)# interface gig0/2/0/11.10 RP/0/RSP0/CPU0:router(config-l2vpn-xc-p2p)# interface gig0/2/0/19.10 Viewing Monit Session Status: Example The following examples show sample output of the show monit-session command with the status keywd: RP/0/RSP0/CPU0:router# show monit-session status Fri Feb 20 14:56: UTC HR-289

22 Traffic Mirring Configuration Examples Configuring Traffic Mirring on the Cisco ASR 9000 Series Router Monit-session cisco-rtp1 Destination interface GigabitEthernet0/5/0/38 ================================================================================ Source Interface Dir Status Gi0/5/0/4 Both Operational Gi0/5/0/17 Both Operational RP/0/RSP0/CPU0:router# show monit-session status detail Monit-session sess1 Destination interface is not configured Source Interfaces GigabitEthernet0/0/0/0 Direction: Both ACL match: Enabled Ption: Full packet Status: Not operational (destination interface not known). GigabitEthernet0/0/0/2 Direction: Both ACL match: Disabled Ption: First 100 bytes Status: Err: 'Viking SPAN PD' detected the 'warning' condition 'PRM connection creation failure'. RP/0/RSP0/CPU0:router# show monit-session status err Thu Jul 1 17:56: DST Monit-session ms1 Destination interface GigabitEthernet0/2/0/15 is not configured ================================================================================ Source Interface Dir Status Monit-session ms2 Destination interface is not configured ================================================================================ Source Interface Dir Status RP/0/RSP0/CPU0:router# Monit Session Statistics: Example Use the show monit-session command with the counters keywd to show the statistics/counters (received/transmitted/dropped) of different source pts. F each monit session, this command displays a list of all source interfaces and the replicated packet statistics f that interface. The full set of statistics displayed f each interface is: RX replicated packets and octets TX replicated packets and octets Non-replicated packet and octets RP/0/RSP0/CPU0:router# show monit-session counters Monit-session ms1 GigabitEthernet0/2/0/19.10 Rx replicated: 1000 packets, octets Tx replicated: 1000 packets, octets Non-replicated: 0 packets, 0 octets HR-290

23 Configuring Traffic Mirring on the Cisco ASR 9000 Series Router Traffic Mirring Configuration Examples Use the clear monit-session counters command to clear any collected statistics. By default this command clears all sted statistics; however, an optional interface filter can be supplied. RP/0/RSP0/CPU0:router# clear monit-session counters Traffic Mirring over Pseudowire: Example The following example shows how to configure traffic mirring over a pseudowire: RP/0/RSP0/CPU0:router(config)# interface GigabitEthernet0/11/0/1 RP/0/RSP0/CPU0:router(config-if)# l2transpt RP/0/RSP0/CPU0:router(config-if-l2)# monit-session pw-span-test RP/0/RSP0/CPU0:router(config)# monit-session pw-span-test RP/0/RSP0/CPU0:router(config-mon)# destination pseudowire RP/0/RSP0/CPU0:router(config)# l2vpn RP/0/RSP0/CPU0:router(config-l2vpn)# pw-class class1 RP/0/RSP0/CPU0:router(config-l2vpn-pwc)# encapsulation mpls RP/0/RSP0/CPU0:router(config-l2vpn)# xconnect group g1 RP/0/RSP0/CPU0:router(config-l2vpn-xc)# p2p x1 RP/0/RSP0/CPU0:router(config-l2vpn-xc-p2p)# monit-session pw-span-test RP/0/RSP0/CPU0:router(config-l2vpn-xc-p2p)# neighb pw-id 1 RP/0/RSP0/CPU0:router(config-l2vpn-xc-p2p-pw)# pw-class class1 RP/0/RSP0/CPU0:router(config-l2vpn-xc-p2p-pw)# commit Layer 3 ACL-Based Traffic Mirring: Example The following example shows how to configure Layer 3 ACL-based traffic mirring: RP/0/RSP0/CPU0:router(config)# monit-session ms1 RP/0/RSP0/CPU0:router(config-mon)# destination interface gig0/2/0/15 RP/0/RSP0/CPU0:router(config-mon)# commit RP/0/RSP0/CPU0:router(config)# interface gig0/2/0/11 RP/0/RSP0/CPU0:router(config-if)# ipv4 access-group span ingress RP/0/RSP0/CPU0:router(config-if)# monit-session ms1 RP/0/RSP0/CPU0:router(config-if)# acl RP/0/RSP0/CPU0:router(config-if-mon)# commit RP/0/RSP0/CPU0:router(config)# ipv4 access-list span RP/0/RSP0/CPU0:router(config-ipv4-acl)# 5 permit ipv4 any any dscp 5 capture RP/0/RSP0/CPU0:router(config-ipv4-acl)# 10 permit ipv4 any any RP/0/RSP0/CPU0:router(config-ipv4-acl)# commit Layer 2 ACL-Based Traffic Mirring: Example The following example shows how to configure Layer 2 ACL-based traffic mirring: RP/0/RSP0/CPU0:router(config)# monit-session ms1 HR-291

24 Traffic Mirring Configuration Examples Configuring Traffic Mirring on the Cisco ASR 9000 Series Router RP/0/RSP0/CPU0:router(config-mon)# destination interface gig0/2/0/15 RP/0/RSP0/CPU0:router(config-mon)# commit RP/0/RSP0/CPU0:router(config)# interface gig0/2/0/11 RP/0/RSP0/CPU0:router(config-if)# l2transpt RP/0/RSP0/CPU0:router(config-if-l2)# exit RP/0/RSP0/CPU0:router(config-if)# ethernet-services access-group acl_mirr ingress RP/0/RSP0/CPU0:router(config-if)# acl RP/0/RSP0/CPU0:router(config-if)# monit-session ms1 RP/0/RSP0/CPU0:router(config-if-mon)# commit RP/0/RSP0/CPU0:router(config)# ipv4 access-list acl_mirr RP/0/RSP0/CPU0:router(config-ipv4-acl)# 5 permit ipv4 any any dscp 5 capture RP/0/RSP0/CPU0:router(config-ipv4-acl)# 10 permit ipv4 any any RP/0/RSP0/CPU0:router(config-ipv4-acl)# commit Partial Packet Mirring: Example The following example shows how to configure mirring of the first 100 bytes of the packet: RP/0/RP0/CPU0:router(config)# interface gigabitethernet0/0/0/11 RP/0/RP0/CPU0:router(config-if-l2)# monit-session mon1 RP/0/RSP0/CPU0:router(config-if-mon)# mirr first 100 Troubleshooting Traffic Mirring When you have issues with your traffic mirring, begin your troubleshooting by checking the output of the show monit-session status command. This command displays the recded state of all sessions and source interfaces: Monit-session sess1 <Session status> ================================================================================ Source Interface Dir Status Gi0/0/0/0 Both <Source interface status> Gi0/0/0/2 Both <Source interface status> In the preceding example, the line marked as <Session status> can indicate one of the following configuration errs: Session Status Session is not configured globally Destination interface <intf> is not configured Explanation The session does not exist in global configuration. Check show run command output to ensure that a session with the right name has been configured. The interface that has been configured as the destination does not exist. F example, the destination interface may be configured to be a VLAN subinterface, but the VLAN subinterface may not have been created yet. HR-292

25 Configuring Traffic Mirring on the Cisco ASR 9000 Series Router Traffic Mirring Configuration Examples Session Status Destination interface <intf> (<down-state>) Destination pseudowire is not configured Destination pseudowire <name> (down) Explanation The destination interface is not in Up state in the Interface Manager. You can verify the state using the show interfaces command. Check the configuration to see what might be keeping the interface from coming up (f example, a sub-interface needs to have an appropriate encapsulation configured). The L2VPN configuration that is to set up the pseudowire is missing. Configure the traffic mirring session name as one segment of the xconnect p2p. The pseudowire is configured, but is down. Check the L2VPN configuration to identify why the pseudowire is not coming up. The <Source interface status> can rept the following messages: Source Interface Status Explanation Operational Everything appears to be wking crectly in traffic mirring PI. Please follow up with the platfm teams in the first instance, if mirring is not operating as expected. Not operational (Session is not configured globally) The session does not exist in global configuration. Check the show run command output to ensure that a session with the right name has been configured. Not operational (destination interface not known) The session exists, but it either does not have a destination interface specified, the destination interface named f the session does not exist (f example, if the destination is a sub-interface that has not been created). Not operational (source same as destination) The session exists, but the destination and source are the same interface, so traffic mirring does not wk. Not operational (destination not active) The destination interface pseudowire is not in the Up state. See the cresponding Session status err messages f suggested resolution. Not operational (source state <down-state>) The source interface is not in the Up state. You can verify the state using the show interfaces command. Check the configuration to see what might be keeping the interface from coming up (f example, a sub-interface needs to have an appropriate encapsulation configured). Err: see detailed output f explanation Traffic mirring has encountered an err. Run the show monit-session status detail command to display me infmation. HR-293

26 Traffic Mirring Configuration Examples Configuring Traffic Mirring on the Cisco ASR 9000 Series Router The show monit-session status detail command displays full details of the configuration parameters, and of any errs encountered. F example: RP/0/RSP0/CPU0:router#show monit-session status detail Monit-session sess1 Destination interface is not configured Source Interfaces GigabitEthernet0/0/0/0 Direction: Both ACL match: Enabled Ption: Full packet Status: Not operational (destination interface not known). GigabitEthernet0/0/0/2 Direction: Both ACL match: Disabled Ption: First 100 bytes Status: Err: 'Viking SPAN PD' detected the 'warning' condition 'PRM connection creation failure'. This detailed output may give you a clear indication of what the problem is. Here are additional trace and debug commands: RP/0/RSP0/CPU0:router# show monit-session platfm trace? all Turn on all the trace errs Display errs events Display interesting events RP/0/RSP0/CPU0:router# show monit-session trace? process Filter debug by process RP/0/RSP0/CPU0:router# debug monit-session platfm? all Turn on all the debugs errs VKG SPAN EA errs event VKG SPAN EA event info VKG SPAN EA info RP/0/RSP0/CPU0:router# debug monit-session platfm all RP/0/RSP0/CPU0:router# debug monit-session platfm event RP/0/RSP0/CPU0:router# debug monit-session platfm info RP/0/RSP0/CPU0:router# show monit-session status? detail Display detailed output errs Display only attachments which have errs internal Display internal monit-session infmation Output Modifiers RP/0/RSP0/CPU0:router# show monit-session status RP/0/RSP0/CPU0:router# show monit-session status errs RP/0/RSP0/CPU0:router# show monit-session status internal HR-294

27 Configuring Traffic Mirring on the Cisco ASR 9000 Series Router Where to Go Next Where to Go Next When you have configured an Ethernet interface, you can configure individual VLAN subinterfaces on that Ethernet interface. F infmation about modifying Ethernet management interfaces f the shelf controller (SC), route process (RP), and distributed RP, see the Advanced Configuration and Modification of the Management Ethernet Interface on the Cisco ASR 9000 Series Router module later in this document. F infmation about IPv6 see the Implementing Access Lists and Prefix Lists on Cisco IOS XR Software module in the Cisco IOS XR IP Addresses and Services Configuration Guide. Additional References The following sections provide references related to implementing Gigabit and 10-Gigabit Ethernet interfaces. Related Documents Related Topic Ethernet L2VPN Cisco IOS XR master command reference Cisco IOS XR interface configuration commands Infmation about user groups and task IDs Document Title Cisco ASR 9000 Series Aggregation Services Router L2VPN and Ethernet Services Configuration Guide Cisco ASR 9000 Series Aggregation Services Router L2VPN and Ethernet Services Command Reference Cisco ASR 9000 Series Aggregation Services Router Master Commands List Cisco ASR 9000 Series Aggregation Services Router Interface and Hardware Component Command Reference Cisco IOS XR Interface and Hardware Component Command Reference Standards Standards IEEE 802.1ag ITU-T Y.1731 Title HR-295

28 Additional References Configuring Traffic Mirring on the Cisco ASR 9000 Series Router MIBs MIBs IEEE CFM MIB MIBs Link To locate and download MIBs f selected platfms using Cisco IOS XR Software, use the Cisco MIB Locat found at the following URL: RFCs RFCs No new modified RFCs are suppted by this feature, and suppt f existing RFCs has not been modified by this feature. Title Technical Assistance Description The Cisco Technical Suppt website contains thousands of pages of searchable technical content, including links to products, technologies, solutions, technical tips, and tools. Registered Cisco.com users can log in from this page to access even me content. Link HR-296

Traffic Mirroring Commands on the Cisco ASR 9000 Series Router

Traffic Mirroring Commands on the Cisco ASR 9000 Series Router Traffic Mirroring Commands on the Cisco ASR 9000 Series Router This module describes the commands used to configure and monitor traffic mirroring. acl, page 2 clear monitor-session counters, page 4 destination

More information

Traffic Mirroring Commands on the Cisco IOS XR Software

Traffic Mirroring Commands on the Cisco IOS XR Software Traffic Mirroring Commands on the Cisco IOS XR Software This module describes the commands used to configure and monitor traffic mirroring. acl, page 2 clear monitor-session counters, page 4 destination

More information

Configuring NetFlow on Cisco ASR 9000 Series Aggregation Services Router

Configuring NetFlow on Cisco ASR 9000 Series Aggregation Services Router Configuring NetFlow on Cisco ASR 9000 Series Aggregation Services Router This module describes the configuration of NetFlow on the Cisco ASR 9000 Series Aggregation Services Router. A NetFlow flow is a

More information

Configuring NetFlow on Cisco IOS XR Software

Configuring NetFlow on Cisco IOS XR Software Configuring NetFlow on Cisco IOS XR Software A NetFlow flow is a unidirectional sequence of packets that arrive on a single interface ( subinterface), and have the same values f key fields. NetFlow is

More information

Implementing MPLS VPNs over IP Tunnels on Cisco IOS XR Software

Implementing MPLS VPNs over IP Tunnels on Cisco IOS XR Software Implementing MPLS VPNs over IP Tunnels on Cisco IOS XR Software The MPLS VPNs over IP Tunnels feature lets you deploy Layer 3 Virtual Private Netwk (L3VPN) services, over an IP ce netwk, using L2TPv3 multipoint

More information

Configuring IP SLA Service Performance Testing

Configuring IP SLA Service Performance Testing 9 CHAPTER Configuring IP SLA Service Perfmance Testing First Published: July 2013 Last Updated: November 2013 This chapter describes how to configure the ITU-T Y.1564 Ethernet service perfmance test methodology

More information

Implementing MPLS VPNs over IP Tunnels

Implementing MPLS VPNs over IP Tunnels Implementing MPLS VPNs over IP Tunnels The MPLS VPNs over IP Tunnels feature lets you deploy Layer 3 Virtual Private Netwk (L3VPN) services, over an IP ce netwk, using L2TPv3 multipoint tunneling instead

More information

Creating Disk Backups for the Cisco IOS XR Software and Configurations

Creating Disk Backups for the Cisco IOS XR Software and Configurations Creating Disk Backups f the Cisco IOS XR Software and Configurations This module describes the process to configure disk mirring and create a backup disk of the Cisco IOS XR software packages and configurations.

More information

Configuring SPAN and RSPAN

Configuring SPAN and RSPAN CHAPTER 23 This chapter describes how to configure Switched Port Analyzer (SPAN) and Remote SPAN (RSPAN) on the Catalyst 2960 switch. Note For complete syntax and usage information for the commands used

More information

Implementing Object Tracking on Cisco IOS XR Software

Implementing Object Tracking on Cisco IOS XR Software Implementing Object Tracking on Cisco IOS XR Software This module describes the configuration of object tracking on your Cisco IOS XR network. For information about its application in IPSec, see Cisco

More information

Multiprotocol Label Switching Load Balancing

Multiprotocol Label Switching Load Balancing Multiprotocol Label Switching Load Balancing First Published: July 2013 The Cisco ME 3800 and ME 3600 switches support IPv4 and IPv6 load balancing at the LER and LSR. Effective with Cisco IOS Release

More information

MPLS VPN over mgre. Finding Feature Information. Prerequisites for MPLS VPN over mgre

MPLS VPN over mgre. Finding Feature Information. Prerequisites for MPLS VPN over mgre The feature overcomes the requirement that a carrier support multiprotocol label switching (MPLS) by allowing you to provide MPLS connectivity between networks that are connected by IP-only networks. This

More information

Configure IOS Catalyst Switches to Connect Cisco IP Phones Configuration Example

Configure IOS Catalyst Switches to Connect Cisco IP Phones Configuration Example Configure IOS Catalyst Switches to Connect Cisco IP Phones Configuration Example Document ID: 69632 Introduction Prerequisites Requirements Components Used Conventions Background Information Configure

More information

Flow-Based per Port-Channel Load Balancing

Flow-Based per Port-Channel Load Balancing The feature allows different flows of traffic over a Gigabit EtherChannel (GEC) interface to be identified based on the packet header and then mapped to the different member links of the port channel.

More information

Troubleshooting Bundles and Load Balancing

Troubleshooting Bundles and Load Balancing CHAPTER 5 This chapter explains the procedures for troubleshooting link bundles and load balancing on the Cisco ASR 9000 Aggregation Services Router. A link bundle is a group of ports that are bundled

More information

Denial of Service (DoS) Protection

Denial of Service (DoS) Protection CHAPTER 74 Security ACLs and VACLs, page 74-2 QoS Rate Limiting, page 74-2 Global Protocol Packet Policing, page 74-3 Unicast Reverse Path Forwarding (urpf) Check, page 74-5 Configuring Sticky ARP, page

More information

Configuring NetFlow-lite

Configuring NetFlow-lite CHAPTER 55 Note NetFlow-lite is only supported on Catalyst 4948E Ethernet Switch. This chapter describes how to configure NetFlow-lite on the Catalyst 4948E switch. NetFlow-lite provides traffic monitoring

More information

Configuring Link Bundling on Cisco IOS XR Software

Configuring Link Bundling on Cisco IOS XR Software Configuring Link Bundling on Cisco IOS XR Software This module describes the configuration of link bundle interfaces on the Cisco CRS Router. A link bundle is a group of one or more ports that are aggregated

More information

Virtual Private LAN Service on Cisco Catalyst 6500/6800 Supervisor Engine 2T

Virtual Private LAN Service on Cisco Catalyst 6500/6800 Supervisor Engine 2T White Paper Virtual Private LAN Service on Cisco Catalyst 6500/6800 Supervisor Engine 2T Introduction to Virtual Private LAN Service The Cisco Catalyst 6500/6800 Series Supervisor Engine 2T supports virtual

More information

ITU-T G.8032 Ethernet Ring Protection Switching

ITU-T G.8032 Ethernet Ring Protection Switching The feature implements protection switching mechanisms for Ethernet layer ring topologies. This feature uses the G.8032 Ethernet Ring Protection (ERP) protocol, defined in ITU-T G.8032, to provide protection

More information

NetFlow Subinterface Support

NetFlow Subinterface Support NetFlow Subinterface Support Feature History Release Modification 12.2(14)S This feature was introduced. 12.2(15)T This feature was integrated into Cisco IOS Release 12.2 T. This document describes the

More information

Configuring DHCP Snooping

Configuring DHCP Snooping CHAPTER 19 This chapter describes how to configure Dynamic Host Configuration Protocol (DHCP) snooping on Catalyst 4500 series switches. It provides guidelines, procedures, and configuration examples.

More information

Ethernet Overhead Accounting

Ethernet Overhead Accounting The feature enables the router to account for downstream Ethernet frame headers when applying shaping to packets. Finding Feature Information, page 1 Restrictions for, page 1 Information About, page 2

More information

Configuring DHCP Snooping and IP Source Guard

Configuring DHCP Snooping and IP Source Guard CHAPTER 19 This chapter describes how to configure Dynamic Host Configuration Protocol (DHCP) snooping and IP Source Guard on Catalyst 4500 series switches. It provides guidelines, procedures, and configuration

More information

Configuring a Load-Balancing Scheme

Configuring a Load-Balancing Scheme This module contains information about Cisco Express Forwarding and describes the tasks for configuring a load-balancing scheme for Cisco Express Forwarding traffic. Load-balancing allows you to optimize

More information

Internetworking II: VPNs, MPLS, and Traffic Engineering

Internetworking II: VPNs, MPLS, and Traffic Engineering Internetworking II: VPNs, MPLS, and Traffic Engineering 3035/GZ01 Networked Systems Kyle Jamieson Lecture 10 Department of Computer Science University College London Taxonomy of communica@on networks Virtual

More information

Configuring Flexible NetFlow

Configuring Flexible NetFlow CHAPTER 62 Note Flexible NetFlow is only supported on Supervisor Engine 7-E, Supervisor Engine 7L-E, and Catalyst 4500X. Flow is defined as a unique set of key fields attributes, which might include fields

More information

Per-Packet Load Balancing

Per-Packet Load Balancing Per-Packet Load Balancing Feature History Release 12.0(19)ST 12.0(21)S 12.0(22)S Modification This feature was introduced on the Cisco 10000 series routers. This feature was introduced on the Cisco 12000

More information

Configuring the Firewall Management Interface

Configuring the Firewall Management Interface Configuring the Firewall Management Interface The firewall management interface can be configured under each firewall context to provide a virtualized management interface (see Figure 7). The management

More information

Configuring a Load-Balancing Scheme

Configuring a Load-Balancing Scheme Configuring a Load-Balancing Scheme Last Updated: October 5, 2011 This module contains information about Cisco Express Forwarding and describes the tasks for configuring a load-balancing scheme for Cisco

More information

Flow Monitor Configuration. Content CHAPTER 1 MIRROR CONFIGURATION... 1-1 CHAPTER 2 RSPAN CONFIGURATION... 2-1 CHAPTER 3 SFLOW CONFIGURATION...

Flow Monitor Configuration. Content CHAPTER 1 MIRROR CONFIGURATION... 1-1 CHAPTER 2 RSPAN CONFIGURATION... 2-1 CHAPTER 3 SFLOW CONFIGURATION... Content Content CHAPTER 1 MIRROR CONFIGURATION... 1-1 1.1 INTRODUCTION TO MIRROR... 1-1 1.2 MIRROR CONFIGURATION TASK LIST 1.3 MIRROR EXAMPLES 1.4 DEVICE MIRROR TROUBLESHOOTING... 1-1... 1-2... 1-3 CHAPTER

More information

CCT vs. CCENT Skill Set Comparison

CCT vs. CCENT Skill Set Comparison Operation of IP Data Networks Recognize the purpose and functions of various network devices such as Routers, Switches, Bridges and Hubs Select the components required to meet a given network specification

More information

Configuring EtherChannels

Configuring EtherChannels CHAPTER 12 This chapter describes how to configure EtherChannels on the Cisco 7600 series router Layer 2 or Layer 3 LAN ports. For complete syntax and usage information for the commands used in this chapter,

More information

Configuring a Load-Balancing Scheme

Configuring a Load-Balancing Scheme Configuring a Load-Balancing Scheme Finding Feature Information Configuring a Load-Balancing Scheme Last Updated: August 15, 2011 This module contains information about Cisco Express Forwarding and describes

More information

Chapter 4 Rate Limiting

Chapter 4 Rate Limiting Chapter 4 Rate Limiting HP s rate limiting enables you to control the amount of bandwidth specific Ethernet traffic uses on specific interfaces, by limiting the amount of data the interface receives or

More information

Catalyst Switched Port Analyzer (SPAN) Configuration Example

Catalyst Switched Port Analyzer (SPAN) Configuration Example Catalyst Switched Port Analyzer (SPAN) Configuration Example Document ID: 10570 Contributed by Shashank Singh, Cisco TAC Engineer. Apr 21, 2014 Contents Introduction Prerequisites Catalyst Switches That

More information

Flow Monitor Configuration. Content CHAPTER 1 MIRROR CONFIGURATION... 1-1 CHAPTER 2 RSPAN CONFIGURATION... 2-1 CHAPTER 3 SFLOW CONFIGURATION...

Flow Monitor Configuration. Content CHAPTER 1 MIRROR CONFIGURATION... 1-1 CHAPTER 2 RSPAN CONFIGURATION... 2-1 CHAPTER 3 SFLOW CONFIGURATION... Content Content CHAPTER 1 MIRROR CONFIGURATION... 1-1 1.1 INTRODUCTION TO MIRROR... 1-1 1.2 MIRROR CONFIGURATION TASK LIST... 1-1 1.3 MIRROR EXAMPLES... 1-2 1.4 DEVICE MIRROR TROUBLESHOOTING... 1-3 CHAPTER

More information

AutoQoS. Prerequisites for AutoQoS CHAPTER

AutoQoS. Prerequisites for AutoQoS CHAPTER CHAPTER 63 Prerequisites for, page 63-1 Restrictions for, page 63-2 Information About, page 63-2 Default Settings for, page 63-4 How to Configure, page 63-4 For complete syntax and usage information for

More information

Using Link Layer Discovery Protocol in Multivendor Networks

Using Link Layer Discovery Protocol in Multivendor Networks Using Link Layer Discovery Protocol in Multivendor Networks Link Layer Discovery Protocol (LLDP), standardized by the IEEE as part of 802.1ab, enables standardized discovery of nodes, which in turn facilitates

More information

You can specify IPv4 and IPv6 addresses while performing various tasks in this feature. The resource

You can specify IPv4 and IPv6 addresses while performing various tasks in this feature. The resource The feature enables the configuration of a Virtual Private Network (VPN) routing and forwarding instance (VRF) table so that the domain name system (DNS) can forward queries to name servers using the VRF

More information

New Features in Cisco IOS Software Release 12.2(33)SXI2

New Features in Cisco IOS Software Release 12.2(33)SXI2 . Product Bulletin New Features in Cisco IOS Software Release 12.2(33)SXI2 PB552599 This product bulletin introduces Cisco IOS Software Release 12.2(33)SXI2, highlighting the new features it offers. Introduction

More information

GLBP - Gateway Load Balancing Protocol

GLBP - Gateway Load Balancing Protocol GLBP - Gateway Load Balancing Protocol Gateway Load Balancing Protocol (GLBP) protects data traffic from a failed router or circuit, like Hot Standby Router Protocol (HSRP) and Virtual Router Redundancy

More information

Constraining IP Multicast in a Switched Ethernet Network

Constraining IP Multicast in a Switched Ethernet Network Constraining IP Multicast in a Switched Ethernet Network This module describes how to configure routers to use the Cisco Group Management Protocol (CGMP) in switched Ethernet networks to control multicast

More information

Flow Monitor Configuration. Content CHAPTER 1 MIRROR CONFIGURATION... 1-1 CHAPTER 2 SFLOW CONFIGURATION... 2-1 CHAPTER 3 RSPAN CONFIGURATION...

Flow Monitor Configuration. Content CHAPTER 1 MIRROR CONFIGURATION... 1-1 CHAPTER 2 SFLOW CONFIGURATION... 2-1 CHAPTER 3 RSPAN CONFIGURATION... Content Content CHAPTER 1 MIRROR CONFIGURATION... 1-1 1.1 INTRODUCTION TO MIRROR... 1-1 1.2 MIRROR CONFIGURATION TASK LIST... 1-1 1.3 MIRROR EXAMPLES... 1-2 1.4 DEVICE MIRROR TROUBLESHOOTING... 1-3 CHAPTER

More information

Management Software. Web Browser User s Guide AT-S106. For the AT-GS950/48 Gigabit Ethernet Smart Switch. Version 1.0.0. 613-001339 Rev.

Management Software. Web Browser User s Guide AT-S106. For the AT-GS950/48 Gigabit Ethernet Smart Switch. Version 1.0.0. 613-001339 Rev. Management Software AT-S106 Web Browser User s Guide For the AT-GS950/48 Gigabit Ethernet Smart Switch Version 1.0.0 613-001339 Rev. A Copyright 2010 Allied Telesis, Inc. All rights reserved. No part of

More information

Network Configuration Example

Network Configuration Example Network Configuration Example Configuring Multiple Port Mirroring Sessions on EX4200 Switches Published: 2014-04-09 Juniper Networks, Inc. 1194 North Mathilda Avenue Sunnyvale, California 94089 USA 408-745-2000

More information

Sampled NetFlow. Feature Overview. Benefits

Sampled NetFlow. Feature Overview. Benefits Sampled NetFlow This feature module describes the Sampled NetFlow feature. It includes information on the benefits of the new feature, supported platforms, supported standards, and the commands necessary

More information

Cisco Certified Network Associate Exam. Operation of IP Data Networks. LAN Switching Technologies. IP addressing (IPv4 / IPv6)

Cisco Certified Network Associate Exam. Operation of IP Data Networks. LAN Switching Technologies. IP addressing (IPv4 / IPv6) Cisco Certified Network Associate Exam Exam Number 200-120 CCNA Associated Certifications CCNA Routing and Switching Operation of IP Data Networks Operation of IP Data Networks Recognize the purpose and

More information

QoS: Color-Aware Policer

QoS: Color-Aware Policer QoS: Color-Aware Policer First Published: August 26, 2003 Last Updated: February 28, 2006 The QoS: Color-Aware Policer enables a color-aware method of traffic policing. This feature allows you to police

More information

Configuring Auto-QoS

Configuring Auto-QoS Finding Feature Information, page 1 Prerequisites for Auto-QoS, page 1 Restrictions for Auto-QoS, page 2 Information About, page 3 How to Configure Auto-QoS, page 5 Monitoring Auto-QoS, page 9 Configuration

More information

BGP Support for IP Prefix Import from Global Table into a VRF Table

BGP Support for IP Prefix Import from Global Table into a VRF Table BGP Support for IP Prefix Import from Global Table into a VRF Table The BGP Support for IP Prefix Import from Global Table into a VRF Table feature introduces the capability to import IPv4 unicast prefixes

More information

Configuring LACP (802.3ad) Between a Catalyst 6500/6000 and a Catalyst 4500/4000

Configuring LACP (802.3ad) Between a Catalyst 6500/6000 and a Catalyst 4500/4000 Configuring LACP (802.3ad) Between a Catalyst 6500/6000 and a Catalyst 4500/4000 Document ID: 19642 Contents Introduction Before You Begin Conventions Prerequisites Components Used Background Theory Difference

More information

Network Agent Quick Start

Network Agent Quick Start Network Agent Quick Start Topic 50500 Network Agent Quick Start Updated 17-Sep-2013 Applies To: Web Filter, Web Security, Web Security Gateway, and Web Security Gateway Anywhere, v7.7 and 7.8 Websense

More information

Configuring QoS and Per Port Per VLAN QoS

Configuring QoS and Per Port Per VLAN QoS 27 CHAPTER This chapter describes how to configure quality of service (QoS) by using automatic QoS (auto-qos) commands or by using standard QoS commands on a Catalyst 45 series switch. It also describes

More information

Virtual Fragmentation Reassembly

Virtual Fragmentation Reassembly Virtual Fragmentation Reassembly Currently, the Cisco IOS Firewall specifically context-based access control (CBAC) and the intrusion detection system (IDS) cannot identify the contents of the IP fragments

More information

Configuring VLAN ACLs

Configuring VLAN ACLs 13 CHAPTER This chapter describes how to configure VLAN access lists (ACLs) on NX-OS devices. This chapter includes the following sections: Information About VLAN ACLs, page 13-1 Licensing Requirements

More information

Juniper Networks EX Series/ Cisco Catalyst Interoperability Test Results. May 1, 2009

Juniper Networks EX Series/ Cisco Catalyst Interoperability Test Results. May 1, 2009 Juniper Networks EX Series/ Cisco Catalyst Interoperability Test Results May 1, 2009 Executive Summary Juniper Networks commissioned Network Test to assess interoperability between its EX4200 and EX8208

More information

AT-S60 Version 1.1.4 Management Software for the AT-8400 Series Switch. Software Release Notes

AT-S60 Version 1.1.4 Management Software for the AT-8400 Series Switch. Software Release Notes AT-S60 Version 1.1.4 Management Software for the AT-8400 Series Switch Supported Platforms Software Release Notes Please read this document before you begin to use the AT-S60 management software. The AT-S60

More information

Configuring MVR for IPv4 Multicast Traffic

Configuring MVR for IPv4 Multicast Traffic CHAPTER 39 This chapter describes how to configure Multicast VLAN Registration (MVR) for IPv4 multicast traffic in Cisco IOS Release 12.2SX. Note For complete syntax and usage information for the commands

More information

Configuring SNMP and using the NetFlow MIB to Monitor NetFlow Data

Configuring SNMP and using the NetFlow MIB to Monitor NetFlow Data Configuring SNMP and using the NetFlow MIB to Monitor NetFlow Data NetFlow is a technology that provides highly granular per-flow statistics on traffic in a Cisco router. The NetFlow MIB feature provides

More information

Interconnecting Cisco Network Devices 1 Course, Class Outline

Interconnecting Cisco Network Devices 1 Course, Class Outline www.etidaho.com (208) 327-0768 Interconnecting Cisco Network Devices 1 Course, Class Outline 5 Days Interconnecting Cisco Networking Devices, Part 1 (ICND1) v2.0 is a five-day, instructorled training course

More information

Configuring MPLS QoS

Configuring MPLS QoS CHAPTER 45 This chapter describes how to configure Multiprotocol Label Switching (MPLS) quality of service (QoS) in Cisco IOS Release 12.2SX. For complete syntax and usage information for the commands

More information

Implementing Secure Shell

Implementing Secure Shell Secure Shell (SSH) is an application and a protocol that provides a secure replacement to the Berkeley r-tools. The protocol secures sessions using standard cryptographic mechanisms, and the application

More information

Configuring NetFlow. Information About NetFlow. NetFlow Overview. Send document comments to nexus7k-docfeedback@cisco.com. CHAPTER

Configuring NetFlow. Information About NetFlow. NetFlow Overview. Send document comments to nexus7k-docfeedback@cisco.com. CHAPTER CHAPTER 19 This chapter describes how to configure the NetFlow feature on Cisco NX-OS devices. This chapter includes the following sections: Information About NetFlow, page 19-1 Licensing Requirements

More information

NetFlow Aggregation. Feature Overview. Aggregation Cache Schemes

NetFlow Aggregation. Feature Overview. Aggregation Cache Schemes NetFlow Aggregation This document describes the Cisco IOS NetFlow Aggregation feature, which allows Cisco NetFlow users to summarize NetFlow export data on an IOS router before the data is exported to

More information

Configuring MAC ACLs

Configuring MAC ACLs Send document comments to nexus7k-docfeedback@cisco.com 12 CHAPTER This chapter describes how to configure MAC access lists (ACLs) on NX-OS devices. This chapter includes the following sections: Information

More information

Quick Start for Network Agent. 5-Step Quick Start. What is Network Agent?

Quick Start for Network Agent. 5-Step Quick Start. What is Network Agent? What is Network Agent? The Websense Network Agent software component uses sniffer technology to monitor all of the internet traffic on the network machines that you assign to it. Network Agent filters

More information

s@lm@n Cisco Exam 642-889 Implementing Cisco Service Provider Next-Generation Egde Network Services Version: 7.0 [ Total Questions: 126 ]

s@lm@n Cisco Exam 642-889 Implementing Cisco Service Provider Next-Generation Egde Network Services Version: 7.0 [ Total Questions: 126 ] s@lm@n Cisco Exam 642-889 Implementing Cisco Service Provider Next-Generation Egde Network Services Version: 7.0 [ Total Questions: 126 ] Cisco 642-889 : Practice Test Question No : 1 Refer to the exhibit.

More information

CCNA R&S: Introduction to Networks. Chapter 5: Ethernet

CCNA R&S: Introduction to Networks. Chapter 5: Ethernet CCNA R&S: Introduction to Networks Chapter 5: Ethernet 5.0.1.1 Introduction The OSI physical layer provides the means to transport the bits that make up a data link layer frame across the network media.

More information

Configuring NetFlow. Information About NetFlow. NetFlow Overview. Send document comments to nexus7k-docfeedback@cisco.com. CHAPTER

Configuring NetFlow. Information About NetFlow. NetFlow Overview. Send document comments to nexus7k-docfeedback@cisco.com. CHAPTER CHAPTER 16 This chapter describes how to configure the NetFlow feature on Cisco NX-OS devices. This chapter includes the following sections: Information About NetFlow, page 16-1 Licensing Requirements

More information

Configuring IGMP Snooping

Configuring IGMP Snooping CHAPTER 5 This chapter describes how to configure Internet Group Management Protocol (IGMP) snooping. This chapter includes the following topics: Information about IGMP Snooping, page 5-1 Prerequisites

More information

Cisco Configuring Basic MPLS Using OSPF

Cisco Configuring Basic MPLS Using OSPF Table of Contents Configuring Basic MPLS Using OSPF...1 Introduction...1 Mechanism...1 Hardware and Software Versions...2 Network Diagram...2 Configurations...2 Quick Configuration Guide...2 Configuration

More information

100-101: Interconnecting Cisco Networking Devices Part 1 v2.0 (ICND1)

100-101: Interconnecting Cisco Networking Devices Part 1 v2.0 (ICND1) 100-101: Interconnecting Cisco Networking Devices Part 1 v2.0 (ICND1) Course Overview This course provides students with the knowledge and skills to implement and support a small switched and routed network.

More information

Configuring Traffic Storm Control

Configuring Traffic Storm Control 39 CHAPTER This chapter describes how to configure the traffic storm control feature on the Catalyst 6500 series switches. For complete syntax and usage information for the commands used in this chapter,

More information

Interconnecting Cisco Networking Devices Part 2

Interconnecting Cisco Networking Devices Part 2 Interconnecting Cisco Networking Devices Part 2 Course Number: ICND2 Length: 5 Day(s) Certification Exam This course will help you prepare for the following exam: 640 816: ICND2 Course Overview This course

More information

Cisco IOS Flexible NetFlow Command Reference

Cisco IOS Flexible NetFlow Command Reference Americas Headquarters Cisco Systems, Inc. 170 West Tasman Drive San Jose, CA 95134-1706 USA http://www.cisco.com Tel: 408 526-4000 800 553-NETS (6387) Fax: 408 527-0883 THE SPECIFICATIONS AND INFORMATION

More information

Catalyst Layer 3 Switch for Wake On LAN Support Across VLANs Configuration Example

Catalyst Layer 3 Switch for Wake On LAN Support Across VLANs Configuration Example Catalyst Layer 3 Switch for Wake On LAN Support Across VLANs Configuration Example Document ID: 91672 Contents Introduction Prerequisites Requirements Components Used Conventions Background Information

More information

Configuring Local SPAN and ERSPAN

Configuring Local SPAN and ERSPAN CHAPTER 9 This chapter describes how to configure the Local and ER Ethernet switched port analyzer (SPAN) feature to monitor traffic and includes the following topics: Information About SPAN and ERSPAN,

More information

Juniper / Cisco Interoperability Tests. August 2014

Juniper / Cisco Interoperability Tests. August 2014 Juniper / Cisco Interoperability Tests August 2014 Executive Summary Juniper Networks commissioned Network Test to assess interoperability, with an emphasis on data center connectivity, between Juniper

More information

Configuring Static Routing

Configuring Static Routing CHAPTER 8 This chapter describes how to configure static routing on the switch. This chapter includes the following sections: Information About Static Routing, page 8-1 Licensing Requirements for Static

More information

What s New in VMware vsphere 5.5 Networking

What s New in VMware vsphere 5.5 Networking VMware vsphere 5.5 TECHNICAL MARKETING DOCUMENTATION Table of Contents Introduction.................................................................. 3 VMware vsphere Distributed Switch Enhancements..............................

More information

BGP Link Bandwidth. Finding Feature Information. Prerequisites for BGP Link Bandwidth

BGP Link Bandwidth. Finding Feature Information. Prerequisites for BGP Link Bandwidth The Border Gateway Protocol (BGP) Link Bandwidth feature is used to advertise the bandwidth of an autonomous system exit link as an extended community. This feature is configured for links between directly

More information

NetFlow v9 Export Format

NetFlow v9 Export Format NetFlow v9 Export Format With this release, NetFlow can export data in NetFlow v9 (version 9) export format. This format is flexible and extensible, which provides the versatility needed to support new

More information

MPLS VPN Route Target Rewrite

MPLS VPN Route Target Rewrite The feature allows the replacement of route targets on incoming and outgoing Border Gateway Protocol (BGP) updates Typically, Autonomous System Border Routers (ASBRs) perform the replacement of route targets

More information

6/8/2011. Document ID: 12023. Contents. Introduction. Prerequisites. Requirements. Components Used. Conventions. Introduction

6/8/2011. Document ID: 12023. Contents. Introduction. Prerequisites. Requirements. Components Used. Conventions. Introduction Page 1 of 9 Products & Services Understanding EtherChannel Load Balancing and Redundancy on Catalyst Switches Document ID: 12023 Contents Introduction Prerequisites Requirements Components Used Conventions

More information

Cisco - Catalyst 2950 Series Switches Quality of Service (QoS) FAQ

Cisco - Catalyst 2950 Series Switches Quality of Service (QoS) FAQ Page 1 of 8 Catalyst 2950 Series Switches Quality of Service (QoS) FAQ Document ID: 46523 TAC Notice: What's C han g i n g o n T A C We b H el p u s h el p y ou. Questions Introduction What is the software

More information

LiveAction Application Note

LiveAction Application Note LiveAction Application Note Layer 2 Monitoring and Host Location Using LiveAction to monitor and identify inter-/intra-switch VLAN configurations, and locating workstations within the network infrastructure.

More information

Chapter 11 Network Address Translation

Chapter 11 Network Address Translation Chapter 11 Network Address Translation You can configure an HP routing switch to perform standard Network Address Translation (NAT). NAT enables private IP networks that use nonregistered IP addresses

More information

1- and 2-Port Fast Ethernet High-Speed WAN Interface Cards for Cisco 1841, 2800, and 3800 Series Integrated Services Routers

1- and 2-Port Fast Ethernet High-Speed WAN Interface Cards for Cisco 1841, 2800, and 3800 Series Integrated Services Routers 1- and 2-Port Fast Ethernet High-Speed WAN Interface Cards for Cisco 1841, 2800, and 3800 Series Integrated Services Routers Overview The Layer 3 Cisco 1- and 2-Port Fast Ethernet High-Speed WAN interface

More information

INTRODUCTION TO L2VPNS

INTRODUCTION TO L2VPNS INTRODUCTION TO L2VPNS 4 Introduction to Layer 2 and Layer 3 VPN Services CE Layer 3 VPN Link Comprised of IP Traffic Passed Over IP Backbone LEGEND Layer 3 VPN Layer 2 VPN CE CE PE IP Backbone PE CE Layer

More information

Cisco Integrators Cisco Partners installing and implementing the Cisco Catalyst 6500 Series Switches

Cisco Integrators Cisco Partners installing and implementing the Cisco Catalyst 6500 Series Switches Implementing Cisco Catalyst 6500 Series Switches (RSCAT6K) Fast Lane is proud to be once again on the cutting edge with this intensive 3-day Authorized course on the latest features and functionality of

More information

Can PowerConnect Switches Be Used in IP Multicast Networks?

Can PowerConnect Switches Be Used in IP Multicast Networks? PowerConnect Application Note #6 January 2004 Can PowerConnect Switches Be Used in IP Multicast Networks? This Application Note relates to the following Dell PowerConnect products: PowerConnect 33xx PowerConnect

More information

Configuring Port Security

Configuring Port Security CHAPTER 62 This chapter describes how to configure the port security feature. For complete syntax and usage information for the commands used in this chapter, see the Cisco IOS Master List, at this URL:

More information

"Charting the Course...

Charting the Course... Description "Charting the Course... Course Summary Interconnecting Cisco Networking Devices: Accelerated (CCNAX), is a course consisting of ICND1 and ICND2 content in its entirety, but with the content

More information

Strategies to Protect Against Distributed Denial of Service (DD

Strategies to Protect Against Distributed Denial of Service (DD Strategies to Protect Against Distributed Denial of Service (DD Table of Contents Strategies to Protect Against Distributed Denial of Service (DDoS) Attacks...1 Introduction...1 Understanding the Basics

More information

Getting Started with Configuring Cisco IOS NetFlow and NetFlow Data Export

Getting Started with Configuring Cisco IOS NetFlow and NetFlow Data Export Getting Started with Configuring Cisco IOS NetFlow and NetFlow Data Export Last Updated: November 28, 2011 This module contains the minimum amount of information about and instructions necessary for configuring

More information

Configuring EtherChannels

Configuring EtherChannels 25 CHAPTER This chapter describes how to configure EtherChannel interfaces. For complete syntax and usage information for the commands used in this chapter, refer to the Catalyst 2950 Desktop Switch Command

More information

VPLS Technology White Paper HUAWEI TECHNOLOGIES CO., LTD. Issue 01. Date 2012-10-30

VPLS Technology White Paper HUAWEI TECHNOLOGIES CO., LTD. Issue 01. Date 2012-10-30 Issue 01 Date 2012-10-30 HUAWEI TECHNOLOGIES CO., LTD. 2012. All rights reserved. No part of this document may be reproduced or transmitted in any form or by any means without prior written consent of

More information

Configuring Denial of Service Protection

Configuring Denial of Service Protection 24 CHAPTER This chapter contains information on how to protect your system against Denial of Service (DoS) attacks. The information covered in this chapter is unique to the Catalyst 6500 series switches,

More information

Configuring EtherChannel and 802.1Q Trunking Between Catalyst L2 Fixed Configuration Switches and Catalyst Switches Running CatOS

Configuring EtherChannel and 802.1Q Trunking Between Catalyst L2 Fixed Configuration Switches and Catalyst Switches Running CatOS Configuring EtherChannel and 802.1Q Trunking Between Catalyst L2 Fixed Configuration Switches and Catalyst Switches Running CatOS Document ID: 23408 Contents Introduction Prerequisites Requirements Components

More information