Dana said,
> You want to use the set span command.
> http://www.cisco.com/univercd/cc/td/doc/product/lan/cat6000/sf
> t_6_1/cmd_ref/
> setsn_su.htm#81207
This is for Catalyst OS.
Jose mentions "Native IOS", which I take to mean the Athena (production) or
Cosmos (development) code trains; i.e., Catalyst 6000 series running ONLY
IOS. One IOS runs on the supervisor, one on the MSFC. the CLI is provided
by the MSFC, and talks to the supervisor via an in-band communication method
(and the slavelog is used to pass console messages from the supervisor to
the MSFC->CLI console).
This software is neat - you can set up any switchport as a layer 3 router
interface, and it beahves just like you'd expect (except that the port is
still MDI-X, not MDI). It combines the best features of the MLS
(routing-switch) way of doing things with the 8500 series (switching-router)
way of doing things. You do lose some of the super advanced features of the
Catos/MSFC hybrid (IOS VLAN ACLs, etc, but you can still do IOS ACLs
including MAC addr ACLs and most of the work is kept in hardware).
Jose, the command reference for Native IOS on 6000 begins here:
http://www.cisco.com/univercd/cc/td/doc/product/lan/cat6000/ios121e/index.ht
m
(this is for 12.1(5a)E2 and earlier releases after 12.0(7)XE).
The document you want is the SPAN configuration reference;
http://www.cisco.com/univercd/cc/td/doc/product/lan/cat6000/ios127xe/config/
span.htm
> I was recently told that for a 6513 that we are buying, we
> could span 1 port
> to 4 other ports without it degrading performance.
>
> We haven't purchased this, so i can't tell you if that
> statement has ever
> held true.
>
> But spanning one port to one port, i can't see there being a problem.
>
> You can also span a whole VLAN to one port, you just need to
> make sure the
> bandwidth of the port is capable of handling the bandwidth of
> the VLAN.
>
> On 2/7/01 9:23 AM, "José Valerdi Tormo" <jvalerdi@inicia.es> wrote:
>
> > Hi Andrew,
> >
> > I've a Catalyst 6500 and maybe it's posible that you can
> answer me this
> > little question. I'm testing an Intrusion Detect program
> and of course I
> > want to sniff all the packets that it cross my network. I
> know that it's
> > posible make a copy of packets from one port to another and
> I want to know
> > if it's necesary any special HW to do this. I've tried to find this
> > information in the CISCO Web and I've find the "set
> security" command, but
> > the Switch tell me that this command it's not supported in
> my HW. Do you
> > know if there are any posibility to do this. I don't want a
> heavy IP process
> > packet I only want copy the packects from one port to another.
> >
> > Thanks in advance for all and beg my perdon if this mail
> disturb you.
> >
> > José Valerdi Tormo
> >
> > --
> > cflowd mailing list
> > cflowd@caida.org
> >
>
> --
> cflowd mailing list
> cflowd@caida.org
>
-- cflowd mailing list cflowd@caida.org
This archive was generated by hypermail 2b29 : Wed Feb 07 2001 - 15:44:42 PST