RE: Catalyst 6000 Native IOS

From: Andrew Fort (afort@staff.webcentral.com.au)
Date: Wed Feb 07 2001 - 15:33:25 PST

  • Next message: Gamerov Timur: "Data not seen by cflowd"

    Dana said,

    > You want to use the set span command.
    > http://www.cisco.com/univercd/cc/td/doc/product/lan/cat6000/sf
    > t_6_1/cmd_ref/
    > setsn_su.htm#81207

    This is for Catalyst OS.

    Jose mentions "Native IOS", which I take to mean the Athena (production) or
    Cosmos (development) code trains; i.e., Catalyst 6000 series running ONLY
    IOS. One IOS runs on the supervisor, one on the MSFC. the CLI is provided
    by the MSFC, and talks to the supervisor via an in-band communication method
    (and the slavelog is used to pass console messages from the supervisor to
    the MSFC->CLI console).

    This software is neat - you can set up any switchport as a layer 3 router
    interface, and it beahves just like you'd expect (except that the port is
    still MDI-X, not MDI). It combines the best features of the MLS
    (routing-switch) way of doing things with the 8500 series (switching-router)
    way of doing things. You do lose some of the super advanced features of the
    Catos/MSFC hybrid (IOS VLAN ACLs, etc, but you can still do IOS ACLs
    including MAC addr ACLs and most of the work is kept in hardware).

    Jose, the command reference for Native IOS on 6000 begins here:

    http://www.cisco.com/univercd/cc/td/doc/product/lan/cat6000/ios121e/index.ht
    m

    (this is for 12.1(5a)E2 and earlier releases after 12.0(7)XE).

    The document you want is the SPAN configuration reference;

    http://www.cisco.com/univercd/cc/td/doc/product/lan/cat6000/ios127xe/config/
    span.htm

     
    > I was recently told that for a 6513 that we are buying, we
    > could span 1 port
    > to 4 other ports without it degrading performance.
    >
    > We haven't purchased this, so i can't tell you if that
    > statement has ever
    > held true.
    >
    > But spanning one port to one port, i can't see there being a problem.
    >
    > You can also span a whole VLAN to one port, you just need to
    > make sure the
    > bandwidth of the port is capable of handling the bandwidth of
    > the VLAN.
    >
    > On 2/7/01 9:23 AM, "Josť Valerdi Tormo" <jvalerdi@inicia.es> wrote:
    >
    > > Hi Andrew,
    > >
    > > I've a Catalyst 6500 and maybe it's posible that you can
    > answer me this
    > > little question. I'm testing an Intrusion Detect program
    > and of course I
    > > want to sniff all the packets that it cross my network. I
    > know that it's
    > > posible make a copy of packets from one port to another and
    > I want to know
    > > if it's necesary any special HW to do this. I've tried to find this
    > > information in the CISCO Web and I've find the "set
    > security" command, but
    > > the Switch tell me that this command it's not supported in
    > my HW. Do you
    > > know if there are any posibility to do this. I don't want a
    > heavy IP process
    > > packet I only want copy the packects from one port to another.
    > >
    > > Thanks in advance for all and beg my perdon if this mail
    > disturb you.
    > >
    > > Josť Valerdi Tormo
    > >
    > > --
    > > cflowd mailing list
    > > cflowd@caida.org
    > >
    >
    > --
    > cflowd mailing list
    > cflowd@caida.org
    >

    --
    cflowd mailing list
    cflowd@caida.org
    



    This archive was generated by hypermail 2b29 : Wed Feb 07 2001 - 15:44:42 PST