Latest

Datacenter: Configuring SPAN on Nexus 5K Switch

Configuring SPAN on Nexus 5K Switch

SPAN stands for Switched Port Analyzer. It is basically a way to copy the Rx/Tx traffic from a port/Vlan and paste it on other interfaces where you have servers connected, which can capture the traffic using Wireshark or Ethereal. The purpose is to monitor and analyze the traffic. It is advisable to have both source and destination ports connected to the same switch or virtual data center.

Here in this article we are going to configure the SPAN port on Nexus 5K switch ( Both Source and Destination)

Fig 1.1- Cisco Nexus 5k SPAN port

Lets configured the destination port first

NDNA_N5K1#config t
NDNA_N5K1(config)# interface eth1/2
NDNA_N5K1(config-if)# switchport
NDNA_N5K1(config-if)# switchport monitor
NDNA_N5K1(config-if)# no shutdown
NDNA_N5K1(config-if)# end
NDNA_N5K1#

Now configure the source port on the same Nexus 5K device

NDNA_N5K1#config t
NDNA_N5K1(config)# monitor session 1
NDNA_N5K1(config-monitor)# source interface eth1/1 rx
NDNA_N5K1(config-monitor)# destination interface eth1/2
NDNA_N5K1(config-monitor)# no shutdown
NDNA_N5K1(config-monitor)# end
NDNA_N5K1#

Now you can verify SPAN monitor session below 

NDNA_N5K1# show monitor session 1

session 1
---------------
type              : local
state             : up
source intf       :
    rx            : Eth1/1
    tx            : 
    both          : 
source VLANs      :
    rx            :
source VSANs      :
    rx            : 
destination ports : Eth1/2

In same way you can add multiple interfaces ( Physical, VLAN) to the same monitor session 1 in order to get copied to same destination port.

If you want to add the MTU, you can add that as well showing below

NDNA_N5K1#config t
NDNA_N5K1(config)# monitor session 1
NDNA_N5K1(config-monitor)# mtu 200
NDNA_N5K1(config-monitor)# end
NDNA_N5K1#