At 11:49 AM 7/11/2005, Nathan Allen Stratton commented:
I wanted to ping the list and get some feedback on switches with advanced port mirroring with filtering. Right now we are using Cisco 6509s with SUP 720s in a VoIP application. The routers and switches work well, but we keep hitting the wall on port monitoring because cisco only lets us have two monitoring ports.
That is not exactly true - we give you two sessions (in IOS). Each session can monitor a number of ports or VLANs and mirror the traffic to one or more destination ports, an RSPAN VLAN, or a remote device over GRE using ERSPAN. You can configure dot1q trunking on the destination interfaces & use allowed vlan lists to create "virtual" VLAN span sessions using a single actual session. I can send you a document describing this configuration if you like.
Lets say I have a 32 port switch with all sorts of SIP hardware on it. I am looking for a switch that would let me do someting like this:
Mirror all POP ISP traffic to NetVMG box Mirror all SIP and RTP traffic to VoIP Hammer probe Mirror all SIP (5060 65060) traffic to signaling to Ethereal box Mirror all RTCP traffic to VoIP quality engine
So you may be able to accomplish what you need using the various SPAN session options above. http://www.cisco.com/univercd/cc/td/doc/product/lan/cat6000/122sx/swcg/span.... There is also the VLAN ACL feature which uses the ACL TCAM entries to either capture or redirect IP traffic to capture or redirect ports respectively. This is accomplished by configuring a vlan access-map (assuming IOS) to match the traffic you want and say whether you want to permit/permit+capture/deny/redirect it. Then you tie the access-map to the vlan with the vlan filter command. http://www.cisco.com/univercd/cc/td/doc/product/lan/cat6000/122sx/swcg/vacl.... Hope that helps, Tim
<> Nathan Stratton BroadVoice, Inc. nathan at robotics.net Talk IS Cheap http://www.robotics.net http://www.broadvoice.com
Tim Stevenson, tstevens@cisco.com Routing & Switching CCIE #5561 Technical Marketing Engineer, Catalyst 6500 Cisco Systems, http://www.cisco.com IP Phone: 408-526-6759 ******************************************************** The contents of this message may be *Cisco Confidential* and are intended for the specified recipients only.