[nsp] Cat6500 Span limits and VACL to capture

Carles Fragoso i Mariscal cfragoso at cesca.es
Mon May 24 06:46:19 EDT 2004 

Thanks Steve for your answer,

I didn't noticed that it is a different concept from a span port,
a monitoring port.

I was trying to test it and I found some questions:

	vlan access-map TESTING 10
	 match ip address 115
	 action forward capture
	!
	vlan access-map TESTING 20
	 match ip address 116
	 action forward
	!    
	access-list 115 permit ip host a.b.c.d host e.f.g.h
	access-list 115 permit ip host e.f.g.h host a.b.c.d
      access-list 116 permit ip any any
	int GiX/Y
	 swichport capture allowed vlan 10
	!
	vlan filter TESTING vlan-list 10

- If I only want to capture traffic between host a.b.c.d and
e.f.g.h as detailed on ACL, is a seq 20 on TESTING vlan access-map 
necessary in order to allow the rest of the traffic being forwarded?

- That means that if I would like to do two monitoring ports, the
only way to limit visibility amongst them is filtering based on
vlan, isn't it? swichport capture allowed vlan 10.

Is there any kind of limitation on doing this kind of capture?

Sorry if it is a silly question but I was used to use span's 
instead of capture vacl concept.

Thanks in advance! ;)

-- Carlos


-----Mensaje original-----
De: Steve Francis [mailto:steve at expertcity.com]
Enviado el: lunes, 24 de mayo de 2004 5:03
Para: Carles Fragoso i Mariscal
CC: cisco-nsp at puck.nether.net
Asunto: Re: [nsp] Cat6500 Span limits and VACL to capture


Carles Fragoso i Mariscal wrote:

>
>Secondly, I have been told that there is a way of doing a L2 VACL that
>allows to forward ACL-matched traffic to a span port. Anyone has done
>it and could give me an example on that?
>
>I have tried defining an 'vlan access-map' and applying it with 'vlan 
>filter' but I can't find the way of setting the destination span.
>Is it possible to apply it on a L2 port instead of VLAN basis?
>  
>
switchport capture
on the destination port.

>Thanks in advance to everyone,
>____________________________________________________
>          __
>         / /          Carles Fragoso i Mariscal
>   C E / S / C A   Communications & Operations Dept.
>       /_/              <cfragoso at cesca.es>
>
>           Supercomputing Center of Catalonia
>     	    CATalonia Neutral Internet eXchange
>          Tlf: +34932056464  Fax: +34932056979
>___________________________________________________
>_______________________________________________
>cisco-nsp mailing list  cisco-nsp at puck.nether.net
>https://puck.nether.net/mailman/listinfo/cisco-nsp
>archive at http://puck.nether.net/pipermail/cisco-nsp/
>  
>

More information about the cisco-nsp mailing list