Priscilla is correct, normally a span only shows unicast for the VLAN on the switch where the span is enabled plus any bcast or mcast from other switches that have active ports in the VLAN in question. However, there is a "remote span" capability that has been added to the 6000 series in 5.3 code that does allow you to see the traffic for an entire vlan from any switch in the net:
http://www.cisco.com/warp/public/473/41.html#remote Regards, Kent -----Original Message----- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]]On Behalf Of Priscilla Oppenheimer Sent: Monday, April 08, 2002 10:06 AM To: [EMAIL PROTECTED] Subject: RE: port mirroring and vlans [7:40816] At 12:15 PM 4/8/02, Michael Williams wrote: >AFAIK, if you have to two switches connected via a trunk link and you mirror >VLAN1 to a port, you should see all of the traffic in VLAN1 (i.e. from all >switches involved in that VLAN). Only traffic that actually crosses the mirrored port, though, right? Broadcast /multicast traffic for the VLAN as well as traffic directed to ports on the switch doing mirroring that are in VLAN 1. I got the impression he thought he was going to see traffic on other switches that happened to have ports in VLAN 1 too. I doubt that's true. Think of all the extra work you would be requiring of the switches. Priscilla > You'll probably run into a situation where >all of the traffic in VLAN1 will overrun your mirror port (which on a busy >switch isn't hard to do). We have two 5500s trunked together, and we span >(mirror) a port on a VLAN quite frequently. > >Mike W. ________________________ Priscilla Oppenheimer http://www.priscilla.com Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=40860&t=40816 -------------------------------------------------- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
