Monitor Port Destination

dominic.stevens · ‎08-17-2013

Hi

I am working on a packet capture/monitoring design - and have a question -

Will traffic be forwarded from a Destination Monitor Port - If the capture appliance were to send traffic back.

I am assuming this would be blocked/filtered

But I am looking for confirmation that this is the case.

Thanks for your help .

Vignesh Rajendran Praveen · ‎08-18-2013

Hi Dominic,

The basic characteristic of a SPAN destination port is that it does not transmit any traffic except the traffic required for the SPAN session. But your requirement can still be met by enabling ingress traffic forwarding.

monitor session session_number destination interface interface [encapsulation {isl | dot1q}] ingress [vlan vlan_IDs]

When ingress is enabled, the SPAN destination port accepts incoming packets, which are potentially tagged that depends on the specified encapsulation mode, and switches them normally. When you configure a SPAN destination port, you can specify whether or not the ingress feature is enabled and what VLAN to use to switch untagged ingress packets. The specification of an ingress VLAN is not required when ISL encapsulation is configured, as all ISL encapsulated packets that have VLAN tags. Although the port is STP forwarding, it does not participate in the STP, so use caution when you configure this feature lest a spanning-tree loop be introduced in the network. When both ingress and a trunk encapsulation are specified on a SPAN destination port, the port goes forwarding in all active VLANs.

***********Plz do rate this post if you found it helpful*************************

Thanks & Regards,

Vignesh R P