Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Community Member

SPAN port

Hi friends,

When I did port spanning on 6500(gig port RJ45 WAN uplink) switch CPU utilization went up to 55% and caused huge packet drops which I think unusual or is it a normal behavior?

Spanned out put (not even 1 minute) was huge even wire shark could not afford it.

Thanks

4 REPLIES

Re: SPAN port

Hi friends,

When I did port spanning on 6500(gig port RJ45 WAN uplink) switch CPU utilization went up to 55% and caused huge packet drops which I think unusual or is it a normal behavior?

Spanned out put (not even 1 minute) was huge even wire shark could not afford it.

Thanks

Hi,

The architecture of Catalyst 6000/6500 Series Switches, SPAN sessions do not affect the performance of the switch, but, if the SPAN session includes a high traffic / uplink port or an EtherChannel, it can increase the load on the processor. If it then singles out a specific VLAN, it increases the workload even more. If there is bad traffic on the link, that can further increase the workload.

Check out the below link for more information.

http://www.cisco.com/en/US/products/hw/switches/ps708/products_tech_note09186a00804916e0.shtml#span

If helpful do rate the post

Ganesh.H

Community Member

Re: SPAN port

hi,

thanks,

it might be due to bad traffic.  actually i found unknown traffic (20mb) on my wan link

to check this traffic only i enabled SPAN  and there was no logg for this .I realized it only when I saw the packet drops

I am trying to find what traffic is the origin of traffic ..

thanks

Re: SPAN port

Hi Shiju

Try to restrict the source packets as much as possible.. If you are trying to troubleshoot issues, and want to configure port mirroring for that, you can probably configure an access-list and associate it with your monitor session command, to narrow the traffic you are monitoring... if you are spanning for IPS/IDS functionality, then you might have to monitor the whole traffic...

Switch(config)# monitor session 1 filter ip access-group 100

Also try to isolate bad traffic.. you have a traffic type option on the monitor session command. you can select good on that option...

Hope this helps.. all the best

Raj

Community Member

Re: SPAN port

thanks for mail,

I was working with cisco TAC also on this case as per them i am hiitng the bug CSCsi74194 my present ios is 12.2(18)SXF6. they reccommend 12.2(18)SXF17  .

thanks

390
Views
0
Helpful
4
Replies
CreatePlease to create content