Is there any type of configuration for a 7206 to SPAN or monitor traffic? I am running mutiple 7206 with inbound DS3 and outbound VXR (SVC/PVC)connections to other sites (i.e traffic never leaves the router). How could I implement a spanning feature to monitor the traffic on those links? My thoughts were to maybe create VLAN's for the interconnects and try to span those links, but not sure if that is even feasible. My motive behind this is for IDS implementation for monitoring internal traffic.
There is no way to span a port in a VXR. You could use PBR to redirect WAN traffic to an external router and then back to the VXR and put a switch in the middle for SPAN but that will most likely cause more trouble than it's worth. I would consider deploying a 6500 or 7600 with a flexwan module and use vacls to capture WAN interface traffic. Then use either an IDSM module or connect an external IDS to a GigE port to monitor the captured traffic.
[toc:faq]The ProblemOn traditional switches whenever we have a trunk
interface we use the VLAN tag to demultiplex the VLANs. The switch needs
to determine which MAC Address table to look in for a forwarding
decision. To do this we require the switch to do...
[toc:faq]Introduction:Netdr is a tool available on a RSP720, Sup720 or
Sup32 that allows one to capture packets on the RP or SP inband. The
netdr command can be used to capture both Tx and Rx packets in the
software switching path. This is not a substitut...
IntroductionOSPF, being a link-state protocol, allows for every router
in the network to know of every link and OSPF speaker in the entire
network. From this picture each router independently runs the Shortest
Path First (SPF) algorithm to determine the b...