Dec 2 2008 7:30AM GMT
Posted by: Yasir Irfan
Switches,
Cisco,
Switching,
Cisco IOS,
Wireshark,
Cisco 2960,
Cisco 2950,
Cisco 6500,
Cisco Tips,
Cisco 3560,
Cisco 3745,
Cisco Learning,
Cisco 3750-E,
Cisco 3560-E,
Network Troubleshooting,
Show commands,
Cisco 6500 Series Catalyst Switch,
Cisco 6503,
Cisco Catalyst 6503-E Switch,
Cisco Catalyst 6506-E Switch,
Cisco Catalyst 6509-V-E Switch,
Cisco Catalyst 6509-E Switch,
Cisco Catalyst 6513 Switch,
SPAN,
Sniifer
It’s quite important for Network Engineers and an essential network troubleshooting technique to utilize the ability of Cisco Catalyst Switches to mirror the traffic and send it to a sniffer for analysis. All Cisco Catalyst Switches support the Switched Port Analyzer (SPAN) feature. The SPAN copies traffic from the specified interface or VLANs and mirrors this traffic to a specified destination interface (SPAN interface). Then you can connect the PC with a sniffing tool (Wireshark) installed on the destination SPAN interface to capture all the mirrored traffic.Let’s see how to configure the SPAN in Cisco Catalyst Switches. 
To enable the switch SPAN mirroring feature configure the following on the catalyst switch: Configuration Example - Monitoring traffic from a specific interfaceITKEAS01#configure tITKEAS01(config) monitor session 1 source interface gigabitEthernet 0/5
ITKEAS01(config)#monitor session 1 destination interface gigabitEthernet 0/10
The above configuration will capture all traffic from interface gigabitEthernet 0/5 and send it to SPAN port interface gigabitEthernet 0/10
Configuration Example - Monitoring an entire VLAN traffic
ITKEAS01(config)#monitor session 1 source vlan 100
ITKEAS01(config) monitor session 1 destination interface gigabitEthernet 0/10 The above configuration will capture all traffic of VLAN 100 and send it to SPAN port interface gigabitEthernet 0/10
Use show monitor session 1 to verify your configuration.
Aug 5 2008 6:52AM GMT
Posted by: Yasir Irfan
Networking,
Switches,
Cisco,
Routers,
Cisco Tips,
Cisco 3560,
Show commands,
IOS commands,
Router Troubleshooting
In my previous post I tried to cover some of the show commands which are quite useful to any Network Administrator to manage the day to day activities. In this post I will try to complete the set of 10 show commands I selected.
1. Show access-list
The show access-list displays the contents of each access list. It is very helpful in troubleshooting filtering issues. But this command does not show you where each access list is applied.
2. Show ip interface
The show ip interface command displays very useful information about configuration & status of IP protocols, it services on all available interfaces. The show ip interface command also provides information about the access lists applied in all interfaces and also in which direction. This kind of information is not shown by the “show access-list” command. Even the “show run” command displays the information about access lists.
3. Show cdp neighbor detail
The show cdp neighbor detail command displays the information about all the neighboring devices connected with most valuable information like IP addresses, platform and host names. The show cdp neighbor details is very helpful to troubleshoot the connectivity issued and can also used to find out how devices are connected to each other especially when there is nor proper network layouts.
4. Show version
The show version command displays the detail information about the IOS installed, file named used for the IOS along with the version of IOS, router configuration register, model of the router , when the router was rebooted last time of course the amount of RAM and flash.
5. Show flash
The show flash command displays the contents of the flash and the size of the IOS files and the size of the flash and freely available flash. It’s useful whenever the IOS is upgraded to check the amount of free space available.
Aug 2 2008 6:43AM GMT
Posted by: Yasir Irfan
Switches,
Cisco,
Routers,
Cisco 2950,
Cisco 6500,
Cisco Tips,
Cisco 3560,
ASA/PIX,
Cisco 525,
PIX 525,
Cisco 3745,
Cisco 3750-E,
Cisco 3560-E,
Show commands,
IOS commands,
Router Troubleshooting
Some of the widely used commands in Cisco routers are just simple unavoidable, among the most commonly used commands in a Cisco Routers are “show” commands. These commands are essential to Network Administrators. Here is a list of those commands. I will try to cover this in two series. Here is the first series
1. Show running-configuration
The show running-configuration command shows the complete current running configuration in a router, firewall or a switch. Using show running-configuration command a network administrator can troubleshoot almost all issues related routing, filtering secure access, encapsulation, interface mismatch, and many more issues.
2. Show startup-configuration
The show startup-configuration command shows the configuration that is saved on the NVRAM. It is helpful in knowing the configuration that will be applied the next time the routers is reloaded. And also this command is useful in knowing the configuration that was loaded at the start-up of the router before making changes to it. 3. Show Interface
The Show interface command shows the status and statistics of the router interfaces. The show interface command is useful to troubleshoot the routing and link issues. The show interface command output includes interface status, interface IP address and subnet mask, protocol status on an interface, encapsulation type, bandwidth, utilization and much more information related to interface operation.
4. Show ip route
The show ip route command shows the routers routing table. Routing protocols used and what networks these protocols are advertised. The show ip route command is used to troubleshoot routing problems.
5. Show ip protocols
The show ip protocols displays the routing protocols used in a router and the networks to which these protocols are advertised. It also shows the sources of the routing updates received and very helpful to troubleshoot routing issues.
