English

Fahimtar SPAN, RSPAN da ERSPAN: Dabaru don Sa ido kan Traffic Network

SPAN, RSPAN, da ERSPANdabaru ne da ake amfani da su a hanyar sadarwar don kamawa da saka idanu kan zirga-zirga don bincike. Ga taƙaitaccen bayanin kowanne:

SPAN (Switched Port Analyzer)

Manufa: Ana amfani da shi don madubi zirga-zirga daga takamaiman tashar jiragen ruwa ko VLAN akan sauyawa zuwa wata tashar jiragen ruwa don saka idanu.

Yi amfani da Harka: Mafi dacewa don nazarin zirga-zirgar gida a kan sauyawa guda ɗaya. Ana kwatanta zirga-zirga zuwa tashar da aka keɓe inda mai nazarin hanyar sadarwa zai iya kama shi.

RSPAN ( SPAN mai nisa )

Manufa: Ƙarfafa iyawar SPAN a kan maɓalli da yawa a cikin hanyar sadarwa.

Amfani Case: Yana ba da damar sa ido kan zirga-zirga daga wannan canji zuwa wani akan hanyar haɗin mota. Yana da amfani ga al'amuran inda na'urar sa ido take a kan wani canji daban.

ERSPAN ( SPAN mai nisa da aka lullube )

Manufa: Haɗa RSPAN tare da GRE (Generic Routing Encapsulation) don ƙaddamar da zirga-zirgar ababen hawa.

Amfani Case: Yana ba da damar sa ido kan zirga-zirgar ababen hawa a cikin hanyoyin sadarwar da aka lalata. Wannan yana da amfani a cikin hadaddun gine-ginen cibiyar sadarwa inda ake buƙatar kama zirga-zirga akan sassa daban-daban.

Canja tashar jiragen ruwa Analyzer (SPAN)ingantaccen tsarin kula da zirga-zirga ne mai inganci. Yana jagorantar ko madubi zirga-zirga daga tashar tashar ruwa ko VLAN zuwa tashar jiragen ruwa. Wani lokaci ana kiran wannan azaman sa ido na zaman. Ana amfani da SPAN don magance matsalolin haɗin kai da ƙididdige amfani da hanyar sadarwa da aiki, da sauransu da yawa. Akwai nau'ikan SPAN guda uku da ke tallafawa akan samfuran Cisco…

a. SPAN ko SPAN na gida.

b. SPAN mai nisa (RSPAN).

c. Rubuce-rubucen nesa SPAN (ERSPAN).

Don sani:"Mylinking™ Network Packet Dillalan da SPAN, RSPAN da ERSPAN fasali"

SPAN, RSPAN, ERSPAN

Ana amfani da SPAN / madubin zirga-zirga / madubi tashar jiragen ruwa don dalilai da yawa, a ƙasa ya haɗa da wasu.

- Aiwatar da IDS/IPS cikin yanayin lalata.

- VOIP kiran rikodi mafita.

- Dalilan yarda da tsaro don saka idanu da nazarin zirga-zirga.

- Matsalar haɗin kai, sa ido kan zirga-zirga.

Ba tare da la'akari da nau'in SPAN da ke gudana ba, tushen SPAN na iya zama kowane nau'in tashar jiragen ruwa watau tashar jiragen ruwa da aka ruguje, tashar jiragen ruwa ta jiki, tashar shiga, akwati, VLAN (duk tashoshin jiragen ruwa masu aiki ana lura da su), EtherChannel (ko dai tashar jiragen ruwa ko tashar jiragen ruwa gaba ɗaya). -channel interfaces) da sauransu. Lura cewa tashar jiragen ruwa da aka saita don wurin SPAN BA ZAI iya zama wani ɓangare na tushen SPAN VLAN ba.

Zaman SPAN yana goyan bayan sa ido kan zirga-zirgar ababen hawa (ingress SPAN), zirga-zirgar zirga-zirgar ababen hawa (egress SPAN), ko zirga-zirgar da ke gudana a bangarorin biyu.

- Ingress SPAN (RX) kwafin zirga-zirgar ababen hawa da aka samu ta hanyar tashar jiragen ruwa da VLAN zuwa tashar jiragen ruwa. SPAN tana kwafin zirga-zirga kafin kowane gyare-gyare (misali kafin kowane tacewa na VACL ko ACL, QoS ko shiga ko aikin yan sanda).

- Egress SPAN (TX) yana kwafin zirga-zirgar zirga-zirgar da aka watsa daga tashar tashar ruwa da VLAN zuwa tashar jiragen ruwa. Duk tacewa ko gyara da suka dace ta VACL ko ACL tace, QoS ko shiga ko aiwatar da ayyukan ƴan sanda ana ɗaukar su kafin a tura zirga-zirga zuwa tashar jiragen ruwa na SPAN.

- Lokacin da aka yi amfani da kalmar nan biyu, SPAN tana kwafin zirga-zirgar hanyar sadarwa da aka karɓa kuma aka watsa ta tashar tashar ruwa da VLAN zuwa tashar jiragen ruwa.

- SPAN/RSPAN yawanci suna watsi da CDP, STP BPDU, VTP, DTP da firam ɗin PAgP. Duk da haka ana iya tura waɗannan nau'ikan zirga-zirga idan an saita kwafin kwafi na encapsulation.

SPAN ko Local SPAN

SPAN madubi zirga-zirga daga daya ko fiye dubawa a kan sauyawa zuwa daya ko fiye musaya a kan wannan canji; don haka SPAN galibi ana kiranta da LOCAL SPAN.

Sharuɗɗa ko ƙuntatawa ga SPAN na gida:

- Dukansu tashoshin jiragen ruwa na Layer 2 da aka canza da tashar jiragen ruwa Layer 3 ana iya daidaita su azaman tushen ko tashar jiragen ruwa.

- Tushen na iya zama ko dai ɗaya ko fiye da tashar jiragen ruwa ko VLAN, amma ba cakuda waɗannan ba.

- Tashar jiragen ruwa na gangar jikin ingantattun tashoshin jiragen ruwa ne gauraye da tashoshin jiragen ruwa marasa tushe.

- Har zuwa 64 SPAN tashar tashar jiragen ruwa za a iya saita su akan maɓalli.

- Lokacin da muka saita tashar tashar jirgin ruwa, an sake rubuta ainihin tsarin sa. Idan an cire saitin SPAN, ana dawo da ainihin daidaitaccen tashar jiragen ruwa.

- Lokacin da aka saita tashar tashar jiragen ruwa, ana cire tashar daga kowane nau'in EtherChannel idan ɓangaren ɗaya ne. Idan tashar tashar jiragen ruwa ce da aka kore ta, saitin wurin zuwa SPAN yana ƙetare daidaitawar tashar tashar jiragen ruwa.

- Mashigai mashigai basa goyan bayan tsaron tashar jiragen ruwa, ingantaccen 802.1x, ko VLANs masu zaman kansu.

- Tashar jiragen ruwa na iya aiki azaman tashar jiragen ruwa don zaman SPAN guda ɗaya kawai.

- Ba za a iya saita tashar jiragen ruwa a matsayin tashar jiragen ruwa ba idan tashar tashar tashar jiragen ruwa ce ta zaman lokaci ko wani ɓangare na tushen VLAN.

- Za a iya daidaita hanyoyin musaya na tashar tashar jiragen ruwa (EtherChannel) azaman tashar jiragen ruwa na tushen amma ba tashar tashar jiragen ruwa don SPAN ba.

- Hanyar zirga-zirga shine "duka" ta tsohuwa don tushen SPAN.

- Tashoshin tashar jiragen ruwa ba su taɓa shiga cikin misalan bishiyar ba. Ba za a iya goyan bayan DTP, CDP da sauransu. Local SPAN sun haɗa da BPDUs a cikin zirga-zirgar da aka sa ido ba, don haka duk BPDUs da aka gani akan tashar tashar jiragen ruwa ana kwafi daga tashar tashar. Don haka kar a taɓa haɗa maɓalli zuwa irin wannan nau'in SPAN saboda yana iya haifar da madauki na hanyar sadarwa.

- Lokacin da aka saita VLAN azaman tushen SPAN (mafi yawa ana kiransa VSPAN) tare da daidaita zaɓuɓɓukan ingress da egress, tura fakitin kwafi daga tashar tashar kawai idan fakitin sun canza a cikin VLAN iri ɗaya. Ɗayan kwafin fakitin ya fito ne daga zirga-zirgar zirga-zirgar ababen hawa a kan tashar shiga, ɗayan kwafin fakitin yana daga zirga-zirgar zirga-zirgar kan tashar egress.

- VSPAN yana sa ido kan zirga-zirgar zirga-zirgar da ke fita ko shigar da tashar jiragen ruwa Layer 2 a cikin VLAN.

SPAN, RSPAN, ERSPAN 1

SPAN, RSPAN, da ERSPAN dabaru ne da ake amfani da su a cikin hanyar sadarwa don kamawa da saka idanu kan zirga-zirga don bincike. Ga taƙaitaccen bayanin kowanne:

SPAN (Switched Port Analyzer)

  • Manufar: Ana amfani da shi don madubi zirga-zirga daga takamaiman tashar jiragen ruwa ko VLAN akan sauyawa zuwa wata tashar jiragen ruwa don saka idanu.
  • Amfani Case: Mafi dacewa don nazarin zirga-zirgar gida a kan sauyawa guda ɗaya. Ana kwatanta zirga-zirga zuwa tashar da aka keɓe inda mai nazarin hanyar sadarwa zai iya kama shi.

RSPAN ( SPAN mai nisa )

  • Manufar: Yana haɓaka iyawar SPAN a kan maɓalli da yawa a cikin hanyar sadarwa.
  • Amfani Case: Yana ba da damar sa ido kan zirga-zirga daga wannan canji zuwa wani kan hanyar haɗin mota. Yana da amfani ga al'amuran inda na'urar sa ido take a kan wani canji daban.

ERSPAN ( SPAN mai nisa da aka lullube )

  • Manufar: Haɗa RSPAN tare da GRE (Generic Routing Encapsulation) don ƙaddamar da zirga-zirgar ababen hawa.
  • Amfani Case: Yana ba da damar sa ido kan zirga-zirgar ababen hawa a cikin hanyoyin sadarwar da aka lalata. Wannan yana da amfani a cikin hadaddun gine-ginen cibiyar sadarwa inda ake buƙatar kama zirga-zirga akan sassa daban-daban.

SPAN mai nisa (RSPAN)

SPAN mai nisa (RSPAN) yayi kama da SPAN, amma yana goyan bayan tashar jiragen ruwa na tushen, tushen VLANs, da tashar jiragen ruwa masu zuwa akan maɓallai daban-daban, waɗanda ke ba da zirga-zirgar sa ido na nesa daga tashar jiragen ruwa da aka rarraba akan maɓallai da yawa kuma suna ba da damar daidaita na'urorin kama hanyar sadarwa. Kowane zaman RSPAN yana ɗaukar zirga-zirgar SPAN akan ƙayyadaddun takamaiman mai amfani RSPAN VLAN a cikin duk maɓallai masu shiga. Ana toshe wannan VLAN zuwa wasu maɓallai, yana ba da damar zirga-zirgar zirga-zirgar taron RSPAN a kan maɓalli da yawa kuma a kai shi zuwa tashar ɗaukar hoto. RSPAN ya ƙunshi zaman tushen RSPAN, RSPAN VLAN, da kuma zaman wurin RSPAN.

Jagorori ko ƙuntatawa ga RSPAN:

- Dole ne a saita takamaiman VLAN don wurin SPAN wanda zai ratsa tsaka-tsakin tsaka-tsakin ta hanyoyin haɗin gangar jikin zuwa tashar jiragen ruwa.

- Zai iya ƙirƙirar nau'in tushe iri ɗaya - aƙalla tashar jiragen ruwa ɗaya ko aƙalla VLAN ɗaya amma ba zai iya zama haɗuwa ba.

- Makasudin zaman shine RSPAN VLAN maimakon tashar jiragen ruwa guda ɗaya da ke canzawa, don haka duk tashar jiragen ruwa a cikin RSPAN VLAN za su karɓi zirga-zirgar madubi.

- Sanya kowane VLAN a matsayin RSPAN VLAN muddin duk na'urorin sadarwar da ke shiga suna goyan bayan daidaitawar RSPAN VLANs, kuma amfani da RSPAN VLAN iri ɗaya don kowane zaman RSPAN.

- VTP na iya yada daidaitawar VLANs masu lamba 1 zuwa 1024 a matsayin RSPAN VLANs, dole ne su saita VLANs masu ƙima sama da 1024 da hannu azaman RSPAN VLANs akan duk tushen, matsakaici, da na'urorin hanyar sadarwa.

- An kashe koyan adireshin MAC a cikin RSPAN VLAN.

SPAN, RSPAN, ERSPAN 2

SPAN (ERSPAN) mai nisa

SPAN mai nisa (ERSPAN) mai nisa yana kawo encapsulation gama gari (GRE) don duk zirga-zirgar da aka kama kuma yana ba da damar fadada shi a cikin yanki na Layer 3.

ERSPAN aCisco mallakinfasali kuma yana samuwa ga Catalyst 6500, 7600, Nexus, da ASR 1000 dandamali har zuwa yau. ASR 1000 yana goyan bayan tushen ERSPAN (sa idanu) akan Fast Ethernet, Gigabit Ethernet, da musaya na tashar tashar jiragen ruwa.

Jagorori ko ƙuntatawa ga ERSPAN:

- Zaman tushen ERSPAN ba sa kwafin zirga-zirgar ababen hawa na ERSPAN GRE daga tashar jiragen ruwa. Kowane zaman tushen ERSPAN yana iya samun ko dai tashar jiragen ruwa ko VLAN a matsayin tushe, amma ba duka ba.

- Ba tare da la'akari da girman girman MTU da aka tsara ba, ERSPAN yana ƙirƙirar fakitin Layer 3 waɗanda zasu iya zama tsayin 9,202 bytes. Ana iya watsar da zirga-zirgar ERSPAN ta kowace hanyar sadarwa a cikin hanyar sadarwar da ke aiwatar da girman MTU ƙasa da 9,202 bytes.

- ERSPAN baya goyan bayan wargajewar fakiti. An saita bit ɗin "kada ku raba" a cikin taken IP na fakitin ERSPAN. Matsakaicin makoman ERSPAN ba zai iya sake haɗa fakitin ERSPAN guguwa ba.

- ID ɗin ERSPAN yana bambanta zirga-zirgar ERSPAN da ke zuwa a adireshin IP guda ɗaya daga wurare daban-daban na ERSPAN; ID na ERSPAN da aka saita dole ne ya dace akan tushen da na'urorin da za'a nufa.

- Don tashar tashar ruwa ko tushen VLAN, ERSPAN na iya sa ido kan abubuwan da ke shigowa, ko fita, ko duka zirga-zirgar zirga-zirgar shiga da fitarwa. Ta hanyar tsohuwa, ERSPAN tana sa ido kan duk zirga-zirgar ababen hawa, gami da firam ɗin multicast da Bridge Protocol Data Unit (BPDU).

- Tunnel interface da aka goyan baya azaman tashar jiragen ruwa na tushen tushen zaman tushen ERSPAN sune GRE, IPinIP, SVTI, IPv6, IPV6 akan rami na IP, Multipoint GRE (mGRE) da Amintaccen Ramin Ramin Ramin Ramin (SVTI).

- Zaɓin VLAN mai tacewa baya aiki a cikin zaman sa ido na ERSPAN akan mu'amalar WAN.

- ERSPAN akan Cisco ASR 1000 Series Routers yana goyan bayan musaya na Layer 3 kawai. Ba a tallafawa hanyoyin haɗin Ethernet akan ERSPAN lokacin da aka saita su azaman musaya na Layer 2.

- Lokacin da aka saita zaman ta hanyar daidaitawar ERSPAN CLI, ba za a iya canza ID na zaman da nau'in zaman ba. Don canza su, dole ne ka fara amfani da babu nau'i na umarnin daidaitawa don cire zaman sannan a sake saita zaman.

- Sakin Cisco IOS XE 3.4S: - Kula da fakitin ramin da ba IPsec ba yana da tallafi akan IPV6 da IPV6 akan musaya na ramin IP kawai zuwa zaman tushen ERSPAN, ba zuwa zaman makoma na ERSPAN ba.

- Sakin Cisco IOS XE 3.5S, an ƙara goyan baya don nau'ikan musaya na WAN masu zuwa azaman tashar tashar ruwa don zaman tushen: Serial (T1/E1, T3/E3, DS0) , Fakiti akan SONET (POS) (OC3, OC12) da Multilink PPP (multilink, pos, da serial keywords an ƙara su zuwa umarnin dubawa na tushen).

SPAN, RSPAN, ERSPAN 3

Amfani da ERSPAN azaman SPAN na gida:

Don amfani da ERSPAN don saka idanu akan zirga-zirga ta tashar jiragen ruwa ɗaya ko fiye ko VLAN a cikin na'ura ɗaya, dole ne mu ƙirƙiri tushen ERSPAN da zaman maƙasudin ERSPAN a cikin na'ura ɗaya, kwararar bayanai yana faruwa a cikin na'ura mai ba da hanya tsakanin hanyoyin sadarwa, wanda yayi kama da na SPAN na gida.

Abubuwan da ke biyowa suna aiki yayin amfani da ERSPAN azaman SPAN na gida:

- Duk zaman biyu suna da ID na ERSPAN iri ɗaya.

- Dukan zaman suna da adireshin IP iri ɗaya. Wannan adireshin IP shine adireshin IP na masu amfani da hanyar sadarwa; wato adireshin IP na loopback ko adireshin IP da aka saita akan kowace tashar jiragen ruwa.

(config)# duba zaman 10 nau'in erspan-source
(config-mon-erspan-src)# tushen dubawa Gig0/0/0
(config-mon-erspan-src)# manufa
(config-mon-erspan-src-dst)# IP address 10.10.10.1
(config-mon-erspan-src-dst)# asalin adireshin IP 10.10.10.1
(config-mon-erspan-src-dst)# erspan-id 100

SPAN, RSPAN, ERSPAN 4

Lokacin aikawa: Agusta-28-2024
Danna shiga don bincika ko ESC don rufewa