Cisco CCNA Packet Tracer Ultimate labs: Local SPAN: Answers Part 2

Packet Tracer file (PT Version 7.1): https://goo.gl/aaFD6n
Get the Packet Tracer course for only $10 by clicking here: https://goo.gl/vikgKN
Get my ICND1 and ICND2 courses for $10 here: https://goo.gl/XR1xm9 (you will get ICND2 as a free bonus when you buy the ICND1 course).

For lots more content, visit http://www.davidbombal.com – learn about GNS3, CCNA, Packet Tracer, Python, Ansible and much, much more.

Local SPAN-The SPAN feature is local when the monitored ports are all located on the same switch as the destination port. This feature is in contrast to Remote SPAN (RSPAN), which this list also defines.

Remote SPAN (RSPAN)-Some source ports are not located on the same switch as the destination port. RSPAN is an advanced feature that requires a special VLAN to carry the traffic that is monitored by SPAN between switches. RSPAN is not supported on all switches. Check the respective release notes or configuration guide to see if you can use RSPAN on the switch that you deploy.

Port-based SPAN (PSPAN)-The user specifies one or several source ports on the switch and one destination port.

VLAN-based SPAN (VSPAN)-On a particular switch, the user can choose to monitor all the ports that belong to a particular VLAN in a single command.

Local SPAN Overview
A local SPAN session is an association of source ports and source VLANs with one or more destinations. You configure a local SPAN session on a single switch. Local SPAN does not have separate source and destination sessions.

Local SPAN sessions do not copy locally sourced RSPAN VLAN traffic from source trunk ports that carry RSPAN VLANs. Local SPAN sessions do not copy locally sourced RSPAN GRE-encapsulated traffic from source ports.

Each local SPAN session can have either ports or VLANs as sources, but not both.

You can analyze network traffic passing through ports or VLANs by using SPAN or RSPAN to send a copy of the traffic to another port on the switch or on another switch that has been connected to a network analyzer or other monitoring or security device. SPAN copies (or mirrors) traffic received or sent (or both) on source ports or source VLANs to a destination port for analysis. SPAN does not affect the switching of network traffic on the source ports or VLANs. You must dedicate the destination port for SPAN use. Except for traffic that is required for the SPAN or RSPAN session, destination ports do not receive or forward traffic.

Only traffic that enters or leaves source ports or traffic that enters or leaves source VLANs can be monitored by using SPAN; traffic routed to a source VLAN cannot be monitored. For example, if incoming traffic is being monitored, traffic that gets routed from another VLAN to the source VLAN cannot be monitored; however, traffic that is received on the source VLAN and routed to another VLAN can be monitored.

You can use the SPAN or RSPAN destination port to inject traffic from a network security device. For example, if you connect a Cisco Intrusion Detection System (IDS) sensor appliance to a destination port, the IDS device can send TCP reset packets to close down the TCP session of a suspected attacker.

Local SPAN supports a SPAN session entirely within one switch; all source ports or source VLANs and destination ports are in the same switch or switch stack. Local SPAN copies traffic from one or more source ports in any VLAN or from one or more VLANs to a destination port for analysis.

subscribe
  • David Bombal

Search

Categories

Recent Posts

How this hacker Hacked NASA in 60 seconds (Real World Tutorial)
YOU have NO excuse now! (Be like Stefan!)
Linux for Hackers Tutorial (And Free Courses)
Install Kali Linux on Windows 11 for FREE
Tails Linux USB with Persistence (Be invisible online in 7 minutes)
Kali Linux USB Live Boot with Persistence (in 5 minutes)
Buffer Overflow Hacking Tutorial (Bypass Passwords)
How to Dual Boot Kali Linux and Windows (in 10 minutes)
Real World Hacking with OTW (Privacy and Cybersecurity IoT warning)
You want Privacy? Ditch Android & Apple and install GrapheneOS (in 8 minutes)
Real World Hacking Tools Tutorial (Target: Tesla)
NSA Backdoor in Windows? This and more from the guy who created Windows Task Manager!
SQL Injection Hacking Tutorial (Beginner to Advanced)
Can AI help you pass your exams? (ChatGPT and Google Bard Exam Quiz Website)
Real World Hacking Demo with OTW
2023 Path to Hacking Success: Top 3 Bug Bounty Tips
Lessons from the Real World (and how you can become an Insider as well)
The New CML (v2.6) is looking great! 😀
Fix slow WiFi ??

Fix slow WiFi ??

Real Talk. Watch and Learn.