PrepAway - Latest Free Exam Questions & Answers

What would you use in order to accomplish this?

You are responsible for network monitoring and need to monitor traffic over a routed network from
a remote source to an IDS or IPS located in the headquarters site. What would you use in order to
accomplish this?

PrepAway - Latest Free Exam Questions & Answers

A.
VACLs and VSPAN

B.
RSPAN

C.
ERSPAN

D.
NetFlow

Explanation:

ERSPAN Overview
ERSPAN supports source ports, source VLANs, and destinations on different switches, which
provides remote monitoring of multiple switches across your network (see Figure 68-3). ERSPAN
uses a GRE tunnel to carry traffic between switches.
ERSPAN consists of an ERSPAN source session, routable ERSPAN GRE-encapsulated traffic,
and an ERSPAN destination session. You separately configure ERSPAN source sessions and
destination sessions on different switches.
To configure an ERSPAN source session on one switch, you associate a set of source ports or
VLANs with a destination IP address, ERSPAN ID number, and optionally with a VRF name. To
configure an ERSPAN destination session on another switch, you associate the destinations with
the source IP address, ERSPAN ID number, and optionally with a VRF name.
ERSPAN source sessions do not copy locally sourced RSPAN VLAN traffic from source trunk
ports that carry RSPAN VLANs. ERSPAN source sessions do not copy locally sourced ERSPAN
GRE-encapsulated traffic from source ports.
Each ERSPAN source session can have either ports or VLANs as sources, but not both.
The ERSPAN source session copies traffic from the source ports or source VLANs and forwards
the traffic using routable GRE-encapsulated packets to the ERSPAN destination session. The
ERSPAN destination session switches the traffic to the destinations. supports source ports, source
VLANs, and destinations on different switches, which provides remote monitoring of multiple
switches across your network. ERSPAN uses a GRE tunnel to carry traffic between switches.
ERSPAN consists of an ERSPAN source session, routable ERSPAN GRE-encapsulated traffic,
and an ERSPAN destination session. You separately configure ERSPAN source sessions and
destination sessions on different switches. To configure an ERSPAN source session on one
switch, you associate a set of source ports or VLANs with a destination IP address, ERSPAN ID
number, and optionally with a VRF name. To configure an ERSPAN destination session on
another switch, you associate the destinations with the source IP address, ERSPAN ID number,
and optionally with a VRF name. ERSPAN source sessions do not copy locally sourced RSPAN
VLAN traffic from source trunk ports that carry RSPAN VLANs. ERSPAN source sessions do not
copy locally sourced ERSPAN GRE-encapsulated traffic from source ports.
Each ERSPAN source session can have either ports or VLANs as sources, but not both. The
ERSPAN source session copies traffic from the source ports or source VLANs and forwards the
traffic using routable GREencapsulated packets to the ERSPAN destination session. The
ERSPAN destination session switches the traffic to the destinations.

http://www.cisco.com/en/US/docs/switches/lan/catalyst6500/ios/12.2SX/configuration/guide/span.p
df


Leave a Reply