Thursday, March 24, 2011

SPAN & RSPAN notes

Basic SPAN Configuration Example
MDF-ROC1# configure terminal
MDF-ROC1(config)# monitor session 1 source interface fa0/12
MDF-ROC1(config)# monitor session 1 destination interface fa0/24

Complex SPAN Configuration Example
MDF-ROC3# config term
MDF-ROC3(config)# monitor session 11 source interface fa0/18 rx
MDF-ROC3(config)# monitor session 11 source interface fa0/9 tx
MDF-ROC3(config)# monitor session 11 source interface fa0/19
MDF-ROC3(config)# monitor session 11 filter vlan 1 - 3 , 229
MDF-ROC3(config)# monitor session 11 destination interface fa0/24 encapsulation replicate

RSPAN Configuration Example
IDF-SYR1# config term
IDF-SYR1(config)# vlan 199
IDF-SYR1(config-vlan)# remote span
IDF-SYR1(config-vlan)# exit
IDF-SYR1(config)# monitor session 3 source vlan 66 – 68 rx
IDF-SYR1(config)# monitor session 3 destination remote vlan 199
!Now moving to IDF-SYR2:
IDF-SYR2# config term
IDF-SYR2(config)# vlan 199
IDF-SYR2(config-vlan)# remote span
IDF-SYR2(config-vlan)# exit
IDF-SYR2(config)# monitor session 23 source vlan 9 rx
IDF-SYR2(config)# monitor session 23 source vlan 11 rx
IDF-SYR2(config)# monitor session 23 destination remote vlan 199
!Now moving to MDF-SYR9
MDF-SYR9# config term
MDF-SYR9(config)# vlan 199
MDF-SYR9(config-vlan)# remote span
MDF-SYR9(config-vlan)# exit
MDF-SYR9(config)# monitor session 63 source remote vlan 199
MDF-SYR9(config)# monitor session 63 destination interface fa0/24
MDF-SYR9(config)# end

remote span 
monitor session 1-66 source [vlan vlan-id | interface interface-id] [rx | tx | both]
monitor session 1-66 destination [remote vlan vlan-id] | interface interface-id]
monitor session 1-66 filter vlan [vlan | vlan-range]

show monitor session session-id

Wednesday, March 9, 2011

Implement Spanning Tree Protocol (STP)

Each configuration BPDU contains this information:

The unique bridge ID of the switch that the sending switch identifies as the root switch

The spanning-tree path cost to the root

The bridge ID of the sending switch

Message age

The identifier of the sending interface

Values for the hello, forward delay, and max-age protocol timers 

Each Layer 2 interface on a switch using spanning tree exists in one of these states:
Blocking—The interface does not participate in frame forwarding.
Listening—The first transitional state after the blocking state when the spanning tree decides that the interface should participate in frame forwarding.
Learning—The interface prepares to participate in frame forwarding.
Forwarding—The interface forwards frames.
Disabled—The interface is not participating in spanning tree because of a shutdown port, no link on the port, or no spanning-tree instance running on the port.
An interface moves through these states:
From initialization to blocking
From blocking to listening or to disabled
From listening to learning or to disabled
From learning to forwarding or to disabled
From forwarding to disabled  

Sunday, March 6, 2011

Reference Websites (updating)

http://www.backtrack-linux.org/
- a penetration testing distribution website