Specifications

ManualsBrandsCisco ManualsComputer equipmentWS-X6380-NAM= - Network Analysis Module

3-5

Catalyst 6500 Series Switch and Cisco 7600 Series Router Network Analysis Module Installation and Configuration Note

78-16413-01

Chapter 3 Getting Started

Configuring Traffic Sources for Capturing NAM Traffic

This example shows how to configure a VACL on an ATM WAN interface and forward both ingress and

egress traffic to the NAM:

Cat6500# configure terminal

Enter configuration commands, one per line. End with CNTL/Z.

Cat6509(config)# access-list 100 permit ip any any

Cat6509(config)# vlan access-map wan 100

Cat6509(config-access-map)# match ip address 100

Cat6509(config-access-map)# action forward capture

Cat6509(config-access-map)# exit

Cat6509(config)# vlan filter wan interface ATM6/0/0.1

Cat6509(config)# analysis module 3 data-port 1 capture allowed-vlan 1-4094

Cat6509(config)# analysis module 3 data-port 1 capture

Cat6509(config)# exit

When monitoring only egress traffic, you can obtain the VLAN ID that is associated with the WAN

interface command as follows:

Cat6509# show cwan vlan

Hidden VLAN swidb->if_number Interface

-----------------------------------------------

1017 94 ATM6/0/0.1

After the VLAN ID is obtained, configure the NAM data port capture as follows:

Cat6509(config)#

analysis module 3 data-port 1 capture allowed-vlan 1017

For monitoring ingress traffic, you should replace VLAN 1017 in the previous capture configuration

with the VLAN ID that carries the ingress traffic. For example, this configuration allows the NAM to

monitor only ingress traffic on a WAN interface:

Cat6509(config)# analysis module 3 data-port 1 capture allowed-vlan 1

Configuring a VACL on a LAN VLAN Interface

To monitor VLAN traffic on the LAN, you can forward the traffic to the NAM by using SPAN. However,

in some rare circumstances, if the spanned traffic exceeds the NAM’s monitoring capability, you can

prefilter the LAN traffic before it is forwarded to the NAM.

This example shows how to configure a VACL for the LAN VLAN interfaces. In this example, all traffic

that is directed to the server 172.20.122.226 on VLAN 1 is captured and forwarded to the NAM that is

located in slot 3:

Cat6500# configure terminal

Enter configuration commands, one per line. End with CNTL/Z.

Cat6500(config)# access-list 100 permit ip any any

Cat6500(config)# access-list 110 permit ip any host 172.20.122.226

Cat6500(config)# vlan access-map lan 100

Cat6500(config-access-map)#

match ip address 110

Cat6500(config-access-map)# action forward capture

Cat6500(config-access-map)# exit

Cat6500(config)# vlan access-map lan 200

Cat6500(config-access-map)# match ip address 100

Cat6500(config-access-map)# action forward

Cat6500(config-access-map)# exit

Cat6500(config)# vlan filter lan vlan-list 1

Cat6500(config)# analysis module 3 data-port 1 capture allowed-vlan 1

Cat6500(config)# analysis module 3 data-port 1 capture

Cat6500(config)# exit