jpudasaini

I can see in my network any customer can communicate to any one on the same VLAN. Basically when ever any unknown packets ingress into the switch. Switch found no record in CAM table, so that frame flood every port of the respected VLAN, except the frame received port. Such a communication can very dangerous for the service provider and its customer. Because any one can sniff or send information to other customer in same VLAN.  Broadcast packet also flooded into the network that can bottleneck our network. The way to protect such a bottleneck of the network we can configure switch port as protected port thus no port can directly communicated in a same broadcast domain. Command: interface fa0/2 switchchport mode access switchport access vlan 30 switchport protected This way we can protect the user in same VLAN. Protected port only be configured in edge port not the trunk port or L3 connected port. Now the protected port prevent any unicast, broadcast or multicast packet e

Sometime I need to analyze network traffic from remote switch. Thus RSPAN is life saver. Go to the site and capturing the packets and analyze the packets is very time consuming. So here a small tutorial which explain how to configure packets with RSPAN. SW1(This is the remote switch, Which is the source for our packets.) sw1(config)#vlan 444 sw1(config-vlan)#remote-span sw1(config)#monitor session 1 source interface Fa1/0/1 - 16 sw1(config)#monitor session 1 destination remote vlan 444 SW2(The destination switch where you going sniff the packets send my remote switch on case sw1.) sw2(config)#vlan 444 sw2(config-vlan)#name RSPAN_VLAN sw2(config-vlan)#remote-span sw2(config)#monitor session 1 destination interface Gi0/17 sw2(config)#monitor session 1 source remote vlan 444 Now you can capture remote packets in port 17. All these tutorial tested on cisco 3750 switch.