manualshive.com logo in svg

Viavi 10/100 Copper nTAP, User Manual

The Viavi 10/100 Copper nTAP is an indispensable network monitoring tool. Enhance your understanding and optimize your network with the detailed insights provided in the User Manual for this product. Download your free manual from our website today and unlock the potential of your network monitoring capabilities.

Share
Download
background image

Choosing between a SPAN, Aggregator, or full-duplex TAP

10 10/100 Copper nTAP (7 Feb 2018) — Archive/Non-authoritative version

 

TAP

SPAN/mirror port

of a TAP and none of the

disadvantages of a SPAN port.

When to use a SPAN/mirror port

The advantage of using a SPAN/mirror port is its cost, as a SPAN/mirror port is

included for free with nearly every managed switch. A SPAN/mirror port is also

remotely configurable, allowing you to change which ports are mirrored from the

switch management console.
There are some limitations in using a SPAN/mirror port. Limitations of a SPAN/

mirror port stem from the aggregation necessary to merge full-duplex network

traffic into a single receive channel. For examples, when traffic levels on the

network exceed the output capability of the SPAN/mirror port, the switch is

forced to drop packets. Another reason that a SPAN/mirror port may not be the

right choice is because Layer 1 and 2 errors are not mirrored and therefore never

reach the analyzer. When performing network troubleshooting, seeing these

errors can be important.
When monitoring with a SPAN/mirror port on a switch, the switch does three

things:

Copies both the send and receive data channels

Reconstructs an integrated data stream from the two channels

Routes the integrated signal to the send channel of the SPAN/mirror port

Each of these activities burdens the switch’s internal processor. These demands

on the switch’s CPU have implications for both your monitoring equipment and

general network performance. Using a SPAN/mirror port to capture network

traffic for analysis presents the following risks:

As total bandwidth usage for both channels exceeds the capacity of the

outbound link to the analyzer, the excess traffic is dropped from the

analyzer stream. There simply is not enough bandwidth to transmit both

sides of the full-duplex traffic across a single standard interface.

The switch’s CPU must act as both a network switch and a packet-copier.

The switch’s CPU must also integrate the two data streams (send and

receive) together correctly. Both packet copy/re-direction and channel

integration is affected by switch load. This means the SPAN/mirror port

may not deliver accurate captures when the switch is under heavy load.

Monitoring a 10/100 network through a Gigabit SPAN/mirror port and

analyzer does not alleviate these concerns. Also, there is no notification

when the SPAN/mirror port is dropping packets or delivering inaccurate

time stamps.

A SPAN/mirror port can deliver satisfactory results when used to monitor lightly

used, non-critical networks. If network utilization exceeds the capacity of the

outbound (analyzer) link, packet loss results—which invalidates many types of

analysis, and makes monitoring for certain kinds of network activity impractical.

For example, you might miss a virus signature because packets are being

dropped. When analyzing a transaction or connection problem, the analyzer may

detect problems where none exist because expected packets are being dropped

by the SPAN/mirror port. Hardware and media errors will also be impossible to

troubleshoot through a SPAN/mirror port, as these errors are not mirrored to the

analyzer.

Summary of Contents for 10/100 Copper nTAP

Page 1: ...10 100 Copper TAP User Guide 7 Feb 2018 ...

Page 2: ...he authority to operate this product is conditioned by the requirements that no modifications be made to the equipment unless the changes or modifications are expressly approved by VIAVI Laser compliance This device is a class 1 laser product Industry Canada Requirements This Class A digital apparatus complies with Canadian ICES 003 Cet appareil numérique de la classe A est conforme à la norme NMB...

Page 3: ...14 Features 14 Chapter 4 Standard and Optional Parts 15 Parts 15 Chapter 5 10 100 Copper nTAP Installation 16 Installing 16 Chapter 6 LEDs and connection sequence 18 Chapter 7 Technical Specifications 20 Technical specifications 20 Chapter 8 Troubleshooting 22 What happens if my TAP loses power 22 What latency does a TAP create 22 Are the analyzer ports send only 22 Not seeing traffic at the analy...

Page 4: ...Feb 2018 Archive Non authoritative version VLAN tags not visible at the analyzer 26 Memory 26 Maximum frame size 26 Understanding why Link B is active when Link A is offline 26 Chapter 9 FCC compliance statement 28 Index 29 ...

Page 5: ...ptical links Security convenience and dependability The security and convenience of a TAP makes it preferable to inline connections for network analysis and intrusion detection and prevention IDS IPS applications Because a TAP has no address on the network the TAP and the analyzer connected to it cannot be the target of a hack or virus attack TAPs are economical to install allowing you to leave th...

Page 6: ...ator TAPs are designed to work with a standard and usually less expensive network card on the analysis device but their limitations make them less than ideal for situations where it is necessary to guarantee the visibility of every packet on the wire A full duplex TAP is the ideal solution for monitoring full duplex networks utilized at more than 50 percent 100 when both sides are combined but its...

Page 7: ...ire power but the Copper TAP does 2 Better protection against dropping packets than SPAN mirror 3 Although the Aggregator TAP has an internal buffer that mitigates spikes in traffic when the buffer itself is full the new packets are dropped until the output of the buffer can catch up Whether you are monitoring a network for security threats or capturing and decoding packets while troubleshooting y...

Page 8: ... analyzer By its very nature it is half duplex which means that it cannot send all of the send and receive traffic it sees if traffic exceeds 50 of the bandwidth Moreover switch manufacturers design their products so that the SPAN mirror port has a lower priority in the switch operating system Therefore one of the first things to stop working when the switch gets busy is the SPAN mirror port traff...

Page 9: ...he Aggregator TAP family Cannot handle heavily utilized full duplex links without dropping packets Additional cost with purchase of TAP hardware Filters out physical layer errors hampering some types of analysis Cannot monitor intra switch traffic Burden placed on a switch s CPU to copy all data passing through ports Switch puts lower priority on SPAN port data than regular port to port data Can c...

Page 10: ...eneral network performance Using a SPAN mirror port to capture network traffic for analysis presents the following risks As total bandwidth usage for both channels exceeds the capacity of the outbound link to the analyzer the excess traffic is dropped from the analyzer stream There simply is not enough bandwidth to transmit both sides of the full duplex traffic across a single standard interface T...

Page 11: ...c and no security risk Figure 2 Cloning your SPAN mirror port Joining SPAN mirror ports If you have a primary switch and a failover switch you can connect both of them to the Aggregator TAP Connect one of them to Link A and the other to Link B It does not matter whether the primary switch is connected to Link A or Link B and you do not need to know which one is live The Aggregator TAP joins the ac...

Page 12: ...evice with a standard single receive capture interface or NIC This means that a laptop or a standard system can be deployed as an analyzer rather than the more expensive specialized analyzers or appliances that are designed to accept full duplex traffic through a dual receive capture interface Just like a SPAN mirror port the Aggregator TAP is ideal for a lightly used network that occasionally has...

Page 13: ...e to guarantee the capture of everything on the wire along with errors from all network layers a full duplex TAP is the only choice If the analysis requires a high level of data stream fidelity for instance looking for jitter in video or VoIP only a full duplex TAP forwards the original data timing to the analyzer Note A full duplex TAP must be coupled with a probe or monitoring device capable of ...

Page 14: ...uire or use an IP address making it undetectable compared to a SPAN Allows you to connect and disconnect the analysis device as needed without taking the network down Fully IEEE 802 3 compliant Fully RoHS compliant Automatic link failover for devices that have an alternate path Optional redundant power ensures maximum monitoring uptime LEDs show power and link status Front mounted connectors make ...

Page 15: ...everal parts If any part is missing or damaged contact VIAVI immediately The 10 100 Copper nTAP ships with the following items 10 100 Copper nTAP Quick Reference Card A C power cord Voltage auto sensing universal power supply Your kit may also contain optionally available parts for instance patch cables ...

Page 16: ...sover cables The Copper TAP transmits the analyzer signals through a pair of 10 100 1000 BaseT RJ 45 ports or 10 100 BaseT if a 10 100 Copper TAP model When traffic comes in to Link A two copies are made in the TAP One copy is sent out Link B to the switch and the other copy is sent out Analyzer A to the analysis device A similar thing happens with traffic that comes in Link B Two copies are made ...

Page 17: ...u do lose power you will temporarily lose connectivity while the devices renegotiate their connection The analyzer side will be down until power is reestablished and during this time some packets may be dropped 2 Disconnect the cable from your device typically a switch and connect it to Link B You want to connect Link B first because it negotiates its network speed first and Link A then must use t...

Page 18: ...s sense the TAP is passive The network devices connected to the TAP on the Link ports must renegotiate a connection with each other because the TAP has dropped out This may take a few seconds When turned on the TAP performs a sequence of steps to determine whether its link ports are connected to any devices and what speeds and other capabilities those devices have The blinking pattern of the LEDs ...

Page 19: ...e Link LEDs continue to flicker 3 Connected Both link ports connections are connected to the link partners at a common speed The Speed LED shows connection speed The Link LEDs light steadily idle or flicker depending on whether there is any traffic present If a Link LED is unlit there is no functioning device connected to that port See How do I connect my failover devices for details about what ha...

Page 20: ...tos of the appliance Technical specifications This section lists the dimensions power requirements supported media and environmental requirements Both power connectors are located on the back panel along with the model information and serial number Power requirements AC Input 100 240V 50 60Hz 0 5A Operational Voltage 5V 10 5 100 mV ripple ...

Page 21: ... design relies on conduction and convection from the nTAP casing Your installation environment must provide enough cool airflow for the nTAP casing to maintain an operating temperature less than 113 F 45 C 52 to 185 F 47 to 85 C storage Humidity 35 85 non condensing Supported media Link ports Straight through RJ 45 cable Copper Analyzer ports Straight through RJ 45 cable Dimensions Width 5 62 in 1...

Page 22: ...rding the copy Are the analyzer ports send only Yes the analyzer ports are send only The TAP is incapable of sending data from the Analyzer side of the TAP to the Link or network side of the TAP The A B or AB ports on the Analyzer side of the TAP must be capable of both transmitting and receiving data to negotiate a connection with the analyzer and they do this through the physical interface The p...

Page 23: ...capture cards to capture full duplex TAP output for analysis Because a standard capture card port has only one receive channel you must aggregate the receive channels from two ports to see both sides of the two way connection being monitored Intel s Advanced Network Services allows you to team multiple connections at the driver level presenting your analyzer with an aggregated view of send and rec...

Page 24: ... the Windows Start menu and choosing Properties 4 Right click a Monitor Port from an IntelPro 1000 card which one does not matter and choose Properties Click the Teaming tab 5 Choose the Team with other adapters option and then click New Team to start the New Team Wizard The first dialog lets you name the Team you may want to call it something like Virtual Dual receive 6 Click Next and add another...

Page 25: ...e to another is used as half of the link That is the existing cable connects one device to the TAP and a new cable connects the TAP to the second device The new second cable is generally a crossover cable If the new cable is not a crossover cable then your endpoint devices may not be able to re establish a connection if the TAP loses power Symptom The TAP and endpoint devices work fine while the T...

Page 26: ... capture card has been enabled to receive or pass VLAN tags Memory Fully optical TAPs do not have internal memory or any electronic components and are strictly a pass through wherein a copy of the data is made TAPs with any copper connections have two distinct and separate memory stores The two memory stores are non volatile memory and volatile memory They are not connected in any way and no data ...

Page 27: ...can be established One of the great advantages to having this capability is to use the nTAP to replicate traffic to multiple devices and not use it strictly for pass through For example when you use an aggregation nTAP and if you connect Link B to a SPAN you can then pass the SPAN traffic out the two analyzer ports and have two copies of the SPAN traffic going to two different devices You can have...

Page 28: ...sed in accordance with the instructions may cause harmful interference to radio communications However there is no guarantee that interference will not occur in a particular installation If this equipment does cause harmful interference to radio or television reception which can be determined by turning the equipment off and on the user is encouraged to try to correct the interference by one or mo...

Page 29: ...e card 6 F failover 24 failover SPAN 11 FCC Compliance Statement 28 full duplex NIC 23 full duplex TAP 6 13 G GigaStor 23 26 H half duplex 5 half duplex SPAN 5 I IntelPro 23 J joining 11 joining SPAN 11 jumbo frame 26 L latency 22 light meter 23 Link A 26 Link B 26 link negotiation 26 Linux 23 23 M maximum frame size 26 Maximum Transmission Unit 23 mirror port see SPAN 10 MTU 23 N NIC teaming 23 N...

Page 30: ...ngle receive capture card 6 analyzer 6 SPAN 12 SPAN 6 26 advantages 6 as bottleneck 6 choosing NIC 23 cloning 11 failover 11 half duplex 5 joining 11 pros and cons 8 risks 10 single receive capture card 12 VLAN tags 26 SPANOSI Layer 1 2 errors OSI Layer 1 2 errors 10 straight through cables 25 SYN ACK 23 T TAP 26 TCP stack 23 U UNIX 23 V VLAN tags 26 W when to use SPAN 8 ...

Reviews:

No comments

Related manuals for 10/100 Copper nTAP

Omnia 11 Installation And Operation Manual preview
11
Brand: Omnia Pages: 102
Paradyne 3163 Quick Reference preview
3163
Brand: Paradyne Pages: 16
EAW MX8600 Jumpstart Manual preview
MX8600
Brand: EAW Pages: 6
EAW UX8800 Technical Note preview
UX8800
Brand: EAW Pages: 6
F5 WANJet 500 Quick Start Card preview
WANJet 500
Brand: F5 Pages: 2
F5 ARX-500 Hardware Reference Manual preview
ARX-500
Brand: F5 Pages: 90
F5 ARX-4000 Parts Replacement Manual preview
ARX-4000
Brand: F5 Pages: 47
Patton electronics SMARTNODE 4900 Getting Started Manual preview
SMARTNODE 4900
Brand: Patton electronics Pages: 75
Patton electronics RocketLink-G 3088/I Getting Started Manual preview
RocketLink-G 3088/I
Brand: Patton electronics Pages: 61
Patton SmartNode 5200 Quick Start Manual preview
SmartNode 5200
Brand: Patton Pages: 12
Patton SL4020 Getting Started Manual preview
SL4020
Brand: Patton Pages: 84
Patton OnSite 3210 Series User Manual preview
OnSite 3210 Series
Brand: Patton Pages: 110
Patton electronics 4900 Series Specification Sheet preview
4900 Series
Brand: Patton electronics Pages: 2
Patton electronics SMARTNODE 4110 Series User Manual preview
SMARTNODE 4110 Series
Brand: Patton electronics Pages: 78
Patton electronics SMARTNODE 4552 Quick Start Manual preview
SMARTNODE 4552
Brand: Patton electronics Pages: 8
Juniper TX MATRIX PLUS Hardware Manual preview
TX MATRIX PLUS
Brand: Juniper Pages: 502
Phytec L-843e.A1 Hardware Manual preview
L-843e.A1
Brand: Phytec Pages: 53
ZyXEL Communications EOC350 Series Quick Start Manual preview
EOC350 Series
Brand: ZyXEL Communications Pages: 2

Brands by name

Popular brands

Load more brands