Table of Contents
Advertisement
Configuring SPAN and RSPAN
Information About SPAN and RSPAN
When you configure a switch port as a SPAN destination port, it is no longer a normal switch port; only monitored
traffic passes through the SPAN destination port.
Entering SPAN configuration commands does not remove previously configured SPAN parameters. You must enter
the no monitor session {session_number | all | local | remote} global configuration command to delete configured
SPAN parameters.
For local SPAN, outgoing packets through the SPAN destination port carry the original encapsulation
headers—untagged or IEEE 802.1Q—if the encapsulation replicate keywords are specified. If the keywords are not
specified, the packets are sent in native form. For RSPAN destination ports, outgoing packets are not tagged.
You can configure a disabled port to be a source or destination port, but the SPAN function does not start until the
destination port and at least one source port or source VLAN are enabled.
You can limit SPAN traffic to specific VLANs by using the filter vlan keyword. If a trunk port is being monitored, only
traffic on the VLANs specified with this keyword is monitored. By default, all VLANs are monitored on a trunk port.
You cannot mix source VLANs and filter VLANs within a single SPAN session.
RSPAN Configuration Guidelines
All the items in the
Because RSPAN VLANs have special properties, you should reserve a few VLANs across your network for use as
RSPAN VLANs; do not assign access ports to these VLANs.
You can apply an output ACL to RSPAN traffic to selectively filter or monitor specific packets. Specify these ACLs on
the RSPAN VLAN in the RSPAN source switches.
For RSPAN configuration, you can distribute the source ports and the destination ports across multiple switches in
your network.
RSPAN does not support BPDU packet monitoring or other Layer 2 switch protocols.
The RSPAN VLAN is configured only on trunk ports and not on access ports. To avoid unwanted traffic in RSPAN
VLANs, make sure that the VLAN remote-span feature is supported in all the participating switches.
Access ports (including voice VLAN ports) on the RSPAN VLAN are put in the inactive state.
RSPAN VLANs are included as sources for port-based RSPAN sessions when source trunk ports have active RSPAN
VLANs. RSPAN VLANs can also be sources in SPAN sessions. However, since the switch does not monitor spanned
traffic, it does not support egress spanning of packets on any RSPAN VLAN identified as the destination of an RSPAN
source session on the switch.
You can configure any VLAN as an RSPAN VLAN as long as these conditions are met:
—
The same RSPAN VLAN is used for an RSPAN session in all the switches.
—
All participating switches support RSPAN.
We recommend that you configure an RSPAN VLAN before you configure an RSPAN source or a destination session.
If you enable VTP and VTP pruning, RSPAN traffic is pruned in the trunks to prevent the unwanted flooding of RSPAN
traffic across the network for VLAN IDs that are lower than 1005.
Local SPAN Configuration Guidelines, page 472
apply to RSPAN.
473
- Quick Links:
- Configuration Overview
Hide quick links:
Advertisement
Chapters
Table of Contents
Troubleshooting
