In RSPAN, a specific VLAN must be configured across the entire switching path from the source port or VLAN to the RSPAN destination port. This requires that the RSPAN VLAN be included in any trunks in that path, too.
Create a SPAN source that consists of at least one port or at least one VLAN on a switch.
Regardless of the type of SPAN we are running, a SPAN source port can be any type of port — a routed port, a physical switch port, an access port, a trunk port, an EtherChannel port (either one physical port or the entire port-channel interface).
On a SPAN source VLAN, all active ports in that VLAN are monitored.
A port configured as a SPAN destination cannot be part of a SPAN source VLAN.
Restrictions and Conditions
When you configure a destination port, its original configuration is overwritten. If the SPAN configuration is removed, the original configuration on that port is restored.When you configure a destination port, the port is removed from any EtherChannel bundle if it were part of one. If it were a routed port, the SPAN destination configuration overrides the routed port configuration.
Destination ports do not support port security, 802.1x authentication, or private VLANs. In general, SPAN/RSPAN and 802.1x are incompatible.
Destination ports do not support any Layer 2 protocols, including CDP, Spanning Tree, VTP, DTP, and so on.
SPAN source can be either one or more ports or a VLAN, but not a mix of these.
Up to 64 SPAN destination ports can be configured on a switch.
A SPAN destination port cannot be a source port, and a source port cannot be a destination port.
A SPAN destination port stop acting as a normal switch port. It passes only SPAN-related traffic.
Traffic that is routed from another VLAN to a source VLAN cannot be monitored with SPAN.
For receive(RX) SPAN, the traffic is forwarded to SPAN destination before any filtering,QoS or even ingress or egress policing
For transmit(TX) SPAN,all relevant modification or filtering is done before it's forwarded to R/SPAN destination.So frames delivered may or may not match original frames.
SPAN Configuration
#monitor session 11 source interface fa0/18 rx#monitor session 11 source interface fa0/9 tx
#monitor session 11 source interface fa0/19 (trunk port)
#monitor session 11 filter vlan 1 - 3, 229
#monitor session 11 destination interface fa0/24 encapsulation replicate
RSPAN COnfiguration (session number must be 1 to 66)
On source switch
#vlan 199
#remote span
#exit
#monitor session 11 source vlan 66 - 68 rx
#monitor session 11 destination remote vlan 199
On destination switch
#vlan 199
#remote span
#exit
#monitor session 63 source remote vlan 199
#monitor session 63 destination interface fa0/24
ERSPAN Configuration
#monitor sesion 1 type erspan-source
#source interface g0/1/0 rx
#no shutdown
#destination
#erspan-id 101
#ip address 10.1.1.1
#origin ip address 172.16.1.1
#monitor session 2 type erspan-destination
#destination interface g2/2/1
#no shutdown
#source
#erspan-id 101
#ip address 10.1.1.1
Verification command
#show monitor session
No comments:
Post a Comment