An rspan vlan cannot be a privatevlan primary or secondary vlan. Span and rspan best cisco ccna ccnp and linuxcentos pdf notes. Use the interface range command in global configuration mode to simplify this task. Spanswitch port analyzer rspanremote spanerspanencapsulated rspan used for switchport monitoringport mirroring span destination interface on the same switch rspan destination interface on the another switch lets you copy all traffic from a source port or source vlan to a destination interface. While span is mirroring ports in the same switch, rspan remote span is mirroring ports in one switch to a port in different switch. Configuring span on cisco catalyst switches monitor. When you use a destination interface on the same switch as your switch we call it span, when the destination is a remote interface on another switch we call it rspan remote span. To create a vlan for rspan on cisco ios, you must create the vlan via the config vlan configuration mode, as opposed to using the older vlan database configuration mode. Beginning in privileged exec mode, follow these steps to create an rspan vlan. The previous page describes the configuration of local span, where both the span source and destination exist on the same switch.
However, we havent talked just yet about the ways we can alter the way a switch works. For vlan or vsan span sources, all active ports in the source vlan or vsan are included as source ports. This involves configuring a rspan vlan the mirrored traffic will be carried across this vlan from switch to switch. This post describes how to configure span and rspan on cisco catalyst switches. I looked into rspan, and created the vlan on both end switches, but when i got to our core nexus 9k, i realize it doesnt support remote span vlans. When a vlan is the source of a monitor session, all physical interfaces that are members of the vlan become source ports in a vspan. How to configure span and rspan in cisco catalyst switches. Note if some of the fex ports are being used by a span session as source ports, the remaining fex ports cannot be a part of a different span session. Refer to the addressing table for pc host address information. Example of setting up basic vspan on a cisco switch. During the process of defining vlan parameters, you must specify that the new vlan is an rspan vlan by configuring the remote span vlan configuration command. Rspan vlans must be configured in vlan configuration mode by using the remotespan vlan configuration mode command. Configuring span and rspan you can analyze network traffic passing through ports or vlans by using span to send a copy of the traffic to another port on the switch that has been connected to a switchprobe device or other remote monitoring rmon probe or security device.
Products sold prior to the november 1, 2015 separation of hewlettpackard company into hewlett packard enterprise company and hp inc. In the example vlan 4 is the monitored vlan, 699 is the reflector vlan. The destination port can then be located anywhere in this rspan vlan. How to configure cisco span rspan erspan with examples. How to configure cisco span rspan erspan with configuration commands. The configuration of your rspan source ports is no different than the previous configuration shown for span. The ohio state university raj jain 8 layer3 vlans q also known as virtual subnet q vlan membership implied by maclayer protocol type field and subnet field 123.
Unlike span, where the source and destination ports exist on the same switch, the source and destination ports for an rspan session reside on different switches. Vlan configuration commands step by step explained learn how to create and manage vlan in cisco switch step by step. Recording voip traffic via port mirroring orecx will easily. Remote port mirroring technical configuration guide. First we need to create the vlan and tell the switches that its a rspan vlan. The basic premise is that a special vlan is created on all the switches and allowed to traverse the trunks. Copy the running configuration to the startup configuration. A vlan span vspan configuration is a monitor session whose source is a vlan rather than specific interfaces. Step 1 configure remote span rspan create the rspan vlan on. Observe how rspans are configured in a standard switched network. Remote span rspan is used when source ports are not located on the same switch as the destination port. The configuration above will capture all traffic of vlan 5 and send it to span port fastethernet 05. Rspan remote span feature allows traffic that is sourced from a switch to be mirrored to a remote switch within a layer 2 network over trunk ports.
To accomplish this you will have to configure the destination vlan across the entire path between the switches. Remote span rspan allows the span source and destination to exist on different switches. For rspan to work it needs a source vlan vlan 4 and to get span from anywhere in the switch mesh you need to get it there via a reflector vlan. The command syntax begins monitor session, and assigns it a session number. How to configure cisco span rspan erspan with configuration commands having visibility in the traffic flowing through your network from specific hosts is an excellent way to troubleshoot problems or gather useful information and data. When using rspan you need to use a vlan for your rspan traffic so that traffic can travel from the source switch to. Users can change the native vlans for trunk interfaces as explained in section native vlan on trunk. Rspan is an advanced feature that requires a special vlan to carry the monitored traffic and is not supported by all switches. Note the switch must be running the lan base image to support remote span. Understanding span,rspan,and erspan cisco community. Administratively deactivate all unused ports on the switch. Create a practice lab in packet tracer as shown in following figure or download precreated practice lab from second part of this tutorial.
Unieni vlan configuration for extendedrange vlans, you can configure only mtu, private vlan, remote span vlan, and unieni vlan parameters. This document describes how to configure local switched port analyzer span and remote span rspan. Catalyst 2960x switch vlan configuration guide, cisco ios release 15. Subsequently, on the switch that contains the physical rspan source ports, this same rspan vlan would be designated as your span destination. In this article, we cover the vlans configuration on a cisco switch. I ask because nowadays i couldnt create next remote vlan ie. When source ports are not located on the same switch as the destination port.
Local span copies traffic from one or more source ports in any vlan or from one or more vlans to a destination port for analysis. Howto guide for configuring port mirroringspan ports. Discover how a span can traverse a switched network using the remote span feature. This port is usually connected to a network analyzer, such as a switchprobe device, a workstation running a packetcapturing application, or a remote monitoring rmon probe. Rspan explanation and configuration will be covered in another article. Secondly we will configure the link between the two switches as a trunk.
The traffic that is monitored by span is not directly copied to the destination port, but flooded into a special rspan vlan. Catalyst 2960 switch software configuration guide ol860304 23 configuring span and rspan this chapter describes how to configure switched port analyzer span and remote span rspan on the catalyst 2960 switch. You then set up a span session that copies your traffic to this special vlan. In this post i will be configuration rspan session between a cisco 6506 switch running ios version 12. Enables or disables remote switch port anaylzer rspan on one or more vlans. Vlan for rspan on cisco ios, you must create the vlan via the config vlan configuration mode, as opposed to using the older vlan database configuration mode. Implement switch port analyzer span, remote span rspan. On switch sw1 we can say that the span source, is port to which the client is attached, and span destination is a vlan, specifically we gonna called a remote vlan, and when we send a copy of traffic appearing on the clients port over to this vlan, that vlan traffic goes across the trunk and appearing on switch sw2, then on switch sw2, we setup span. A management vlan is any vlan that you configure to access the management capabilities of a switch. Configure the ip address listed in the addressing table for vlan 1 on the switch. You know that switches can work without any configuration.
Depending on the ios version and platform, the remote span configuration can be a bit different. Riverbed recommends remote span rspan and encapsulated remote. I have used span many times but that requires me to plug into a port in the same switch that the end device is plugged in to. The ethernet routing switch 8600 supports both ingress and egress port mirroring. Nevertheless, you know you can configure switches for remote management and tune some settings like the banner. A monitor session on the distribution switch with a remote span vlan as the source and physical interface as the destination e. For more information on remote span, see chapter 29, configuring span and rspan in the cgs 2520 software configuration guide. When you configure a trunk as the source interface it will copy traffic from all vlans, however there is an option to filter this. A remote span vlan on the distribution and access layer switch c. The functionality works exactly as a regular span session. A monitor session on the access switch with a physical interface source and the remote span vlan as the destination d. For rspan to work it needs a source vlan vlan 4 and to get span from anywhere in the switch mesh. Create the rspan vlan on dls1 using the vlan 300 command from global configuration mode.
Cisco catalyst 2960 series configuration manual pdf download. This guide captures the steps required to configure port mirroring on select models of network switches available on the market today such as. Span is important to mirror received or transmitted or both traffic on one or more source ports to a destination port for analysis. Visit passleader and download full version 300115 exam dumps. What is more interesting that is working fine however i dont know how vlan 666 was defined. Hi, i have read that n9k doesnt support rspan but i see at my boxes that the vlan 666 is a remote span.
Ers 8600 ers 8800 remote port mirroring technical configuration guide 8 november 2010 1. The span destination must use the same session number. You can also view vlan assignment information using the show interfaces interface switchport command. C h a p t e r 681 cisco ios software configuration guide, release 12. This may be a very easy question, but im not sure which one to use. The show vlan id vlan name displays the same output. Cisco configuring the catalyst switched port analyzer span. Understand how the switched port analyser can be used to first identify, and then mirror local switch port traffic over to a capture device for advanced analysis. Stp can run on rspan vlan trunks but not on span destination ports.
598 407 956 798 1526 711 1339 154 448 82 859 1208 1050 1514 1174 1161 230 379 1329 541 333 1199 1246 979 1185 640 944 791 203 70 651 592