Remote span rspan is used when source ports are not located on the same switch as the destination port. I ask because nowadays i couldnt create next remote vlan ie. In this article, we cover the vlans configuration on a cisco switch. Cisco configuring the catalyst switched port analyzer span. You can also view vlan assignment information using the show interfaces interface switchport command. Unlike span, where the source and destination ports exist on the same switch, the source and destination ports for an rspan session reside on different switches. Local span copies traffic from one or more source ports in any vlan or from one or more vlans to a destination port for analysis. Visit passleader and download full version 300115 exam dumps. During the process of defining vlan parameters, you must specify that the new vlan is an rspan vlan by configuring the remote span vlan configuration command. Understanding span,rspan,and erspan cisco community. I have used span many times but that requires me to plug into a port in the same switch that the end device is plugged in to. A management vlan is any vlan that you configure to access the management capabilities of a switch. Note the switch must be running the lan base image to support remote span. This post describes how to configure span and rspan on cisco catalyst switches.
Span and rspan best cisco ccna ccnp and linuxcentos pdf notes. Vlan for rspan on cisco ios, you must create the vlan via the config vlan configuration mode, as opposed to using the older vlan database configuration mode. Span is important to mirror received or transmitted or both traffic on one or more source ports to a destination port for analysis. Rspan is an advanced feature that requires a special vlan to carry the monitored traffic and is not supported by all switches. Nevertheless, you know you can configure switches for remote management and tune some settings like the banner. Products sold prior to the november 1, 2015 separation of hewlettpackard company into hewlett packard enterprise company and hp inc. Implement switch port analyzer span, remote span rspan.
First we need to create the vlan and tell the switches that its a rspan vlan. Understand how the switched port analyser can be used to first identify, and then mirror local switch port traffic over to a capture device for advanced analysis. Vlan configuration commands step by step explained learn how to create and manage vlan in cisco switch step by step. On switch sw1 we can say that the span source, is port to which the client is attached, and span destination is a vlan, specifically we gonna called a remote vlan, and when we send a copy of traffic appearing on the clients port over to this vlan, that vlan traffic goes across the trunk and appearing on switch sw2, then on switch sw2, we setup span. Catalyst 2960 switch software configuration guide ol860304 23 configuring span and rspan this chapter describes how to configure switched port analyzer span and remote span rspan on the catalyst 2960 switch. The previous page describes the configuration of local span, where both the span source and destination exist on the same switch. Configure the ip address listed in the addressing table for vlan 1 on the switch. Stp can run on rspan vlan trunks but not on span destination ports. Configuring span and rspan you can analyze network traffic passing through ports or vlans by using span to send a copy of the traffic to another port on the switch that has been connected to a switchprobe device or other remote monitoring rmon probe or security device. Users can change the native vlans for trunk interfaces as explained in section native vlan on trunk. In the example vlan 4 is the monitored vlan, 699 is the reflector vlan.
How to configure cisco span rspan erspan with configuration commands. A monitor session on the distribution switch with a remote span vlan as the source and physical interface as the destination e. Remote span rspan allows the span source and destination to exist on different switches. Configuring span on cisco catalyst switches monitor. Create the rspan vlan on dls1 using the vlan 300 command from global configuration mode. However, we havent talked just yet about the ways we can alter the way a switch works. To create a vlan for rspan on cisco ios, you must create the vlan via the config vlan configuration mode, as opposed to using the older vlan database configuration mode. The ethernet routing switch 8600 supports both ingress and egress port mirroring. While span is mirroring ports in the same switch, rspan remote span is mirroring ports in one switch to a port in different switch. Observe how rspans are configured in a standard switched network. Administratively deactivate all unused ports on the switch.
Discover how a span can traverse a switched network using the remote span feature. The show vlan id vlan name displays the same output. Enables or disables remote switch port anaylzer rspan on one or more vlans. L3 span on the catalyst 8500 span on the catalyst 4000, 5000, and 6000 series switches running catos local span remote span feature summary and limitations span on the catalyst 2950catalyst 3550 series switches. Riverbed recommends remote span rspan and encapsulated remote. When you use a destination interface on the same switch as your switch we call it span, when the destination is a remote interface on another switch we call it rspan remote span. Depending on the ios version and platform, the remote span configuration can be a bit different.
Catalyst 2960x switch vlan configuration guide, cisco ios release 15. Beginning in privileged exec mode, follow these steps to create an rspan vlan. Rspan explanation and configuration will be covered in another article. When you configure a trunk as the source interface it will copy traffic from all vlans, however there is an option to filter this. What is more interesting that is working fine however i dont know how vlan 666 was defined. An rspan vlan cannot be a privatevlan primary or secondary vlan. Unieni vlan configuration for extendedrange vlans, you can configure only mtu, private vlan, remote span vlan, and unieni vlan parameters.
I looked into rspan, and created the vlan on both end switches, but when i got to our core nexus 9k, i realize it doesnt support remote span vlans. Note for complete syntax and usage information for the commands used in this chapter, see the command reference for this release. You know that switches can work without any configuration. The configuration of your rspan source ports is no different than the previous configuration shown for span. This may be a very easy question, but im not sure which one to use. How to configure span and rspan in cisco catalyst switches.
Each switch must be configured with the rspan vlan. Refer to the addressing table for pc host address information. How to configure cisco span rspan erspan with configuration commands having visibility in the traffic flowing through your network from specific hosts is an excellent way to troubleshoot problems or gather useful information and data. When a vlan is the source of a monitor session, all physical interfaces that are members of the vlan become source ports in a vspan. This guide captures the steps required to configure port mirroring on select models of network switches available on the market today such as.
Recording voip traffic via port mirroring orecx will easily. Step 1 configure remote span rspan create the rspan vlan on. For vlan or vsan span sources, all active ports in the source vlan or vsan are included as source ports. A vlan span vspan configuration is a monitor session whose source is a vlan rather than specific interfaces. Vlan configuration guide supermicro l2l3 switches configuration guide 9 vlan 1 is configured as the default native vlan for all trunk interfaces. To accomplish this you will have to configure the destination vlan across the entire path between the switches. Copy the running configuration to the startup configuration. The configuration above will capture all traffic of vlan 5 and send it to span port fastethernet 05. This involves configuring a rspan vlan the mirrored traffic will be carried across this vlan from switch to switch. Example of setting up basic vspan on a cisco switch. You then set up a span session that copies your traffic to this special vlan.
The destination port can then be located anywhere in this rspan vlan. Rspan configuration for cisco 6500 switches xerunetworks. Howto guide for configuring port mirroringspan ports. The basic premise is that a special vlan is created on all the switches and allowed to traverse the trunks. The span destination must use the same session number. When source ports are not located on the same switch as the destination port. Note if some of the fex ports are being used by a span session as source ports, the remaining fex ports cannot be a part of a different span session. In this post i will be configuration rspan session between a cisco 6506 switch running ios version 12. Use the interface range command in global configuration mode to simplify this task. The functionality works exactly as a regular span session. This document describes how to configure local switched port analyzer span and remote span rspan. The command syntax begins monitor session, and assigns it a session number.
For rspan to work it needs a source vlan vlan 4 and to get span from anywhere in the switch mesh you need to get it there via a reflector vlan. Spanswitch port analyzer rspanremote spanerspanencapsulated rspan used for switchport monitoringport mirroring span destination interface on the same switch rspan destination interface on the another switch lets you copy all traffic from a source port or source vlan to a destination interface. A monitor session on the access switch with a physical interface source and the remote span vlan as the destination d. When using rspan you need to use a vlan for your rspan traffic so that traffic can travel from the source switch to. You can change only the mtu size and the remote span configuration state on extendedrange vlans. For more information on remote span, see chapter 29, configuring span and rspan in the cgs 2520 software configuration guide.
For rspan to work it needs a source vlan vlan 4 and to get span from anywhere in the switch mesh. C h a p t e r 681 cisco ios software configuration guide, release 12. Rspan remote span feature allows traffic that is sourced from a switch to be mirrored to a remote switch within a layer 2 network over trunk ports. Cisco catalyst 2960 series configuration manual pdf download. Jul 29, 2011 span switch port analyzer span copies network traffic from a vlan or group of ports to a selected port. The traffic that is monitored by span is not directly copied to the destination port, but flooded into a special rspan vlan. The ohio state university raj jain 8 layer3 vlans q also known as virtual subnet q vlan membership implied by maclayer protocol type field and subnet field 123. Subsequently, on the switch that contains the physical rspan source ports, this same rspan vlan would be designated as your span destination.
Configure fa03 through fa04 as trunking ports, and designate vlan 99 as the native vlan for these trunks. How to configure cisco span rspan erspan with examples. Mar 18, 2009 an rspan is a way to get traffic from a span source on one switch to a span destination on another switch thats connected via a trunk. Secondly we will configure the link between the two switches as a trunk. Oct 17, 2014 span is important to mirror received or transmitted or both traffic on one or more source ports to a destination port for analysis. Ers 8600 ers 8800 remote port mirroring technical configuration guide 8 november 2010 1. Hi, i have read that n9k doesnt support rspan but i see at my boxes that the vlan 666 is a remote span.
8 1506 1048 871 1293 324 841 1402 1521 87 802 498 1122 279 155 19 1308 313 807 1487 1407 1278 637 792 1344 1267 1034 1046 140 674 677 1391 1230 322 890 732 60 234 402 157