Specifications

ManualsBrandsCisco ManualsComputer equipmentIE 2000

171

172

173

174

175

176

177

178

179

180

11-9

System Management Software Configuration Guide for Cisco IE 2000U and Connected Grid Switches

Chapter 11 Configuring SPAN and RSPAN

Guidelines and Limitations

• You can limit SPAN traffic to specific VLANs by using the filter vlan keyword. If a trunk port is

being monitored, only traffic on the VLANs specified with this keyword is monitored. By default,

all VLANs are monitored on a trunk port.

• You cannot mix source VLANs and filter VLANs within a single SPAN session.

RSPAN Configuration Guidelines

• All SPAN configuration guidelines apply to RSPAN.

• As RSPAN VLANs have special properties, you should reserve a few VLANs across your network

for use as RSPAN VLANs; do not assign access ports to these VLANs.

• You can apply an output ACL to RSPAN traffic to selectively filter or monitor specific packets.

Specify these ACLs on the RSPAN VLAN in the RSPAN source switches.

• For RSPAN configuration, you can distribute the source ports and the destination ports across

multiple switches in your network.

• RSPAN does not support BPDU packet monitoring or other Layer 2 switch protocols.

• The RSPAN VLAN is configured only on trunk ports and not on access ports. To avoid unwanted

traffic in RSPAN VLANs, make sure that the VLAN remote-span feature is supported in all the

participating switches.

• Access ports on the RSPAN VLAN are put in the inactive state.

• RSPAN VLANs are included as sources for port-based RSPAN sessions when source trunk ports

have active RSPAN VLANs. RSPAN VLANs can also be sources in SPAN sessions. However, since

the switch does not monitor spanned traffic, it does not support egress spanning of packets on any

RSPAN VLAN identified as the destination of an RSPAN source session on the switch.

• You can configure any VLAN as an RSPAN VLAN as long as these conditions are met:

–

The same RSPAN VLAN is used for an RSPAN session in all the switches.

–

All participating switches support RSPAN.

–

MAC address learning is not disabled on the RSPAN VLAN.

• We recommend that you configure an RSPAN VLAN before you configure an RSPAN source or a

destination session.

SPAN and RSPAN Interaction with Other Features

• Routing—For switches that are running the IP services image, SPAN does not monitor routed traffic.

RSPAN only monitors traffic that enters or exits the switch, not traffic that is routed between

VLANs. For example, if a VLAN is being receive-monitored and the switch routes traffic from

another VLAN to the monitored VLAN, that traffic is not monitored and is not received on the SPAN

destination port.

• STP—A destination port does not participate in STP while its SPAN or RSPAN session is active.

The destination port can participate in STP after the SPAN or RSPAN session is disabled. On a

source port, SPAN does not affect the STP status. STP can be active on trunk ports carrying an

RSPAN VLAN. However, only NNIs or ENIs can support STP; UNIs do not participate in STP.

• CDP—A SPAN destination port does not participate in CDP while the SPAN session is active. After

the SPAN session is disabled, the port again participates in CDP. NNIs have CDP enabled by default

and you can enable it on ENIs; UNIs do not participate in CDP.