From: PhiL (theccie@gmail.com)
Date: Sun Feb 20 2005 - 15:42:18 GMT-3
This configuration will monitor all traffic from vlan 2 on both
switches. Without span on Sw2 traffic from vlan 2 wil not be sent to
Sw1 (assuming Sw2 has ports on vlan2):
Sw1:
vlan 10 <- can be also created on Sw2 if it is vtp server)
remote-span
!
monitor session 1 source vlan 2 , 10 rx
monitor session 1 destination interface Fa0/23 <- sniffer on port fa0/23
Sw2:
monitor session 1 source vlan 2 rx
monitor session 1 destination remote vlan 10 reflector-port Fa0/20
<- unused port f0/20
On Wed, 16 Feb 2005 08:57:02 -0500, ccie2be <ccie2be@nyc.rr.com> wrote:
> This is interesting.
>
> sw1 and sw2 are configured for rspan. On sw1, all incoming traffic from vlan
> 2 is being sent to a sniffer on sw2's fa0/23.
>
> sw2 doesn't have any ports assigned to vlan 2.
>
> Here's the config:
>
> SW1#f monit
> monitor session 1 source vlan 2 rx
> monitor session 1 destination remote vlan 10 reflector-port Fa0/7
> !
> sw2#f monit
> monitor session 1 destination interface Fa0/23
> monitor session 1 source remote vlan 10
> !
> end
>
> sw2#c
> Enter configuration commands, one per line. End with CNTL/Z.
> sw2(config)#mon ses 1 sour vlan 2 rx
> % Cannot add VLANs as source for session 1 - a RSPAN Destination session
> sw2(config)#
>
> Notice that the switch doesn't allow me to vlan 2 as another source.
>
> Suppose sw2 had ports assigned to vlan 2. How would I configure rspan to
> monitor all traffic received from vlan 2?
>
> If sw2 had ports assigned to vlan 2, wold rspan automatically include the
> traffic from those sw2 ports in vlan 2 because of the config on sw1?
>
> TIA, Tim
>
> _______________________________________________________________________
> Subscription information may be found at:
> http://www.groupstudy.com/list/CCIELab.html
>
-- PhiL
This archive was generated by hypermail 2.1.4 : Thu Mar 03 2005 - 08:51:23 GMT-3