From: Manjeet Chawla (manjeetc1@gmail.com)
Date: Sat Feb 17 2007 - 19:41:01 ART
Try following. Use reflector port if needed depending on the type of
switch you are using.
SW1:
*** Create remote-span VLAN on switch#1
vlan 999
remote-span
*** Dump all data to be mirrored to RSPAN VLAN 999
monitor session 1 source vlan 10 - 11 rx
monitor session 1 destination remote vlan 999 reflector-port Fa0/10
SW2:
*** Create remote-span VLAN on switch#1
vlan 999
remote-span
*** Dump all data to be mirrored to RSPAN VLAN 999
monitor session 1 source vlan 10 - 11 rx
monitor session 1 destination remote vlan 999 reflector-port Fa0/10
*** Pick up all data from RSPAN vlan 999 using following command
*** Remember RSPAN has mirrored data from both SW1 and SW2 now
monitor session 2 source remote vlan 999
monitor session 2 destination interface fa 0/11
HTH
Manjeet Chawla
CCIE # 5591 (R&S/Security)
san wrote:
> Josef,
>
> You cannot have two sessions destined to same interface !!
>
> Thats the reason of the question...I havent found a way yet.
>
> Thanks & Rgds
> SAN
>
>
> On 2/17/07, Josef A <josefnet@gmail.com> wrote:
>
>> I like the second configuration option, because it seems like you will
>> need two different monitor sessions: an rspan session to monitor traffic in
>> SW1, and a span session to monitor traffic in SW2.
>>
>> However I will modify the second monitor session on SW2 as follows:
>>
>> monitor session 2 source vlan 65 - 72
>> monitor session 2 destination interface Gi1/0/43
>>
>> my 2 cents
>>
>> thx
>>
>>
>> On 2/17/07, san <san.study@gmail.com> wrote:
>>
>>
>>> Hello All,
>>>
>>> I have a need to setup RSPAN and looking to see how to sniff.
>>>
>>>
>>> Sw1=======Sw2
>>>
>>> Vlans per Switch
>>> SW1 => vlan 65,66,67,68,69,70, 999
>>> SW2 => vlan 65,66,67,68,69,70, 999
>>> SW1 and SW2 are 3750
>>>
>>> I have a sniffer drop at SW2 1/0/43 and need to sniff all the vlans at
>>> both
>>> the switches to this port.
>>>
>>> Configuration below can only brings the source vlan 65,66,67,68,69,70 on
>>> SW1
>>> to SW2 port 1/0/43 .
>>>
>>> Problem is Traffic from SW2 vlans (65,66,..70) are not sniffed to
>>> sniffer
>>> port through configuration 1.
>>> - Switch doesnot allow to add additional source commands like "source
>>> vlan
>>> or source interface".
>>>
>>> I havenot tried the configuration option2 below. Would this work or Any
>>> other method to solve this ?
>>>
>>>
>>> Configuration 1:
>>> -------------------------
>>> SW1:
>>> -------
>>> vlan 999
>>> rspan
>>>
>>> monitor session 1 source vlan 65 - 72
>>> monitor session 1 destination remote vlan 999
>>>
>>> SW2:
>>> --------
>>> vlan 999
>>> rspan
>>>
>>> monitor session 1 source remote vlan 999
>>> monitor session 1 destination interface Gi1/0/43
>>>
>>>
>>>
>>> Configuration 2:
>>> -------------------------
>>> SW1:
>>> -------
>>> vlan 999
>>> rspan
>>>
>>> monitor session 1 source vlan 65 - 72
>>> monitor session 1 destination remote vlan 999
>>>
>>> SW2:
>>> --------
>>> vlan 999
>>> rspan
>>>
>>> monitor session 1 source remote vlan 999
>>> monitor session 1 destination interface Gi1/0/43
>>>
>>> monitor session 2 source vlan 65 - 72
>>> monitor session 2 destination remote vlan 999
>>>
>>>
>>> --
>>> Thanks & Rgds
>>> SAN
>>>
>>> _______________________________________________________________________
>>> Subscription information may be found at:
>>> http://www.groupstudy.com/list/CCIELab.html
This archive was generated by hypermail 2.1.4 : Thu Mar 01 2007 - 07:38:47 ART