07-31-2007 02:05 AM - edited 03-05-2019 05:35 PM
Hi Everyone.
I'm trying to get RSPAN to work. i have a test setup of 2 2950's but cannot get anything to show on the destination port except multi/broadcasts.
on switch 1:
interface FastEthernet0/23
description Reflector Port for VLAN 199
!
interface FastEthernet0/24
description Source Laptop
switchport access vlan 112
monitor session 1 source interface Fa0/24
monitor session 1 destination remote vlan 199 reflector-port Fa0/23
and port fa0/23 is left as default setup, nothing connected, but is flashing away happily as if traffic is working as it should.
on switch 2:
monitor session 1 destination interface Fa0/2
monitor session 1 source remote vlan 199
port fa0/2 is setup as follows:
interface FastEthernet0/2
switchport access vlan 112
This VLAN corresponds to the static IP address setup on the laptop with the packet capture software.
i see no unicast packets on the destination port and no packets can be sent or received from the attched destination laptop.
please help as i am getting nowhere with this.
many thanks
07-31-2007 02:11 AM
Hello Ray,
Have you set up the Vlan 99 as RSPAN on both the switches.
Do the following:
Config t
vlan 199
remote-span
Do this on both of the switches.
If you want to enable packet forwrading on the destination port, you have to enable the " ingress " option when you configure the destination port.
monitor session 1 destination interface Fa0/2 ingress vlan 112
HTH,Please rate if it does.
-amit singh
07-31-2007 02:16 AM
Hi,
Please check if both switches are connected either using trunk, or access vlan 199, becouse source traffic needs to be send to the second switch. The other thing is that when You create Vlan 199, You need to specify that it is remote-span vlan:
vlan 199
name sniffer
remote-span
exit
There is also another issue. Command reflector-port is no longer in use or supported (I read about it somewhere on cisco.com), so just try following configuration:
on switch 1:
interface FastEthernet0/23
description Reflector Port for VLAN 199
speed auto
no shut
!
interface FastEthernet0/24
description Source Laptop
switchport access vlan 112
speed auto
no shut
!
monitor session 1 source interface Fa0/24
monitor session 1 destination remote vlan 199
on switch 2:
interface FastEthernet0/2
description destination
speed auto
no shut
!
monitor session 1 source remote vlan 199
monitor session 1 destination interface Fa0/2
Pls rate this if You find this helpful.
Kind Regards:
Michal
07-31-2007 03:20 AM
Hi Guys,
thanks for the quick repsonses.
I have used VTP to spread VLAN 199 around, and called it a remote span vlan.
the switches are trunked and the trunks carry all vlans as default.
the source 2950 will not accept the command
"monitor session 1 destination remote vlan 199" without the reflector port option.
I'll upgrade the IOS and try again.
Also, Michal, i see the destination port in your config is set for a default vlan, this will surely mean that the IP address of the sniffer laptop will need to be changed to reflect the new IP address range of that Vlan. (i've just tried it and still no unicast packets flow)
any ideas? are 2950's any good for this?
07-31-2007 04:07 AM
Ray,
You have to configure the reflector port on 2950. Probably the config that were pasted above are from the some new IOS switches.
Could you please paste the " show vlan " from both the switches. A complete output..
As I said, Please use the ingress option on the destination port to enable the traffic forwarding.
Please see the link below for more info:
HTH,Please rate if it does.
-amit singh
07-31-2007 04:37 AM
VLAN Name Status Ports
---- -------------------------------- --------- -------------------------------
1 default active Fa0/2, Fa0/6, Fa0/8, Fa0/12, Fa0/13, Fa0/14, Fa0/16, Fa0/23
101 HUMETH1 active
108 HUMETH3 active Fa0/18
109 FACILITIES active Fa0/22
110 RFLAN active Fa0/7, Fa0/11
112 FIXED-IP-CLIENTS-2 active Fa0/24
199 RSPAN1 active
999 NULL suspended
1002 fddi-default act/unsup
1003 trcrf-default act/unsup
1004 fddinet-default act/unsup
1005 trbrf-default act/unsup
VLAN Type SAID MTU Parent RingNo BridgeNo Stp BrdgMode Trans1 Trans2
---- ----- ---------- ----- ------ ------ -------- ---- -------- ------ ------
1 enet 100001 1500 - - - - - 0 0
101 enet 100101 1500 - - - - - 0 0
108 enet 100108 1500 - - - - - 0 0
109 enet 100109 1500 - - - - - 0 0
110 enet 100110 1500 - - - - - 0 0
112 enet 100112 1500 - - - - - 0 0
VLAN AREHops STEHops Backup CRF
---- ------- ------- ----------
1003 7 7 off
Remote SPAN VLANs
------------------------------------------------------------------------------
199
Switch 2:
RayTest#sh vlan
VLAN Name Status Ports
---- -------------------------------- --------- -------------------------------
1 default active Fa0/2, Fa0/4, Fa0/5, Fa0/6, Fa0/7, Fa0/8, Fa0/9, Fa0/10, Fa0/11, Fa0/12
Fa0/13, Fa0/14, Fa0/15, Fa0/16, Fa0/17, Fa0/18, Fa0/19, Fa0/20, Fa0/21, Fa0/22
Fa0/23, Fa0/24, Fa0/25, Fa0/26
101 HUMETH1 active
108 HUMETH3 active
109 FACILITIES active
110 RFLAN active
112 FIXED-IP-CLIENTS-2 active Fa0/3
199 RSPAN1 active
999 NULL suspended
1002 fddi-default act/unsup
1003 trcrf-default act/unsup
1004 fddinet-default act/unsup
1005 trbrf-default act/unsup
VLAN Type SAID MTU Parent RingNo BridgeNo Stp BrdgMode Trans1 Trans2
---- ----- ---------- ----- ------ ------ -------- ---- -------- ------ ------
1 enet 100001 1500 - - - - - 0 0
101 enet 100101 1500 - - - - - 0 0
108 enet 100108 1500 - - - - - 0 0
VLAN AREHops STEHops Backup CRF
---- ------- ------- ----------
1003 7 7 off
Remote SPAN VLANs
------------------------------------------------------------------------------
199
Primary Secondary Type Ports
------- --------- ----------------- ------------------------------------------
Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: