VLAN Subinterface

Unanswered Question
Jan 2nd, 2008
User Badges:

I have setup a voice recorder to record the Cisco IP phone calls on my network. We have 6 buildings interconnected by fiber, and all the voice traffic is on VLAN5. So on my remote switches (all 3560s) I have


mon sess 1 source vlan 5


In the switch were the recorder is I created a new Vlan, Vlan 20. So also on the remote switches I added


mon sess 1 dest remote vlan 20


All good so far. But now I am stumped. I need to 'route' Vlan 20 to a 'subinterface' on the main 3560. How do I do that?? Plus I would like to capture the IP phone traffic on this switch to...I tried


mon sess 1 source vlan 20

mon sess 1 dest remote vlan 5


but it didn't like that.


All my devices (including phones) are in the 192.168.x.y range (phones are in the 5, switches in 7, PCs in 10, etc.)


Let me know if this is enough info.

  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 4 (2 ratings)
Loading.
Richard Burts Wed, 01/02/2008 - 10:57
User Badges:
  • Super Silver, 17500 points or more
  • Hall of Fame,

    Founding Member

  • Cisco Designated VIP,

    2017 LAN, WAN

Doug


I am not sure about your statement about needing subinterfaces on the VLAN of your switch. It seems to me that to route between vlans what you need is interface vlan 5 with its IP address and then interface vlan 20 with its interface, and verify that ip routing is enabled on the switch. That should allow you to route between the VLANs.


Having said that I wonder if you really need "routing" between the subnets. If you are trying to set up a monitor session with the source in vlan 5 and the destination in vlan 20 it does not require routing between the vlans for this to work. You just need to be sure that trunking is enabled between the switches and that the trunk is carrying both vlan 5 and vlan 20.


If there is something that I have not correctly understood then perhaps you can clarify for me.


HTH


Rick

townofnewmarket Wed, 01/02/2008 - 11:09
User Badges:

Well I agree with most of what you are saying. but on the switch with the voice recorder I have


mon sess 1 source vlan 20

mon sess 1 dest int fa0/14


(note on other REMOTE switches I have)

mon sess 1 source vlan 5

mon sess 1 dest remote vlan 20


So how does port 14 know he is the owner of VLan 20? I have this on fa0/14


switchport access vlan 20


Is that enough? How do I know if the the trunk is carrying both vlan 5 and 20? If I do


show vlan id 20


I get this: (abridged)


active ports fa0/14, fa0/24, gi0/2

remote span vlan is disabled





Richard Burts Wed, 01/02/2008 - 11:42
User Badges:
  • Super Silver, 17500 points or more
  • Hall of Fame,

    Founding Member

  • Cisco Designated VIP,

    2017 LAN, WAN

Doug


I am not sure that port 14 knows that he is associated with vlan 20 (or that it needs to know). My understanding of the monitor/span function is that when you assign a port as the monitor destination it no longer functions as an access port and does not have the normal vlan association. The switch sends the monitor output to the port.


In the output that you posted I notice that remote span vlan is disabled. I suspect that you will need it enabled for your monitor to work.


HTH


Rick

townofnewmarket Wed, 01/02/2008 - 12:18
User Badges:

So instead of monitor session, you are saying to set up SPANs and RSPANs?

Richard Burts Wed, 01/02/2008 - 13:32
User Badges:
  • Super Silver, 17500 points or more
  • Hall of Fame,

    Founding Member

  • Cisco Designated VIP,

    2017 LAN, WAN

Doug


It gets a little confusing because on some of the bigger Catalyst switches there was a SPAN and RSPAN command where the same functions on your switch use the monitor command.


But yes what you need is span and rspan which are configured using the monitor command on your switch. The link that John posted is pretty good and should help you understand what you need to configure to get this going.


HTH


Rick

Actions

This Discussion