creating RSPAN

Unanswered Question
Dec 1st, 2008

Hi..we have to create an RSPAN session to a remote switch, where the analyser is connected to. So, we'll be creating an RSPAN vlan on both, the local and remote switches. Does the source port on the local switch or the destination port on the remote switch have to be in the RSPAN vlan?


I have this problem too.
0 votes
  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
Jon Marshall Mon, 12/01/2008 - 12:21

The RSPAN vlan is used simply to carry the traffic across multiple L2 switches. The only ports that should be configured within the RSPAN vlan are trunk ports (obviously they will be configured with all vlans transmitted across the L2 network).

Your source and destination ports are not part of the RSPAN vlan.


Giuseppe Larosa Mon, 12/01/2008 - 12:53

Hello John,

a RSPAN is a layer 2 tunnel for the captured frames:

on the source switch the rspan vlan is the destination of the SPAN session

on the destination switch the RSPAN vlan is the source of the frames sent to the destination ports.

What Jon has noticed is really important: the Remote SPAN has a dangerous charasteristic: mac address learning is disabled on the remote span vlan this is the price to pay to build an efficient L2 tunnel for moving the captured frames.

if you create multiple branches in the RSPAN vlan topology you can have troubles with frames going everywhere because no mac address learning is performed

see from the link you have provided

"As RSPAN VLANs have special properties, you should reserve a few VLANs across your network for use as RSPAN VLANs; do not assign access ports to these VLANs."

In some cases you need to build a dedicated path in order to avoid to saturate the existing trunks.

Hope to help


John Blakley Mon, 12/01/2008 - 12:58

True, but it also states:

"The RSPAN VLAN is configured only on trunk ports and not on access ports. To avoid unwanted traffic in RSPAN VLANs, make sure that the VLAN remote-span feature is supported in all the participating switches. Access ports on the RSPAN VLAN are silently disabled."

This would indicate that any port that's an access port of the RSPAN vlan would be automatically either a) disabled or b) switched to a trunk port. Do you know which? I've never assigned a port to the RSPAN vlan as an access port to see what happens.



This Discussion