cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
1827
Views
0
Helpful
7
Replies

VLAN RSPAN with 3 switches?

ktran-anet
Level 1
Level 1

Okay my goal is to make voip server monitoring work in CCX 4.0 environment. This is how my 3 switches are connected:

Phones------SW1-----.1q-----CoreSW-----.1q-----SW2(f0/2)------CCX Monitoring Servers

Where,

CoreSW: WS-C3750G-48TS-E

SW1: WS-C3750-48PS-S (Source)

SW2: WS-C3560-24PS-S (Destination)

Note: I also have a bunch of different Cisco switches connected to the CoreSW, not mentioned here.

Both the phones and Servers are in the same voice vlan (let's name it vlan 10). With 2 switches directly connected, the config should look like this:

Source switch:

SW1(config)#monitor session 1 source vlan 10

SW1(config)#monitor session 1 destination remote vlan 10

Destination switch:

SW2(config)#monitor session 1 source vlan 10
SW2(config)#monitor session 1 destination fastethernet 0/2

However, I have the 3rd switch (CoreSW) in the middle, it seems to be a little tricky here. Do I have to configure anything on the CoreSW so that the monitored traffic would flow only from SW1 to SW2 directly without flooding to other switches that are also connected to the CoreSW?

Any suggestion would greatly appreciated.

==================================

Note: the above config is referenced from here:

http://www.cisco.com/en/US/products/hw/switches/ps708/products_tech_note09186a008015c612.shtml#topic5

7 Replies 7

Nagaraja Thanthry
Cisco Employee
Cisco Employee

Hello,

Typically, the remote vlan should be something other than your regular data

vlan. So, you can define a new vlan (say vlan 900) on all three switches

(including the Core switch) and define it as RSPAN vlan.

configure terminal

vlan 900

remote-span

exit

Then, on the source switch:

SW1(config)#monitor session 1 source vlan 10

SW1(config)#monitor session 1 destination remote vlan 900

On the Destination switch:

SW2(config)#monitor session 1 source remote vlan 900

SW2(config)#monitor session 1 destination fastethernet 0/2

Hope this helps.

Regards,

NT

Nagaraja,

Thanks for your suggestion. Your config looks clean.

However, I'm trying to figure out how the vlan 900 in this example works if I only have one NIC on each of my servers which is currently assiged to vlan 10. So do you suggest that I should use a 2nd NIC on each server and assign it to vlan 900 to make this work?

Is a dedicated RSPAN vlan a must have vlan and the only way to make this work? or is it just a smart choice that most people are doing?

Hello,

If I understand you right, you need the CCX servers to be on VLAN 10. You

can use the same ports that are in VLAN 10 for spanning as well as

communication. You need to configure "ingress forwarding" option along with

the monitor session.

monitor session 1 destination interface

and also add a manual ARP entry for CCX servers IP.

http://www.cisco.com/en/US/docs/switches/lan/catalyst3560/software/release/1

2.2_40_se/configuration/guide/swspan.html#wp1228704

Hope this helps.

Regards,

NT

The document that you sent says:

Configuring a VLAN as an RSPAN VLAN
First create a new VLAN to be the RSPAN VLAN for the RSPAN session. You must create the RSPAN VLAN in all switches that will participate in RSPAN.

So correct me if I'm wrong, on all 3 switches, I should have the RSPAN VLAN 900 configured

CoreSW(config)#vlan 900

CoreSW(config-vlan)#remote-span

SW1(config)#vlan 900

SW1(config-vlan)#remote-span

SW2(config)#vlan 900

SW2(config-vlan)#remote-span

Then, on the source switch:

SW1(config)#monitor session 1 source vlan 10

SW1(config)#monitor session 1 destination remote vlan 900

On the Destination switch:

SW2(config)#monitor session 1 source remote vlan 900

SW2(config)#monitor session 1 destination fastethernet 0/2

Hello,

That is correct.

Regards,

NT

Okay I did that and I don't see traffic coming from the source switch. See attached Sniffer.png

am I missing something here?

I also didn't see the traffic!

With this schema of three switches!

But with two is okay.

Please help me.
Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Innovations in Cisco Full Stack Observability - A new webinar from Cisco