Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Community Member

Maintain VLAN Tagging through SPAN destination?

I need to have a SPAN port forward VLAN tags.  This is on a 6509 running 122-18.SXF15a.

Here's the current configuration for the port and the monitor session:

interface GigabitEthernet2/11
description Connected to Gigamon-1A port 9
switchport
switchport trunk encapsulation dot1q
switchport mode trunk
no ip address
end

monitor session 2 source vlan 54 , 260 , 801 - 805 , 900 - 936
monitor session 2 destination intrusion-detection-module 1 data-port 1
monitor session 2 destination interface Gi2/11
monitor session 2 destination interface Gi4/4 , Gi4/25 , Gi4/40

When I do a capture, I'm not seeing the tags.

What am I missing?

Thanks.

Jason

Everyone's tags (3)
6 REPLIES
Community Member

Re: Maintain VLAN Tagging through SPAN destination?

I'm going to bump this in the hopes that someone can help.

From what I have read, in theory, all I should need to do is have the destination port trunked.  However, when I do a capture with tcpdump off of that destination port, I'm not seeing the VLAN tags.

Is there something else that I'm missing?  I've removed the destination port from the monitor session and re-added it, but it did not help.

Any thoughts?  I really need to fix this.

Thanks.

Jason

Hall of Fame Super Silver

Re: Maintain VLAN Tagging through SPAN destination?

Hello Jason,

it should work if this is a local span session.

also the device you connect to the monitor destination port plays a role: its nic has to understand tagging.

may you post a sh module to see exactly what type of PFC is on the chassis?

Hope to help

Giuseppe

Community Member

Re: Maintain VLAN Tagging through SPAN destination?

Hi Jason

Your span destination port needs to be a trunk port in order to preserve the 1Q tags

ie

  switchport

  switchport mode trunk

Community Member

Maintain VLAN Tagging through SPAN destination?

I have been working on this exact issue. I configured my destination port as a trunk port as shown above, but it still did not pass VLAN tags. However, once I added "switchport nonegotiation", vlan tags were captured in my monitor session.

For those playing at home, my succesful config looks like this:

interface GigabitEthernet2/2

switchport

switchport trunk encapsulation dot1q

switchport mode trunk

switchport nonegotiate

no ip address

monitor session 2 source vlan 45 - 50 , 182 , 190 , 260 , 300 - 306

monitor session 2 destination interface Gi2/2


Hall of Fame Super Bronze

Re: Maintain VLAN Tagging through SPAN destination?

jason.williams@lowes.com

monitor session 2 source vlan 54 , 260 , 801 - 805 , 900 - 936

monitor session 2 destination intrusion-detection-module 1 data-port 1
monitor session 2 destination interface Gi2/11
monitor session 2 destination interface Gi4/4 , Gi4/25 , Gi4/40

When I do a capture, I'm not seeing the tags.

What am I missing?

Thanks.

Jason

The sources are L3 interfaces and do not contain any tag information.

If you want to capture tags, you must span a 802.1q switchport

Regards

Edison

Community Member

Maintain VLAN Tagging through SPAN destination?

Also verify if you are using a Broadcom chip-based NIC card. They strip out (silently) the VLAN tags. You can either get yourself a cheap realtek based card (what I did) or try the following from the wireshark FAQ:

http://wiki.wireshark.org/CaptureSetup/VLAN

10319
Views
0
Helpful
6
Replies
CreatePlease to create content