but how would i monitor all switches on my network from 1 port ? what is rspan ?

you want to monitor traffic from PCs or do you want to monitor switches using SNMP??

if you want to use SNMP then remote switches can also be monitored. You just need to have an IP address on the switch accessible from network monitor.

In case you want to monitor traffic from PCs then following link briefs on SPAN and RSPAN.

I want to monitor all the pc's on my network !! how would i do this ?

Carl,

Switches are Collision domain boundaries. Each port on your switch in effect is a different segment with the switch as a bridge (switch - bridge same thing). The function of a bridge is to only forward traffic to a port if that traffic is destined for something on that port. The only thing that breaks this rule is broadcast traffic as the broadcast address cannot physicaly "be" anywhere so the switch floods it to all ports.

The downside is that a sniffer plugged into a port will only ever see broadcast traffic (ok ok multicast too).

You can use a SPAN port or what the rest of the world knows as a mirror port to see exactly what another port is seeing (hence "mirror"). Thats fine except that if you try to mirror too many ports at once you can potentially overwhelm your mirror port as many 100megs into one 100meg doesn't go(and an incomplete trace is a useless trace).

So in answer to your question, you can't.

The only thing that has full information about each of the hosts connected to a switch is the switch itself.

You need to investigate how to get the information you need from the switch. One possibility is SNMP although this often requires expensive software. Also look into sFlow and netflow, there's plenty of info on the web - google it. This may give you what you need although I'm not sure how far along cisco is with implementing sFlow.

You can get an open source package called ntop which is an sFlow and netflow collector which you browse to to get results. Run it on linux and its free.