Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
368
Views
0
Helpful
3
Replies

RSPAN Configuration

Ryan Heseltine
Level 1
Level 1

‎03-16-2015 09:07 AM - edited ‎03-17-2019 02:20 AM

Hi all,

 

I've got a bit of a weird one that I'm hoping for some guidance on, we've got a RSPAN setup currently that is working but as far as I can tell the configuration isn't complete so I'm getting a little bit confused on how it is working:

 

On several access switches we have a remote span vlan setup with the following configuration:

 

monitor session 1 source vlan 20
monitor session 1 destination remote vlan 99

 

However, as far as I can see this isn't officially copied across on the other switch to a specific interface as we've got the following config on the SPAN interface on a different switch to the access switch:

interface GigabitEthernet2/0/13
 description *** WITNESS SPAN DESTINATION ***
 switchport mode access
 speed 100
 duplex full
 spanning-tree portfast
end

 

There is also another session configured as follows, but this is just a normal SPAN to carry gateway traffic over to the interface:

 

monitor session 1 source interface Gi1/0/7
monitor session 1 source interface Gi3/0/7
monitor session 1 destination interface Gi2/0/13

 

The only thing I can think of is that as all RSPAN traffic is flooded that perhaps not setting the vlan for the interface has meant that the RSPAN VLAN is also sent?

 

The other possibility that I can think of is that it's ignoring the first two source parts of the monitor session and sending the RSPAN traffic instead as the sessions numbers match across the switches?

Labels:
0 Helpful
3 Replies 3

Aaron Harrison
VIP Alumni
VIP Alumni

‎03-16-2015 10:23 AM

Hi 

There's no magic really.

If you just have the config you have outlined:

- Switches will span vlan 20 into rspan VLAN 99.

- Destination switch will span ports Gi1/0/7/Gi3/0/7 to gi2/0/13

- Nothing seems to span rspan VLAN 99 to a port - the switch that mirrors the ports would normally do this

Your whole recording setup is probably working on calls that traverse the gateway.

Have you tested whether or not two phones on the same remote switch are recorded if they call between each other?

Aaron

Aaron Please remember to rate helpful posts to identify useful responses, and mark 'Answered' if appropriate!
0 Helpful

Ryan Heseltine
Level 1
Level 1
In response to Aaron Harrison

‎03-16-2015 03:38 PM

This was my initial thought, however, VLAN 20 has it's own SVI so calls wouldn't transverse the gateway would they as this would just be used for routing?

Or am I misunderstanding how a VoIP call is setup?

0 Helpful

Aaron Harrison
VIP Alumni
VIP Alumni
In response to Ryan Heseltine

‎03-17-2015 02:59 AM

Hi Ryan

Probably :-)

A 'gateway' generally in voice (I'm assuming you mean a voice gateway, whether Cisco or someone else's) is a point to which a VoIP call is sent, where it goes onto another network. This might be the PSTN, or to the Internet or another VoIP system,telephony system, or SP. So generally all your inbound/outbound customer/external calls will go through it.

The SVI is just a hop used to reach that endpoint, it just passes the traffic on.

Therefore if you SPAN your gateway, you get  all your customer calls, but not all your staff-to-staff calls. For lots of organisations that is considered OK.

Also, in some scenarios, and on some systems, even internal staff-to-staff calls might go via the 'gateway'.. that's not typical if you are talking a Cisco system.

At any rate, it should be pretty easy to test... 

And if there is definately no 'monitor session' bringing traffic from the r-span VLAN to a physical port, then RSPAN is not going to be working.

Aaron

 

Aaron Please remember to rate helpful posts to identify useful responses, and mark 'Answered' if appropriate!
0 Helpful
Customers Also Viewed These Support Documents