Re: CSR 1000v Local SPAN

Alexander Pickar · ‎08-17-2018

Hi Everyone,

Do you know, if the virtual CSR 1000v router supports Local span configuration?

- I have configured local span, as I would on any switching platform

- Traffic is flowing in and out of the router via interface Gi1

- I want interface Gi2 to be a SPAN destination

- On interface Gi2, I don't see any traffic going out. Tested with version 3.16.8s and Denali 16.3.6.

- (Side note: I have also tried to configure the router as ERSPAN Destination. This has worked as expected, traffic received from ERSPAN was successfully mirrored to Gi2 interface.)

I have a simple configuration like that:

monitor session 1 type local
description TEST-Monitor
source interface Gi1
destination interface Gi2

Monitor session is up:

prg-csr-cisco#show monitor session 1
Session 1
---------
Type                   : Local Session
Status                 : Admin Enabled
Description            : TEST-Monitor
Source Ports           :
    Both               : Gi1
Destination Ports      : Gi2

Interface Gi1 has some traffic, but Gi2 has no traffic comming out:

prg-csr-cisco#show int gi 1
GigabitEthernet1 is up, line protocol is up
Hardware is CSR vNIC, address is 0050.5695.498d (bia 0050.5695.498d)
Internet address is 10.132.1.68/24
MTU 1500 bytes, BW 1000000 Kbit/sec, DLY 10 usec,
     reliability 255/255, txload 1/255, rxload 1/255
Encapsulation ARPA, loopback not set
Keepalive set (10 sec)
Full Duplex, 1000Mbps, link type is auto, media type is RJ45
output flow-control is unsupported, input flow-control is unsupported
ARP type: ARPA, ARP Timeout 04:00:00
Last input 00:00:00, output 00:00:44, output hang never
Last clearing of "show interface" counters never
Input queue: 0/375/0/0 (size/max/drops/flushes); Total output drops: 0
Queueing strategy: fifo
Output queue: 0/40 (size/max)
5 minute input rate 261000 bits/sec, 87 packets/sec
5 minute output rate 1000 bits/sec, 1 packets/sec
     208524 packets input, 78979536 bytes, 0 no buffer
      ...

1638 packets output, 163784 bytes, 0 underruns
...

prg-csr-cisco#
prg-csr-cisco#
prg-csr-cisco#show int gi 2
GigabitEthernet2 is up, line protocol is up (monitoring)
Hardware is CSR vNIC, address is 0050.5695.65c2 (bia 0050.5695.65c2)
MTU 1500 bytes, BW 1000000 Kbit/sec, DLY 10 usec,
     reliability 255/255, txload 1/255, rxload 1/255
Encapsulation ARPA, loopback not set
Keepalive set (10 sec)
Full Duplex, 1000Mbps, link type is auto, media type is RJ45
output flow-control is unsupported, input flow-control is unsupported
ARP type: ARPA, ARP Timeout 04:00:00
Last input never, output 00:02:07, output hang never
Last clearing of "show interface" counters never
Input queue: 0/375/0/0 (size/max/drops/flushes); Total output drops: 0
Queueing strategy: fifo
Output queue: 0/40 (size/max)
5 minute input rate 0 bits/sec, 0 packets/sec
5 minute output rate 0 bits/sec, 0 packets/sec
     2 packets input, 120 bytes, 0 no buffer
     ...
     3 packets output, 231 bytes, 0 underruns
     ...

prg-csr-cisco#

Regards,

Alexander Pickar

Rey- · ‎03-07-2019

I have this exact same problem too.

Did you ever get a response from someone on how to address it?

Leszek Wojnarski · ‎05-08-2019

I opened a case with Cisco for this and they provided workaround which works for me:

Workaround:
Local SPAN is not available on the ASR, but creative use of ERSPAN can produce similar results. An example configuration is given below:int loopback0

int loopback0
ip address x.x.x.x y.y.y.y
!
!
monitor session 1 type erspan-source
source interface GigabitEthernet0/0/0
destination
erspan-id 100
ip address x.x.x.x
origin ip address x.x.x.x
!
!
monitor session 2 type erspan-destination
destination interface GigabitEthernet0/0/5
source
erspan-id 100
ip address x.x.x.x

This is as per defect

https://bst.cloudapps.cisco.com/bugsearch/bug/CSCto80065

Rey- · ‎05-08-2019

Thanks!

I got it working with this:

***

interface Loopback0
ip address 1.1.1.1 255.255.255.255

!

monitor session 1 type erspan-source
source interface Gi2 rx
destination
erspan-id 100
ip address 1.1.1.1
origin ip address 1.1.1.1
!
monitor session 2 type erspan-destination
destination interface Gi4
source
erspan-id 100
ip address 1.1.1.1

***

yennylm4 · ‎06-19-2023

I have tried configuring erspan as you mentioned on a csr1000v router, but I can't see the packets being copied to the destination interface, would you know why this might be happening?

yennylm4 · ‎06-20-2023

I have configured the local SPAN, but when I ping the source interface I do not see the copy of the packets on the destination interface, in mycap I capture the packets from the source interface and mycap1 captures the destination interface.

csr1000v#show monitor session 1
Session 1
---------
Type                     : Local Session
Status                   : Admin Enabled
Source Ports             :
    Both                 : Gi2
Destination Ports        : Gi3



csr1000v#show monitor capture mycap buffer brief
 ----------------------------------------------------------------------------
 #   size   timestamp     source             destination      dscp    protocol
 ----------------------------------------------------------------------------
   0  114    0.000000   192.168.1.2      ->  192.168.16.2     0  BE   ICMP
   1  114    0.000000   192.168.1.2      ->  192.168.16.2     0  BE   ICMP
   2  114    0.000000   192.168.16.2     ->  192.168.1.2      0  BE   ICMP
   3  114    0.000000   192.168.1.2      ->  192.168.16.2     0  BE   ICMP
   4  114    0.000000   192.168.16.2     ->  192.168.1.2      0  BE   ICMP
   5  114    0.000000   192.168.16.2     ->  192.168.1.2      0  BE   ICMP
   6  114    0.017989   192.168.1.2      ->  192.168.16.2     0  BE   ICMP
   7  114    0.017989   192.168.16.2     ->  192.168.1.2      0  BE   ICMP
   8  114    0.038999   192.168.1.2      ->  192.168.16.2     0  BE   ICMP
   9  114    0.038999   192.168.16.2     ->  192.168.1.2      0  BE   ICMP

csr1000v#show monitor capture mycap1 buffer brief
 ----------------------------------------------------------------------------
 #   size   timestamp     source             destination      dscp    protocol
 ----------------------------------------------------------------------------