10-13-2009 12:02 PM - edited 03-06-2019 08:06 AM
Is it possible to set a SPAN session to monitor a port across the WAN on the 3560?
Solved! Go to Solution.
10-13-2009 12:06 PM
You can monitor a local vlan and SPAN it on a different port of the same switch: that is SPAN.
You can configure Remote SPAN (RSPAN) and that will monitor a port on a switch send it over a vlan to another switch that will read it and send it to an interface. If your vlan goes over a WAN link, that should be fine.
10-13-2009 12:06 PM
You can monitor a local vlan and SPAN it on a different port of the same switch: that is SPAN.
You can configure Remote SPAN (RSPAN) and that will monitor a port on a switch send it over a vlan to another switch that will read it and send it to an interface. If your vlan goes over a WAN link, that should be fine.
10-13-2009 12:08 PM
Andrew
If the WAN is routed then unfortunately no you cannot do this with a 3560. The feature you need is called ERSPAN and it is supported on the 6500 switch but not the 3560.
Jon
10-13-2009 12:12 PM
ERSPAN is to span over GRE, its not on the 3560, as Jon said.
However it depends how is your WAN link. Is it just an mpls type of link that doesnt have GRE encapsulation? That will be for you to find out.
RSPAN is useful to send the SPAN session from a switch to a different switch where your host with the sniffer is located.
To get overview about the 3 features including ERSPAN, this link is handy:
http://www.cisco.com/en/US/docs/routers/7600/ios/12.2SXF/configuration/guide/span.html#wp1059482
10-13-2009 12:20 PM
It is a typical MPLS WAN. I think RSPAN will do what we need, which is capture the traffic from a voice VLAN on a switch in one location with a capture device in another.
10-13-2009 12:26 PM
Yes in that case, you should be fine with RSPAN.
10-13-2009 12:41 PM
It depends on how you move traffic across the MPLS WAN ie. is the same vlan on both side of the MPLS WAN ie. VPLS type setup. If so RSPAN will work.
But if you route across your WAN ie. a vlan in one site is not the same vlan in another site then RSPAN won't work and you would need ERPSAN.
Edit - a typical MPLS network is L3 so RSPAN would not work.
Jon
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide