Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
622
Views
0
Helpful
1
Replies

Preventing RSPAN flooding with asymmetrical VLAN filtering

zcayou
Level 1
Level 1

‎05-09-2016 09:56 PM - edited ‎03-08-2019 05:40 AM

Is there a way to asymmetrically filter VLANs on a trunk? I am working on an RSPAN implementation for a large layer-2 network, but I am concerned how the RSPAN traffic from any access switch will be flooded onto every trunk link at the distribution switch that allows that RSPAN VLAN (i.e back down every other trunk from access switches also sourcing traffic into the RSPAN VLAN). Essentially looking for a way to ensure the RSPAN VLAN can only egress a specific trunk, while other trunks only allow it ingress. This will be on the nexus 5k/7k platforms for what it's worth.

Also, we are trying to avoid having a separate RSPAN VLAN per access switch, for scalability/policy issues - already know that is a method for solving this. 

Thanks.

Labels:
0 Helpful
1 Reply 1

Paul Chapman
Level 4
Level 4

‎05-09-2016 10:38 PM

Hi -

If this is all on Nexus, then use ERSPAN.  The SPAN packets are encapsulated in IP and GRE (among other things) and are sent as unicast IP to the destination of your choice.

Current Wireshark versions have native dissectors for ERSPAN. This means you can actually send SPAN traffic directly to wireshark without special egress ports on the network.

PSC

0 Helpful
Customers Also Viewed These Support Documents