Hi there,

I posted this thread a few days ago but didn’t manage to get to the  bottom of the issue then. Thank you to Giuseppe for his contribution to  that thread.

The RSPAN config shown at the bottom of this thread isn’t doing as I expected. I want to only see the output from 3 voice VLANs (32,34 and 36) that are configured across two switches (connected by a VLAN trunked L2 port channel).

The problem is:   Currently I’m seeing traffic from all VLANs for the switches when sniffing the port gig 7/10 on SW01.

Configured across the trunk are VLANs 1, 32, 33, 34, 35, 36, 39, 40, 41, 42, 44, 45, 46,47 and 951 (remote-span vlan).

Strangely, if I only configure one vlan source e.g. VLAN 32 within the contect 'monitor session 1 type rspan-source' then that is the only traffic that I see (as i would expect). As soon as I add more VLAN sources to the list however then traffic from all VLANs start to show up in the Wireshark trace?

The configuration I've applied is shown below.  Any comments welcome.

DISTRIBUTION SW 01 -

vlan 951

name RSPAN_VLAN_951

remote-span

!

spanning-tree vlan 951 priority 8192

interface Port-channel1

switchport trunk allowed vlan add 951

monitor session 1 type rspan-source

source vlan 32 , 34 , 36

destination remote vlan 951

!

monitor session 11 type rspan-destination

source remote vlan 951

destination interface Gi7/10

interface GigabitEthernet7/10

description ** VOICE RECORDING PORT **

switchport

speed 1000

duplex full

end

DISTRIBUTION SW 02 -

Vlan 951

name RSPAN_VLAN_951

remote-span

!

spanning-tree vlan 951 priority 16384

interface Port-channel1

switchport trunk allowed vlan add 951

monitor session 1 type rspan-source

source vlan 32 , 34 , 36

destination remote vlan 951

!

we're currently running - disk1:/s72033-ipservices_wan-mz.122-33.SXH4.bin

Many thanks in advance and thanks for reading my post –

Andy