Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
2069
Views
0
Helpful
7
Replies

RSPAN over QinQ link

Konstantin Dunaev
Level 4
Level 4

‎09-06-2011 02:14 AM - edited ‎03-07-2019 02:03 AM

    Hi all,

I started the discussion there https://supportforums.cisco.com/message/3429008  but I think I faced another problem with RSPAN:

I've build a small test lab with 3 C3550 connected in a line, the middle c3550 is configurd as a QinQ "service Provider" switch and I could reconstruct the

error.

c3550-CE1(F0/48) <----> (F0/47) c3550-PE(F0/48)  <----> (F0/48) c3550-CE2.

Interfaces on c3550-PE is configures as following:

interface FastEthernet0/47 - 48
 switchport access vlan 222
 switchport mode dot1q-tunnel
 l2protocol-tunnel cdp
 l2protocol-tunnel stp
 no cdp enable

I've configured VLAN interface on c3550-CE1 and c3550-CE2 and can reach both sides.

Then I start the RSPAN destination session on c3550-CE1. the source RSPAN session is on c3550-CE2 and I'm trying to monitor the F0/48 on it. After 10 seconds (default keepalive timeout) goes interface (F0/48) on the  c3550-PE in "err-disable" and the connection is completly DOWN of cource. If I say "no keepalive" on both interfaces on c3550-PE then I get messages "%SW_MATM-4-MACFLAP_NOTIF: Host <MAC of c3550-CE1> in vlan 222 is flapping between port Fa0/47 and port Fa0/48" and the connection is of course not really stable.

The question is, Does it possible to use the RAPSN over QinQ link? How should I configure the RSPAN-VLAN in order to use it over QinQ link?

Labels:
0 Helpful
7 Replies 7

Fabio Francisco
Level 1
Level 1

‎09-06-2011 02:52 AM

Hey Konstantin,

Have you set up a dedicated vlan for your RSPAN traffic?

Set as source other interfaces other than your trunk interface and set the destination to your RSPAN vlan that you created previously.

Connect a computer to an interface on CE1 that is part of your RSPAN vlan.

HTH

Cheers,

Fabio

0 Helpful

Konstantin Dunaev
Level 4
Level 4
In response to Fabio Francisco

‎09-06-2011 03:12 AM

Hi Fabio,

sure I've configured the dedicated "remote-span" vlan on both CE's.

If I use other interface then a trunk on c3550-CE2 then I can ping both switches in each direction, but I can't see that traffic on the monitor port.

If I use a normal Trunk on the c3550-PE without a QinQ configuration, then RSPAN session works perfect and exactly how  it suppose to, doesn't meter which interface I'm monitoring.

it's not allowed to connect a PC to an interface with REMOTE-SPAN access vlan upon, port goes in "inactive" status, but the PC is connected on c3550-CE1 to a RSPAN destination interface and I can see the monitored traffic.

0 Helpful

Fabio Francisco
Level 1
Level 1
In response to Konstantin Dunaev

‎09-06-2011 04:15 AM

Hey Konstantin,

Can you please share the config of CE1 and CE2? 

Hmm it looks like that your 802.1q tunneling might be the problem.... I'm not good at MPLS but perhaps if you also post your PE config someone might jump in and spot the problem....

Cheers,

Fabio

0 Helpful

Konstantin Dunaev
Level 4
Level 4
In response to Fabio Francisco

‎09-06-2011 04:25 AM

the config is very simple:

c3550-CE1

vlan internal allocation policy ascending
vlan dot1q tag native 
!
vlan 101-104 
!
vlan 777
 remote-span
!
vlan 999 
..
!
interface FastEthernet0/47
 switchport access vlan 999
 switchport mode dynamic desirable
!
interface FastEthernet0/48
 switchport access vlan 999
 switchport trunk encapsulation dot1q
 switchport trunk allowed vlan 102,104,777
 switchport mode trunk
!
monitor session 1 destination interface Fa0/47
monitor session 1 source remote vlan 777

and c3550-CE2 has the same config except:

monitor session 1 source interface Fa0/48
monitor session 1 destination remote vlan 777 reflector-port Fa0/47

I saw some older topics about similuar problems but there was no solution.

I hope that some TAC people are monitoring the community and may be they have an idea why QinQ doesn't let RSPAN to work correctly.

0 Helpful

Konstantin Dunaev
Level 4
Level 4

‎09-06-2011 06:04 AM

Hi,

it seems that it's a really known bug or limitation 

http://tools.cisco.com/Support/BugToolKit/search/getBugDetails.do?method=fetchBugDetails&bugId=CSCdy18723

RSPAN can't be used over Provider owned QinQ network.

0 Helpful

Fabio Francisco
Level 1
Level 1

‎09-06-2011 03:54 PM

Hey Konstantin,

Can't you deploy a management server to the site of your CE2? In my humble opnion it's actually better to keep the monitoring traffic local so it does not compete even temporarily with your WAN traffic....

Cheers,

Fabio

0 Helpful

Konstantin Dunaev
Level 4
Level 4
In response to Fabio Francisco

‎09-06-2011 11:55 PM

Hi Fabio,

in this particular case I can connect a PC directly at CE2 switch,   but normaly we don't have at each site (20 PoPs) a server and it's not really possible to get one because we just become a port and a place for a couple of switches.

But anyway, it was nice to hear from you., thank you.

Konstantin

0 Helpful
Customers Also Viewed These Support Documents