I have configured a RSPAN sessión on source and destination switches in this way:
SOURCE SWITCH (2950):
Type : Remote Source Session
Source Ports :
Both : Fa0/9-10
Reflector Port : Fa0/4
Dest RSPAN VLAN : 99
Configuration for reflector port (fa0/4) is:
switchport mode access
switchport port-security maximum 2
switchport port-security aging time 10
switchport port-security violation restrict
switchport port-security aging type inactivity
spanning-tree bpduguard enable
What is really important is that it does not belong to any vlan (only will carry native vlan) and is not in use for anything.
This interface appears as down (it does not have anything connected).
FastEthernet0/4 unassigned YES unset down down
DESTINATION SWITCH (6509):
Type : Remote Destination Session
Source RSPAN VLAN : 99
Destination Ports : Gi1/5
Where configuration for gi1/5 is:
switchport access vlan 99
no ip address
*****I have included it in VLAN 99 as I have read over it that it should have to belong to RSPAN VLAN. Although I have tried at first with no belonging to any VLAN and the result is the same: no traffic from my sources interfaces in the source Switch.
interface gi1/5 appears as down in the protocol:
GigabitEthernet1/5 unassigned YES unset up down
Please, could anybody help me if I am wrong in anything with the configuration?
Thank you in advance.
Excepts from Cisco DOC: As this is one of the mostly which gets missed.
Note As RSPAN VLANs have special properties, you should reserve a few VLANs across your network for use as RSPAN VLANs; do not assign access ports to these VLANs.
•RSPAN sessions can coexist with SPAN sessions within the limits described in the "SPAN and RSPAN Session Limits" section.
•If traffic for a port is monitored in one direction, you can use Catalyst 2950 or 2955 switches as source, intermediate, or destination switches.
•If traffic for a port is monitored in both directions, make sure that the intermediate switches and the destination switch are switches other than Catalyst 2950 or 2955 switches, such as Catalyst 3550, 3750, or 6000 switches.
•For RSPAN configuration, you can distribute the source ports and the destination ports across multiple switches in your network.
•A port cannot serve as an RSPAN source port or RSPAN destination port while designated as an RSPAN reflector port.
•When you configure a switch port as a reflector port, it is no longer a normal switch port; only looped-back traffic passes through the reflector port.
•RSPAN does not support BPDU packet monitoring or other Layer 2 switch protocols.
•In a network consisting of only Catalyst 2950 or Catalyst 2955 switches, you must use a unique RSPAN VLAN session on each source switch. If more than one source switch uses the same RSPAN VLAN, the switches are limited to act only as source switches to ensure the delivery of all monitored traffic to the destination switch.
•You can configure any VLAN as an RSPAN VLAN as long as these conditions are met:
–The RSPAN VLAN is not configured as a native VLAN.
–Extended range RSPAN VLANs will not be propagated to other switches using VTP.
–No access port is configured in the RSPAN VLAN.
–All participating switches support RSPAN.
Note The RSPAN VLAN cannot be VLAN 1 (the default VLAN) or VLAN IDs 1002 through 1005 (reserved to Token Ring and FDDI VLANs).
•You should create an RSPAN VLAN before configuring an RSPAN source or destination session.
•If you enable VTP and VTP pruning, RSPAN traffic is pruned in the trunks to prevent the unwanted flooding of RSPAN traffic across the network for VLAN-IDs that are lower than 1005.
Thank you very much for your answer but I think this does not work because I have followed tips and I think I am right with my configuration. Anyway, I have configured the monitoring in source ports only for transmission in any case the problem were it wouldn't permit both traffic (tx and rx).
Also I have configured my destination port on dest SW with no VLAN (it belongs to native, VLAN1), as it says RSPAN shouldn't have any access port.
Well, I will tell you.
Anyway thank you very much. I have not been able to answer you before but I am very grateful to you.
Hi Smitesh Kharecha,
Finally there was no change with only tx monitoring in source ports, neither with destination port not belonging to RSPAN VLAN.
So, I have to resign on this issue. I think I can't get the monitoring as I wanted.
I think Cisco should have this problem identified. My switches were:
with no other intermediate switch.
Thank you anyway.
No, adellight, I can't monitor traffic from source 2950 to dest 6509, but I don't worry about it. I have accepted it as a possible bug or something like that.
I have considered this not a problem of configuration but a problem with switches capabilities, nothing else.
If you find any problem on my conf, please, tell me. If not, never mind.