Configuring SPAN and RSPAN

Restrictions for SPAN and RSPAN

SPAN sessions do not interfere with the normal operation of the switch. However, an oversubscribed SPAN destination, for example, a 10-Mb/s port monitoring a 100-Mb/s port, can result in dropped or lost packets.

When SPAN or RSPAN is enabled, each packet being monitored is sent twice, once as normal traffic and once as a monitored packet. Monitoring a large number of ports or VLANs could potentially generate large amounts of network traffic.

You can configure SPAN sessions on disabled ports; however, a SPAN session does not become active unless you enable the destination port and at least one source port or VLAN for that session.

The switch does not support a combination of local SPAN and RSPAN in a single session.

An RSPAN source session cannot have a local destination port.

An RSPAN destination session cannot have a local source port.

An RSPAN destination session and an RSPAN source session that are using the same RSPAN VLAN cannot run on the same switch or switch stack.

RSPAN

The restrictions for RSPAN are as follows:

RSPAN does not support BPDU packet monitoring or other Layer 2 switch protocols.

The RSPAN VLAN is configured only on trunk ports and not on access ports. To avoid unwanted traffic in RSPAN VLANs, make sure that the VLAN remote-span feature is supported in all the participating switches.

RSPAN VLANs are included as sources for port-based RSPAN sessions when source trunk ports have active RSPAN VLANs. RSPAN VLANs can also be sources in SPAN sessions. However, since the switch does not monitor spanned traffic, it does not support egress spanning of packets on any RSPAN VLAN identified as the destination of an RSPAN source session on the switch.

If you enable VTP and VTP pruning, RSPAN traffic is pruned in the trunks to prevent the unwanted flooding of RSPAN traffic across the network for VLAN IDs that are lower than 1005.

Flow-Based SPAN (FSPAN) and Flow-Based RSPAN (FRSPAN)

The restrictions for flow-based SPAN (FSPAN) and flow-based RSPAN (FRSPAN) are as follows:

You can attach ACLs to only one SPAN or RSPAN session at a time.

When no FSPAN ACLs are attached, FSPAN is disabled, and all traffic is copied to the SPAN destination ports.

When you attach an empty FSPAN ACL to a SPAN session, it does not filter packets, and all traffic is monitored.

FSPAN ACLs cannot be applied to per-port-per-VLAN sessions. You can configure per-port-per-VLAN sessions by first configuring a port-based session and then configuring specific VLANs to the session. For example:

Switch(config)# monitor session session_number source interface interface-idSwitch(config)# monitor session session_number filter vlan vlan-id

Switch(config)# monitor session session_number filter ip access-group {access-list-number

Catalyst 2960-X Switch Network Management Configuration Guide, Cisco IOS Release 15.0(2)EX

OL-29044-01

67

Page 78 Page 80
Page 79
Image 79
Cisco Systems WSC2960X24PSL, WSC2960X24TDL, WSC2960X48TSL, WSC2960X24TSLL Flow-Based Span Fspan and Flow-Based Rspan Frspan
Page 78 Page 80

WSC2960X24TSL, C2960XSTACK, WSC2960X24PDL, WSC2960X24TSLL, WSC2960X24PSL specifications

Cisco Systems has long been a leader in networking technology, and its range of switching products exemplifies its commitment to high performance and reliability. Among its popular offerings are the Catalyst 2960-X and 2960-XR series switches, including models like WSC2960X48TSL, WSC2960XR48FPDI, WSC2960XR24TDI, and WSC2960XR48LPDI. These switches are designed to deliver efficient Layer 2 and Layer 3 capabilities, making them ideal for enterprise and small to medium-sized business networks.

The WSC2960X48TSL model boasts 48 Ethernet ports, providing ample connectivity for various devices. It supports Power over Ethernet (PoE), making it suitable for powering IP cameras, wireless access points, and VoIP phones. The switch also features Cisco’s Smart Operations technology, which simplifies network management and enhances user experience through automated features such as Cisco Auto Smartports and Auto QoS.

Turning to the WSC2960XR48FPDI, this version also features 48 ports but with enhanced redundancy and power capabilities, making it suitable for critical applications where uptime is paramount. This switch offers dual power supply options, ensuring that even in the event of a power failure, network operations continue seamlessly. Its Flexible NetFlow feature enables enhanced visibility and monitoring of traffic, allowing businesses to optimize their bandwidth usage and troubleshoot issues more efficiently.

The WSC2960XR24TDI model, with its 24 ports, is perfectly designed for networks with fewer devices yet still demands robust performance. It also includes advanced security features, such as IEEE 802.1X port-based authentication, enhancing the protection of sensitive data and communications within the network.

Lastly, the WSC2960XR48LPDI model is tailored for environments that require high availability and robust performance, featuring 48 ports along with Layer 3 static routing capabilities. With its support for IPv6 and advanced QoS features, this switch is prepared for the future of networking, accommodating the increasing demand for bandwidth and reliable connectivity.

All these switches utilize Cisco IOS software, providing a familiar interface for network administrators. They also incorporate advanced troubleshooting tools, like Cisco Prime, which facilitate effective network management. Collectively, the WSC2960 series switches represent a comprehensive solution for businesses seeking dependable, scalable, and manageable networking options. With their combination of performance, features, and reliability, these Cisco switches are essential for meeting the demands of modern networking.
Top Page Image Contents