Cisco Systems WSC2960X48TSL, WSC2960X24TDL manual Source VLANs, VLAN Filtering, Destination Port

Configuring SPAN and RSPAN

SPAN and RSPAN

•Source ports can be in the same or different VLANs.

•You can monitor multiple source ports in a single session.

Source VLANs

VLAN-based SPAN (VSPAN) is the monitoring of the network traffic in one or more VLANs. The SPAN or RSPAN source interface in VSPAN is a VLAN ID, and traffic is monitored on all the ports for that VLAN.

VSPAN has these characteristics:

•All active ports in the source VLAN are included as source ports and can be monitored in either or both directions.

•On a given port, only traffic on the monitored VLAN is sent to the destination port.

•If a destination port belongs to a source VLAN, it is excluded from the source list and is not monitored.

•If ports are added to or removed from the source VLANs, the traffic on the source VLAN received by those ports is added to or removed from the sources being monitored.

•You cannot use filter VLANs in the same session with VLAN sources.

•You can monitor only Ethernet VLANs.

VLAN Filtering

When you monitor a trunk port as a source port, by default, all VLANs active on the trunk are monitored. You can limit SPAN traffic monitoring on trunk source ports to specific VLANs by using VLAN filtering.

•VLAN filtering applies only to trunk ports or to voice VLAN ports.

•VLAN filtering applies only to port-based sessions and is not allowed in sessions with VLAN sources.

•When a VLAN filter list is specified, only those VLANs in the list are monitored on trunk ports or on voice VLAN access ports.

•SPAN traffic coming from other port types is not affected by VLAN filtering; that is, all VLANs are allowed on other ports.

•VLAN filtering affects only traffic forwarded to the destination SPAN port and does not affect the switching of normal traffic.

Destination Port

Each local SPAN session or RSPAN destination session must have a destination port (also called a monitoring port) that receives a copy of traffic from the source ports or VLANs and sends the SPAN packets to the user, usually a network analyzer.

A destination port has these characteristics:

•For a local SPAN session, the destination port must reside on the same switch or switch stack as the source port. For an RSPAN session, it is located on the switch containing the RSPAN destination session. There is no destination port on a switch or switch stack running only an RSPAN source session.

•When a port is configured as a SPAN destination port, the configuration overwrites the original port configuration. When the SPAN destination configuration is removed, the port reverts to its previous

Catalyst 2960-X Switch Network Management Configuration Guide, Cisco IOS Release 15.0(2)EX