These are 3750s. The reflector port isn't required to be configured on these or 3560s, it's an older hardware requirement.
On Thu, Jul 26, 2012 at 4:17 AM, Eugene Pefti <[email protected]>wrote: > What are your switches, Ben.**** > > As far as I remember if it 3550 you have to use a reflector port when you > define the SPAN session.**** > > ** ** > > *From:* [email protected] [mailto: > [email protected]] *On Behalf Of *Ben Shaw > *Sent:* Wednesday, July 25, 2012 3:20 AM > *To:* [email protected] > *Subject:* [OSL | CCIE_Security] RSPAN with SPAN**** > > ** ** > > Hi All > > I am doing question 4.6 in INE WB1 on IPS and have found and issue with > tagging of traffic on the destination SPAN port. Here is my configuration: > > SW1#sh run | i monit > monitor session 12 source vlan 12 > monitor session 12 destination remote vlan 400 > SW1#sh monitor session 2 > No SPAN configuration is present in the system for session [2]. > > SW1#sh monitor session 12 > Session 12 > ---------- > Type : Remote Source Session > Source VLANs : > Both : 12 > Dest RSPAN VLAN : 400 > > > SW2#sh run | i monit > monitor session 34 source vlan 34 , 400 > monitor session 34 destination interface Gi1/0/10 encapsulation replicate > SW2#sho mon ses 34 > Session 34 > ---------- > Type : Local Session > Source VLANs : > Both : 34,400 > Destination Ports : Gi1/0/10 > Encapsulation : Replicate > Ingress : Disabled > > The issue I am having is that SW2 is not tagging one of the source SPAN > VLANs correctly. What I am finding is that traffic from SW1 which is being > sent to SW2 as an RSPAN session on VLAN 400 is being tagged correctly and > is therefor being picked up correctly on the IPS VLAN Group interface which > is listening for VLAN 400 off interface Gig1/0/10. The traffic from source > VLAN 34 on SW2 is being sent untagged out the SPAN port and being seen on > the IPS as VLAN 0 so it not being picked up by the second VLAN Group > interface which is listening on VLAN 34. I can tell this as after I create > a third VLAN Group interface on the IPS for unassigned traffic, the SPAN > traffic from VLAN 34 is collected by this third VLAN Group interface and I > can see in the logs it has an VLAN of 0. > > The issue to me seems to be the switch not tagging VLAN 34 correctly > before sending it out interface Gig1/0/10. I have tried the following > version of the "monitor session 34" command on SW2 but with the same result. > > SW2(config)#monitor session 34 destination interface gig1/0/10 > encapsulation dot1q > % Warning: One or more specified dest port does not support requested > encapsulation. > > Interesting I get the error above when I apply this command but the > command still seems to stay in the configuration. > > I am trying to do this on 3750 switches which I know are not used on the > lab but I wanted to see if maybe I am just missing something. > > Thanks > Ben > > **** >
_______________________________________________ For more information regarding industry leading CCIE Lab training, please visit www.ipexpert.com Are you a CCNP or CCIE and looking for a job? Check out www.PlatinumPlacement.com
