On 12/11/12 08:55, Robert Williams wrote:
Hi,
I often use rspan sessions to analyse traffic at remote locations but
the capacity between the analyser and the source is less than the
'potential' traffic I could select for analysis. In these cases, I
may be sourcing from a 10GB port and bringing that traffic to a
remote location over another 10GB trunk port.
However, there was other (real) traffic on that trunk port before I
enabled the rspan session, so my additional traffic could now exceed
the 10GB available in total. Causing drops in the non-rspan traffic
as it tries to egress the port along with the mirrored rpsan
traffic.
Thus my question is, how do you rate-limit traffic before it is
placed onto the rspan vlan? Or at least reduce its priority such that
it has no impact at all on all other traffic egressing that port.
I don't know about RSPAN, but ERSPAN lets you set the DSCP. This might
help, but I don't know how the originating device behaves w.r.t. output
congestion. Presumably it does the right thing...
As Roland has suggested, the best solution is "don't do that" i.e. don't
move 10G of SPAN traffic over a 10G production link. Either VACL filter,
use separate links or do something "cleverer" (local analyser box, one
of those fancy sampling tap thingies, pipe SPAN traffic into a switch
with filtering layer2 ACLs & learning disabled before piping it back to
you, etc.).
_______________________________________________
cisco-nsp mailing list [email protected]
https://puck.nether.net/mailman/listinfo/cisco-nsp
archive at http://puck.nether.net/pipermail/cisco-nsp/
