Remote SPAN enables the source and destination ports to be configured on separate switches. The duplicated network traffic is placed on the RSPAN VLAN, which is solely for SPAN traffic. The RSPAN VLAN is trunked between switches, allowing the RSPAN session traffic to traverse multiple switches. A switch with Remote SPAN VLAN works differently than a regular switch, wherein:
- The switch won’t attempt to use the port linked to the RSPAN VLAN to transfer data to the end host since MAC addresses aren’t learned on these ports. Therefore, the normal forwarding path is retained.
- All RSPAN VLAN ports are flooded with traffic. It should be associated with trunk ports between the source switch and the destination switch.
RSPAN sessions capture traffic similarly to local SPAN sessions. However, more traffic goes through the trunk link, potentially starving normal network traffic. In addition, STP will also run on the trunk link, so the STP BPDUswill not be filtered because it would establish a forwarding loop.
RSPAN Configuration
For example, using the topology below, the traffic from Switch1’s Gig0/0/1 interface will be forwarded to Gig0/0/1 on Switch2.
For the configuration, first, a VLAN is created and then designated as an RSPAN VLAN using the ‘remote-span’ command. The RSPAN session VLAN must be the same on all switches.
Switch1(config)#vlan 50 Switch1(config-vlan)#remote-span
Switch2(config)#vlan 50 Switch2(config-vlan)#remote-span
Next, configure the ports between the two switches as trunk ports.
Switch1(config)#interface gig0/0/0 Switch1(config-if)#switchport trunk encapsulation dot1q Switch1(config-if)#switchport mode trunk
Switch2(config)#interface gig0/0/0 Switch2(config-if)#switchport trunk encapsulation dot1q Switch2(config-if)#switchport mode trunk
Now, configure the source switch, Switch1. Interface gig0/0/1 will be the source port, and VLAN 50 will be the destination.
Switch1(config)#monitor session 1 source interface gig0/0/1 Switch1(config)#monitor session 1 destination remote vlan 50
On Switch2, VLAN 50 will be the source, and the SPAN port gig0/0/1 will be the destination port.
Switch2(config)#monitor session 1 source remote vlan 50 Switch2(config)#monitor session 1 destination interface gig0/0/1
The ‘show monitor session’ command is used for verification:
Switch1#show monitor session remote Session 1 --------- Type: Remote Source Session Source Ports : Both: gig0/0/1 Dest RSPAN VLAN: 50
Switch2#show monitor session 1 Session 1 --------- Type: Remote Destination Session Source RSPAN VLAN: 50 Destination Ports: gig0/0/1 Encapsulation: Native Ingress: Disabled
Download our Free CCNA Study Guide PDF for complete notes on all the CCNA 200-301 exam topics in one book.
We recommend the Cisco CCNA Gold Bootcamp as your main CCNA training course. It’s the highest rated Cisco course online with an average rating of 4.8 from over 30,000 public reviews and is the gold standard in CCNA training:
