Interface Configuration
82
Instruction Manual - NXA-ENET8-POE+
Configuring Remote Port Mirroring
Use the Interface > RSPAN page to mirror traffic from remote switches for analysis at a destination port on the local switch. This
feature, also called Remote Switched Port Analyzer (RSPAN), carries traffic generated on the specified source ports for each
session over a user-specified VLAN dedicated to that RSPAN session in all participating switches. Monitored traffic from one or
more sources is copied onto the RSPAN VLAN through IEEE 802.1Q trunk or hybrid ports that carry it to any RSPAN destination
port monitoring the RSPAN VLAN as shown in the figure below.
Command Usage
Traffic can be mirrored from one or more source ports to a destination port on the same switch (local port mirroring as
Configuring Local Port Mirroring
section on page 81), or from one or more source ports on remote
switches to a destination port on this switch (remote port mirroring as described in this section).
Configuration Guidelines
Take the following step to configure an RSPAN session:
1.
Use the VLAN Static List (see the
section on page 88) to reserve a VLAN for use by RSPAN (marking
the "Remote VLAN" field on this page. (Default VLAN 1 is prohibited.)
2.
Set up the source switch on the RSPAN configuration page by specifying the mirror session, the switch's role (Source), the
RSPAN VLAN, and the uplink port*. Then specify the source port(s), and the traffic type to monitor (Rx, Tx or Both).
3.
Set up all intermediate switches on the RSPAN configuration page, entering the mirror session, the switch's role
(Intermediate), the RSPAN VLAN, and the uplink port(s).
4.
Set up the destination switch on the RSPAN configuration page by specifying the mirror session, the switch's role
(Destination), the destination port1, whether or not the traffic exiting this port will be tagged or untagged, and the RSPAN
VLAN. Then specify each uplink port where the mirrored traffic is being received.
* - Only 802.1Q trunk or hybrid (i.e., general use) ports can be configured as an RSPAN uplink or destination ports - access ports
are not allowed (see the
Adding Static Members to VLANs
section on page 89 for more information).
RSPAN Limitations
The following limitations apply to the use of RSPAN on this switch:
RSPAN Ports - Only ports can be configured as an RSPAN source, destination, or uplink; static and dynamic trunks are not
allowed. A port can only be configured as one type of RSPAN interface - source, destination, or uplink. Also, note that the
source port and destination port cannot be configured on the same switch.
Local/Remote Mirror - The destination of a local mirror session (created on the Interface > Port > Mirror page) cannot be
used as the destination for RSPAN traffic.
Spanning Tree - If the spanning tree is disabled, BPDUs will not be flooded onto the RSPAN VLAN.
MAC address learning is not supported on RSPAN uplink ports when RSPAN is enabled on the switch. Therefore, even if
spanning tree is enabled after RSPAN has been configured, MAC address learning will still not be re- started on the RSPAN
uplink ports.
IEEE 802.1X - RSPAN and 802.1X are mutually exclusive functions. When 802.1X is enabled globally, RSPAN uplink ports
cannot be configured, even though RSPAN source and destination ports can still be configured. When RSPAN uplink ports
are enabled on the switch, 802.1X cannot be enabled globally.
Port Security - If port security is enabled on any port, that port cannot be set as an RSPAN uplink port, even though it can
still be configured as an RSPAN source or destination port. Also, when a port is configured as an RSPAN uplink port, port
security cannot be enabled on that port.
FIG. 81
Configuring Remote Port Mirroring