Chapter 66
Configuring SPAN and RSPAN
Destination Port
Each local SPAN session or RSPAN destination session must have a destination port (also called a
monitoring port) that receives a copy of traffic from the source ports and VLANs.
A destination port has these characteristics:
•
•
•
•
•
•
•
•
•
•
•
•
VLAN-Based SPAN
VLAN-based SPAN (VSPAN) is the monitoring of the network traffic in one or more VLANs.
Use these guidelines for VSPAN sessions:
•
•
•
•
•
A destination port must reside on the same switch as the source port (for a local SPAN session).
A destination port can be any Ethernet physical port.
A destination port can participate in only one SPAN session at a time. (A destination port in one
SPAN session cannot be a destination port for a second SPAN session.)
A destination port cannot be a source port.
A destination port cannot be an EtherChannel group.
A destination port can be a physical port that is assigned to an EtherChannel group, even if the
EtherChannel group has been specified as a SPAN source. The port is removed from the group while
it is configured as a SPAN destination port.
The port does not transmit any traffic except that traffic required for the SPAN session unless
learning is enabled. If learning is enabled, the port also transmits traffic directed to hosts that have
been learned on the destination port.
If ingress traffic forwarding is enabled for a network security device, the destination port forwards
traffic at Layer 2.
A destination port does not participate in spanning tree while the SPAN session is active.
When it is a destination port, it does not participate in any of the Layer 2 protocols (STP, VTP, CDP,
DTP, PagP).
A destination port that belongs to a source VLAN of any SPAN session is excluded from the source
list and is not monitored.
A destination port receives copies of sent and received traffic for all monitored source ports. If a
destination port is oversubscribed, it could become congested and result in packet drops at the
destination port. This congestion does not affect traffic forwarding on the source ports.
Traffic on RSPAN VLANs is not monitored by VLAN-based SPAN sessions.
Only traffic on the monitored VLAN is sent to the destination port.
If a destination port belongs to a source VLAN, it is excluded from the source list and is not
monitored.
If ports are added to or removed from the source VLANs, the traffic on the source VLAN received
by those ports is added to or removed from the sources being monitored.
VLAN pruning and the VLAN allowed list have no effect on SPAN monitoring.
Catalyst 4500 Series Switch, Cisco IOS Software Configuration Guide - Cisco IOS XE 3.9.xE and IOS 15.2(5)Ex
About SPAN and RSPAN
66-5