[c-nsp] rate-limit rspan (6500/sup-720)
Phil Mayers
p.mayers at imperial.ac.uk
Mon Nov 12 07:40:54 EST 2012
On 12/11/12 08:55, Robert Williams wrote:
> Hi,
>
> I often use rspan sessions to analyse traffic at remote locations but
> the capacity between the analyser and the source is less than the
> 'potential' traffic I could select for analysis. In these cases, I
> may be sourcing from a 10GB port and bringing that traffic to a
> remote location over another 10GB trunk port.
>
> However, there was other (real) traffic on that trunk port before I
> enabled the rspan session, so my additional traffic could now exceed
> the 10GB available in total. Causing drops in the non-rspan traffic
> as it tries to egress the port along with the mirrored rpsan
> traffic.
>
> Thus my question is, how do you rate-limit traffic before it is
> placed onto the rspan vlan? Or at least reduce its priority such that
> it has no impact at all on all other traffic egressing that port.
I don't know about RSPAN, but ERSPAN lets you set the DSCP. This might
help, but I don't know how the originating device behaves w.r.t. output
congestion. Presumably it does the right thing...
As Roland has suggested, the best solution is "don't do that" i.e. don't
move 10G of SPAN traffic over a 10G production link. Either VACL filter,
use separate links or do something "cleverer" (local analyser box, one
of those fancy sampling tap thingies, pipe SPAN traffic into a switch
with filtering layer2 ACLs & learning disabled before piping it back to
you, etc.).
More information about the cisco-nsp
mailing list