Symptom
When span access-list is used in a span session the packets matching the span access-list is not getting rate-limited through the default hardware rate-limiter span and instead it is hitting the inband directly.
SW01(config-monitor)# sh run monitor
version 7.0(3)I6(1)
monitor session 1
filter access-group span
source interface Ethernet1/5 rx
destination interface sup-eth0
no shut
SW01# sh ip access-lists span
IP access list span
20 permit ip 10.131.62.176/32 192.168.4.2/32
SW01#
SW01# sh vlan access-map
Vlan access-map span 10
match ip: span
action: forward
Vlan access-map span 20
match ip: span
action: forward
SW01(config-acl)# sh hardware rate-limiter span
Module: 1
R-L Class Config Allowed Dropped
Total
+----------------+----------+--------------------+--------------------+--------
------------+
span 50 0 0
0
SW01(config-acl)# sh interf ethernet 1/5 | i rate
30 seconds input rate 2560048 bits/sec, 4999 packets/sec
30 seconds output rate 80 bits/sec, 0 packets/sec
input rate 2.56 Mbps, 5.00 Kpps; output rate 160 bps, 0 pps
SW01(config-acl)#
SW01(config-monitor)# sh hardware internal cpu-mac inband stats | i rate
Rx packet rate (current/peak): 5018 / 6222 pps
Peak rx rate time: 2017-07-11 04:49:02
Tx packet rate (current/peak): 1 / 72 pps
Peak tx rate time: 2017-07-11 04:19:02
SW01(config-monitor)#
Conditions
when span access-list is used in span session
