VACL question

mp0700077 · ‎10-22-2008

Hi All

I have implemented VACLs in my environment to overcome the limitation of having only 2 span ports on a 6500 series switch. I have used up the availble 2 ports for spannign traffic for some other applications.

I am using VACLs specifically for capturing traffic and forwarding it to a capture port. In my setup what I see is that I am seeing only one way traffic for the vlan that I have setup in my capture. This is different than a span port as on a span port I was seeing traffic to/from vlan or an individual port. Is this by design and if it is, my question is what is it getting someone by seeing one way traffic. It does not make sense to me why anyone would like to see one way traffic....am i missing something.

I would really appreciate if someone can clarify this for me.

Thanks in advance

RK

chintan.shah · ‎10-22-2008

how does your filter list looks like?

Say if you want to monitor traffic from VLAN to VLAN2 both direction, you should have both vlan specified in filter list and also on capture port.

Regards,

Chintan

mp0700077 · ‎10-22-2008

Tx for the reply Chintan. What I want to monitor is all the traffic to/from the internet to our users PCs. I have the FW connected to vlan 200 and user PCs are on vlan 10,20,30 and so on. I have the filter applied to vlan 200. If I apply the vlan filter as vlan 200,10,20,30....I would see the traffic between vlans 10,20 and 30 and that is going to skew my statistics. I am only interested to know the traffic coming in and out of vlan 200.

Let me know if I can do this via VACL.

Tx

RK