debug command vs. packet analyzers

Unanswered Question
Nov 7th, 2008
User Badges:
  • Bronze, 100 points or more

Hello fellow Ciscolytes


In studying for my BSCI exam (and enhancing my knetwork knowledge in general), do I want to spring up to $300 for a packet analyzer on the eBay?


The very specific thing I'm trying to observe is the AS_PATH attribute in action on a BGP setup. I'm trying to learn about when we see the AS_PATH attribute versus the AS_SET attribute, especially when we have confederations set up.


I don't think confeds are actually in the BSCI curriculum, but I want to be a BGP genius.


Is there any BGP knowledge to be gained from using a packet analyzer, or are there debug commands that will give me what I want?


Thanks.


  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
Loading.
Jon Marshall Fri, 11/07/2008 - 15:28
User Badges:
  • Super Blue, 32500 points or more
  • Hall of Fame,

    Founding Member

  • Cisco Designated VIP,

    2017 LAN, WAN

Seth


Would a possible compromise be to use something like a packet sniffer and span out a port off a switch. A packet sniffer like wireshark is free and will run on windows and linux.


Jon

Richard Burts Sat, 11/08/2008 - 08:52
User Badges:
  • Super Silver, 17500 points or more
  • Hall of Fame,

    Founding Member

  • Cisco Designated VIP,

    2017 LAN, WAN

Seth


While debug commands can tell many helpful things about what is going on there most certainly are things that you would see with a packet analyzer that you would not see in debug output.


I am not sure what you are looking at for $300 on eBay (it might be a good thing) but I agree with the suggestion from Jon that wireshark is free and does an excellent job as a packet analyzer.


HTH


Rick

CriscoSystems Mon, 11/10/2008 - 10:54
User Badges:
  • Bronze, 100 points or more

OK thanks guys, I will check out this wireshark racket.


(I just install it on a PC and plug the PC into an Ethernet segment, or what?)


pkaretnikov Mon, 11/10/2008 - 11:39
User Badges:

You run it on your PC, span a port on your switch to your PC port and watch the results. You will get cleaner results if you turn off any dynamic service on your PC port such as VTP, DTP, and CDP.


In Wireshark you can also filter your results if there is too much garbage to sort through although in a lab I doubt you will need to do that.


happy sniffing


Paul

Actions

This Discussion