system image file is: bootflash:/n5000-uk126.96.36.199.N2.1.bin
system compile time: 6/13/2011 6:00:00 [06/13/2011 15:33:42]
- I have a linux machine Redhat EL 5.4 64 bits OS running on a Dell R710. The NIC is Intel Pro 1000MT. Eth0 is the management interface while Eth1 is the sniffer interface.
- I setup span port on a Catalyst 3750 and plug Eth1 into the 3750 port F1/0/48 interface with the following setup:
monitor session 1 source interface Fa1/0/27
monitor session 1 destination interface Fa1/0/48
basically I am spanning traffics on port 1/0/27 and mirroring it on port 1/0/48.
From the linux machine, I can run the following: tcpdump -nnni eth1 icmp. I then can see any echo request and echo reply coming and leaving interface f1/0/27 on the linux machine sniffer.
Everything is working fine with Catalyst 3750 ans span port.
Now I do the same thing with the Nexus 5K. I plugged in interface eth1 of the linux machine into the a port on the Nexus 5K and do the same thing as follows:
monitor session 2
source interface Ethernet101/1/28
destination interface Ethernet1/31
I want to watch traffics coming in and out of port 101/1/28 and mirror it to 1/31 where Linux eth1 interface is connected to.
Well, if I run "tcpdump -nnni eth1" I can see ALL traffics coming and leaving interface 101/1/28, but I do NOT want to do that. I only want to see icmp traffics. If I do "tcpdump -nnni eth1 icmp", I am not seeing traffics. However, I can confirm that icmp is hitting interfaces 101/1/28 because if I do "tcpdump -nnni eth1 | grep icmp", I can see icmp traffics. In other words, if I fine tunned filter on the tcpdump like "tcpdump -nnni eth1 port 1521", it does not work even though there are definitely sqlnet traffics hitting interface 101/1/28.
My question is: are there any issues with tcpdump using filter with Nexus 5k switches? In other words, the exact setup works with catalyst 6509 and 3750 but not Nexus.
We are pleased to announce availability of Beta software for 16.6.3.
16.6.3 will be the second rebuild on the 16.6 release train targeted
towards Catalyst 9500/9400/9300/3850/3650 switching platforms. We are
looking for early feedback from customers befor...
Introduction Featured Speakers Luis Espejel is the Telecommunications
Manager of IENova, an Oil & Gas company. Currently he works with Cisco
IOS® and Cisco IOS XE platforms, and NX to some extent. He has also
worked as a Senior Engineer with the Routing P...
In this session you can learn more about Layer 3 multicast and the best
practices to identify possible threats and take security measures. It
provides an overview of basic multicast, the best security practices for
use of this technology, and recommendati...