Re: VACL

chintan-shah · ‎08-11-2008

Hi,

I'm using VACL to capture the traffic for monitoring purpose.

If I have two 6509 connected to each other and having connectivity to access network and capturing traffic on both 6509 and send Ping echo message from core network i see echo request message captured on both 6509 but reply only from 2nd switch.

Has any body obsevr this kind of behaviour ?

Regards,

Chintan

dominic.caron · ‎08-11-2008

The echo request is probably load balanced by your routing protocol on the two distribution 6509. When the echo-request comes back from the host, the answer only goes to its default gateway. You hare probably using HSRP/VRRP or GLBP.

chintan-shah · ‎08-11-2008

H dominic,

yes, I am using HSRP but i could verify that there was no loadbalance and to simplify setup for troubleshooing I only kept on switch for now

<> -----802.1q(vlan301)<6509>---< CORE IP NETWORK>> ---L3----<

Now I ping VOIP box from remote POP and I capture vlan 301 traffic on interface (trunk interface with switchport capture )where sniffer is connected but I only see echo request on sniffer (i.e. outgoing packets from vlan 301 to VOIP box) but don't see echo reply (incomming from VOIP box towards remote POP)so i belive right now i can only see egress packet no ingress..

Can you please help me to resolve issue ?

Regards

Chintan