Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements
Webcast-Catalyst9k
New Member

Traffic filtering

Hi,

I wonder if someone can please help.

A customer has two Layer2 switch's trunked to each other, and is requesting what conversations are flowing between the two switches. There is a total of 10 Vlans on each switch. They need a permanent setup to check the dataflow. We don't really want to leave a sniffer running on one of the switch's SPANning the Trunk port. Is there another way we can see source/destination IPs such as VACL's. One of the switches is a 4948.

2 REPLIES
Silver

Re: Traffic filtering

Higher end switches support NetFlow accounting.

Sniffer software such as Etherreal has powerfull capabilities and are able to filter packets based on protcol type, source/destination and TCP/UDP ports. If you don't want to capture ALL traffic try to start by capturing subnet attached to VLAN 1, and do the same for the consecutive VLANs.

Bronze

Re: Traffic filtering

What would be the likely purpose of capturing all data / traffic originating from all ports? If it is something related to traffic shaping or predicting traffic flows over a period of time based on the models that are garnered, I think NBAR would suffice very nicely.

112
Views
0
Helpful
2
Replies
CreatePlease to create content