Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. And see here for current known issues.

New Member

Monitor traffic on a switch?

Hi, not sure if this is possible, but I'm getting a Cisco ASA 5520 Firewall. I will use one of the ports on the 5520 for my DMZ's and trunk it to a port on a switch for VLAN tagging.

Anyway I love the feature on router - "ip route-cache flow" it shows the source and destination of the traffic. I have yet to buy a switch for my VLAN's for the DMZ's, I really would like to monitor the traffic going through the ports/VLANS, so if a users says something is slow I can look on the switch ans say it's IP 1.2.3.4 going to 4.3.2.1 or port causing the problem. Is there a catalyst switch that can do this for me?

12 REPLIES
New Member

Re: Monitor traffic on a switch?

you can use a few different methods. But the easyest one is Switched Port Analyzer (SPAN) feature. here is the link

http://www.cisco.com/univercd/cc/td/doc/product/voice/ics/icsapps/icscra/cra30/icsspan.htm

Regards,

Steve K

Re: Monitor traffic on a switch?

HI, [DO RATE ALL HELPFUL POSTS]

Refer the attachment for Cisco SPAN Configuration.

In SPAN Config, the Source and Destination Port should be on the Same Switch.

Max of 6 SPAN Sessions can be created in a CISCO Switch.

Use Ethereal to capture the Packets during the SPAN Sessions.

DO RATE ALL HELPFUL POSTS.

Best Regards,

Guru Prasad R

New Member

Re: Monitor traffic on a switch?

Hi, can you attach the file again I haven't downloaded it yet.

Thanks

New Member

Re: Monitor traffic on a switch?

Thanks, can it show the bandwidth someone is using too?

Re: Monitor traffic on a switch?

HI, [Pls Rate if HELPS]

SPAN Session + packet capture can be used to verify and validate the traffic source and destination address / port and packet Types.

If you want to validate the Bandwidth used by each User means: Enable "ip accounting" in the Interfaces.

It will be provide the Src, Destn, Bytes transferred, etc.,

Refer link below:

http://www.cisco.com/en/US/docs/ios/12_1/iproute/command/reference/1rdip.html#wp1018815

PLS RATE if HELPS

Best Regards,

Guru Prasad R

New Member

Re: Monitor traffic on a switch?

Would you use Ethereal for you captures, or is there something better, perhaps a web based option?

Also Do I enable ip accounting on the interface of the ASA 5520 or on the port on the VLAN switch eg fast ethernet 0/20?

Re: Monitor traffic on a switch?

HI,

Ethereal is Best and easy.

Enable ip accounting in VLAN Switch fast Eth0/20

I don't know whether ip accounting will work on ASA 5520.

DO RATE all HELPFUL POSTS.

Best Regards,

Guru Prasad R

New Member

Re: Monitor traffic on a switch?

So I use Ethereal to get the info on IP accounting on Fast Eth0/20?

If so do I just span the 0/20 port to a spare port on the switch then put in my laptop with etherreal running?

Re: Monitor traffic on a switch?

HI, [DO Rate all Helpful Posts]

"ip accounting" is something different from SPAN Session configuration.

Pls refer the link provided in my previous POST reg "ip accounting"

Enable SPAN session on the Switch and specify the source and destination port. Then put in your laptop with Ethereal Running.

Do Rate All Helpful POSTS.

Best Regards,

Guru Prasad R

New Member

Re: Monitor traffic on a switch?

I see the the SPAN and IP accounting are separate, I just can't seem to see how I show the IP accounting information, do you have an example of how I would show this and what it might look like?

Re: Monitor traffic on a switch?

HI,

#show ip accounting

Source-

Destination-

Packets-

Bytes-

The above will be displayed in a horizontal manner.

Whereas after SPAN Configuration in switch the results can be arrived only by means of Packet Capture software like ethereal.

Do RATE all HELPFUL POSTS

Best Regards,

Guru Prasad R

New Member

Re: Monitor traffic on a switch?

I don't think my Cisco 3550 Cataylst switch can do "ip accounting" I don't get the option.

229
Views
0
Helpful
12
Replies