From: Ian Stong (istong@stong.org)
Date: Fri Oct 22 2004 - 21:17:58 GMT-3
Does that apply to span port traffic as well? I.E. if I use a 3550 and
setup a span port to monitor traffic for IDS, DOS, etc - are there
potentially packets it won't see? I suppose it depends on whether the
switch is configures as strictly L2 or as L2/L3 as well???
Ian
www.ccie4u.com
-----Original Message-----
From: nobody@groupstudy.com [mailto:nobody@groupstudy.com] On Behalf Of
James
Sent: Friday, October 22, 2004 8:07 PM
To: ccie2be
Cc: P729; Anthony Pace; ccielab@groupstudy.com
Subject: Re: DEBUG IP Packet on a CAT-3550????
On Fri, Oct 22, 2004 at 07:57:40PM -0400, ccie2be wrote:
> Hey Mas,
>
> As you can see from the debug output below, I'm not seeing any ip unicast
> traffic, but should I expect the debug command to work the same way on a
> 3550 as a regular router?
Hi Tim,
Unfortunately, not necessarily. The 3550 will only show process switched
packets (mostly),
which are either locally generated packets or packets arriving into the
receive adjacency
queue for processing by the CPU (in other words, locally destined packets).
Transit packets are ASIC-forwarded (CEF), and 3550 has the tradition of not
keeping checks
and balances of what it moves at layer3 level, when things are hardware
forwarded.
HTH,
-J
-- James Jun TowardEX Technologies, Inc. Technical Lead Network Design, Consulting, IT Outsourcing james@towardex.com Boston-based Colocation & Bandwidth Services cell: 1(978)-394-2867 web: http://www.towardex.com , noc: www.twdx.net
This archive was generated by hypermail 2.1.4 : Sat Nov 06 2004 - 17:11:51 GMT-3