Re: DEBUG IP Packet on a CAT-3550????

From: James (james@towardex.com)
Date: Fri Oct 22 2004 - 21:25:12 GMT-3

• Next message: Cisco Net: "Re: Debug ip packet for an interface"
• Previous message: Ian Stong: "RE: DEBUG IP Packet on a CAT-3550????"
• Maybe in reply to: Anthony Pace: "DEBUG IP Packet on a CAT-3550????"
• Next in thread: P729: "Re: DEBUG IP Packet on a CAT-3550????"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

On Fri, Oct 22, 2004 at 08:17:58PM -0400, Ian Stong wrote:
> Does that apply to span port traffic as well? I.E. if I use a 3550 and
> setup a span port to monitor traffic for IDS, DOS, etc - are there
> potentially packets it won't see? I suppose it depends on whether the
> switch is configures as strictly L2 or as L2/L3 as well???

No... AFAIK, span is totally different and lower level of complexity than
layer3 forwarding operations. I'm using a 3550 w/ SPAN monitor right now
in fact, and have no problem with it.

-J

>
>
> Ian
> www.ccie4u.com
>
>
> -----Original Message-----
> From: nobody@groupstudy.com [mailto:nobody@groupstudy.com] On Behalf Of
> James
> Sent: Friday, October 22, 2004 8:07 PM
> To: ccie2be
> Cc: P729; Anthony Pace; ccielab@groupstudy.com
> Subject: Re: DEBUG IP Packet on a CAT-3550????
>
> On Fri, Oct 22, 2004 at 07:57:40PM -0400, ccie2be wrote:
> > Hey Mas,
> >
> > As you can see from the debug output below, I'm not seeing any ip unicast
> > traffic, but should I expect the debug command to work the same way on a
> > 3550 as a regular router?
>
> Hi Tim,
>
> Unfortunately, not necessarily. The 3550 will only show process switched
> packets (mostly),
> which are either locally generated packets or packets arriving into the
> receive adjacency
> queue for processing by the CPU (in other words, locally destined packets).
>
> Transit packets are ASIC-forwarded (CEF), and 3550 has the tradition of not
> keeping checks
> and balances of what it moves at layer3 level, when things are hardware
> forwarded.
>
> HTH,
> -J
>
> --
> James Jun TowardEX Technologies,
> Inc.
> Technical Lead Network Design, Consulting, IT
> Outsourcing
> james@towardex.com Boston-based Colocation & Bandwidth
> Services
> cell: 1(978)-394-2867 web: http://www.towardex.com , noc:
> www.twdx.net
>
> _______________________________________________________________________
> Subscription information may be found at:
> http://www.groupstudy.com/list/CCIELab.html

-- 
James Jun                                            TowardEX Technologies, Inc.
Technical Lead                        Network Design, Consulting, IT Outsourcing
james@towardex.com                  Boston-based Colocation & Bandwidth Services
cell: 1(978)-394-2867           web: http://www.towardex.com , noc: www.twdx.net

• Next message: Cisco Net: "Re: Debug ip packet for an interface"
• Previous message: Ian Stong: "RE: DEBUG IP Packet on a CAT-3550????"
• Maybe in reply to: Anthony Pace: "DEBUG IP Packet on a CAT-3550????"
• Next in thread: P729: "Re: DEBUG IP Packet on a CAT-3550????"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

This archive was generated by hypermail 2.1.4 : Sat Nov 06 2004 - 17:11:51 GMT-3