From: Sergey Golovanov (sergey.golovanov@iementor.com)
Date: Thu Jan 25 2007 - 03:04:23 ART
Applying any kind of packet tracking to the actual loopback won't do anything, because the actual traffic is terminated on the physical interface, eventhough you used Loopback's IP when telneting to the router. You can try PBR to force traffic to route to the loobpack, but i doubt it will help.
You have to do it on the physical interface that is facing the source of the telnet. You have three choices:
ip accounting output-packets - this info is very limited and it only tracks traffic leaving the interface (not received on the interface), it doesn't show you TCP/UDP port info
"show ip accounting"
ip route-cache flow - this shows you a lot of info about each src/dst pair, ip protocol, port numbers, number of packets/bytes, etc.
"show ip cache flow"
ip nbar protocol-discovery - this shows you breakdown of Input/Output for each TCP/UDP protocol that NBAR supports (check port numbers with "show ip nbar port-map")
"show ip nbar protocol-discovery"
--------------------------------------------------------------------
Sergey Golovanov, CCIEx5 (R&S/Security/Voice/Service Provider/Storage)
"Please, don't ask me for my ccie #, there are reasons why I can't release it"
ieMentor Instructor and Content Developer
sergey.golovanov@iementor.com
http://www.iementor.com
> -------Original Message-------
> From: mariam.tatevik@yahoo.com
> Subject: ip accounting
> Sent: Jan 24 '07 11:15
>
> looking for a solution for a simple task
>
> a router has
> !
> int loop123
> ip add 123.123.123.123
> !
>
> there is a telnet session to the loopback.
> you should activate & logg the accounting for
> the telnet to the loopback.
>
> _______________________________________________________________________
> Subscription information may be found at:
> http://www.groupstudy.com/list/CCIELab.html
This archive was generated by hypermail 2.1.4 : Thu Feb 08 2007 - 23:46:57 ART