Packet Capturing
Bookmark this page:
 Yahoo!
 Google
 Windows Live
 del.icio.us
 digg
 Netscape
|
|
||||||||||||||||
|
Posted by Scooty on July 4, 2008, 2:43 am
Please log in for more thread options I want to do some 'sniffing' on my network due to users reporting speed issues on the LAN, I have PRTG installed but I am not seeing anything unusual in the graphs to indicate high utilisation on the LAN I have downloaded and installed Ethereal. On my system of course in a switched network, I am seeing traffic over the wire, but it is only traffic originating or destined for my IP and of course broadcast traffic I remember there was a way on a Cisco switch to set a port that basically acts as a conduit for all traffic that passes over the fabric I want to set a system up to capture all data packets over the network for analysis, if someone could tell me the best way to do this it would be appreciated Scott | ||||||||||||||||
|
Posted by Peter on July 4, 2008, 7:36 am
Please log in for more thread options You are looking for "Port Monitor mode". Its called different things on different platforms but essentually that's what it is. Look under your device specific documenation. Cheers.....................pk. -- Peter from Auckland. | ||||||||||||||||
|
Posted by News Reader on July 4, 2008, 4:00 pm
Please log in for more thread options Scooty wrote:
> Hi all
> I want to do some 'sniffing' on my network due to users reporting > speed issues on the LAN, I have PRTG installed but I am not seeing > anything unusual in the graphs to indicate high utilisation on the LAN > I have downloaded and installed Ethereal. On my system of course in a > switched network, I am seeing traffic over the wire, but it is only > traffic originating or destined for my IP and of course broadcast > traffic > I remember there was a way on a Cisco switch to set a port that > basically acts as a conduit for all traffic that passes over the > fabric > I want to set a system up to capture all data packets over the network > for analysis, if someone could tell me the best way to do this it > would be appreciated > > Scott The following is an example of Switch Port Analyzer (SPAN) on a Cisco 2950T: e.g.: monitor session 1 source interface Fa0/1 monitor session 1 destination interface Fa0/16 encapsulation dot1q In this case I chose an inter-VLAN routing trunk port (Fa0/1) as the SPAN source, and the Fa0/16 port as the SPAN destination. I used "encapsulation dot1q" to preserve the 802.1Q headers, but that's optional. As the other responder stated, you should consult the documentation for your specific platform. Best Regards, News Reader | ||||||||||||||||
| Similar Threads | Posted |
| Packet Capturing | July 4, 2008, 2:43 am |
| %PIX-4-402106: Rec'd packet not an IPSEC packet. | August 25, 2006, 4:06 pm |
| packet of disconnect | August 7, 2005, 10:52 pm |
| Packet fragmentation | April 25, 2006, 3:07 pm |
| pix 7.21 packet-tracer | July 7, 2006, 6:53 am |
| Packet fragmentation | July 27, 2006, 3:28 pm |
| debug ip packet | September 1, 2006, 7:56 pm |
| Packet Capture | November 15, 2006, 7:39 am |
| Packet grabs | April 9, 2007, 9:46 am |
| 50% packet loss ? | February 25, 2008, 1:00 pm |
| help: Packet over SONET sdh problem | January 3, 2006, 12:40 pm |
| some commands about loss packet | February 13, 2006, 8:33 am |
| WAN packet loss/latency | April 24, 2006, 9:23 pm |
| per-packet load balancing | July 20, 2006, 9:39 pm |
| Eigrp update packet | November 26, 2005, 4:59 am |
> speed issues on the LAN, I have PRTG installed but I am not seeing
> anything unusual in the graphs to indicate high utilisation on the LAN
> I have downloaded and installed Ethereal. On my system of course in a
> switched network, I am seeing traffic over the wire, but it is only
> traffic originating or destined for my IP and of course broadcast
> traffic