Monitoring interface traffic
I'm using a solution to monitor the traffic passing through the interface
SWCORE connecting with my router.
The Linux machine (sniff) has two interfaces (eth0 and eth1)
Etho (manages the machine) connected to the interface to another interface g1/18
(Sniff) connected in g1/27.
Add the following command:
monitor session 2 source interface Gi1/48
monitor session 2 destination interface Gi1/27
But I don't capture nothing.
I show monitor out following:
Session 2
Type : Local Session
Source Ports :
Both : Gi1/48
Destination Ports : Gi1/27
Encapsulation : Native
Ingress : Disabled
Learning : Disabled
Do what doing wrong? Help me??
try this "monitor session 2 source interface Gi1/48 ?"
Doesn't if show an option to span ingoing, outgoing or both traffic directions?
I think you need both
Do you see traffic on the spanport Gi1/27 if you do a "show interface Gi1/27" ?
The counters should go up
The interface Eth0 should be in promiscuous mode to capture the traffic other then for its own mac address or broad/multicast
Cheers,
Michel
Similar Messages
-
Monitoring tunnel interface traffic
We've integrated WLSM with IDSM-2 and want to monitor wireless traffic terminating on tunnel interfaces. Can't find a way to configure SPAN or VACL on IOS 6500 to capture traffic. Any suggestions?
Try this:
http://www.cisco.com/en/US/products/hw/vpndevc/ps4077/products_configuration_guide_chapter09186a0080459221.html -
I moved from 2500 series routers to a switched network using a Catalyst 3750 and 3560 switches over the course of the last year. In my routed network I used MRTG to monitor traffic on my interfaces. In my switched network environment I have not been able to find a free or low cost tool that will monitor VLAN traffic. Any suggestions?
I have the same problem and found these links that provided answers:
http://forums.cacti.net/about29656.html&highlight=
http://www.experts-exchange.com/Hardware/Networking_Hardware/Switches/Q_23738165.html
Vlans on 3560s, 3750s and 3550s do not show stats. The packets are forwarded with the ASIC chips and do not cross the CPU for actual processing. To actually see the traffic you will need to turn off CEF, which decrases the performance significantly (not recommended, see links above). -
How to monitor network traffic on an IP alias?
Does anybody happen to know how I can monitor the traffic on an IP alias on say igb0:1 using iftop or something similar? iftop (pcap, I guess is the issue here) doesn't seem to cope with IP aliases.
CheersAfter fiddling around a bit with this issue I decided that it was time to embrace dladm/ipadm a bit more and exchange these old-style virtual NICs with new ones. So I dumped the old igbx:y VNICs and created new ones by issuing:
dladm create-vnic -l igb0 vnic0
followed by:
ipadm create-ip; ipadm create-addr…
Now, I can monitor these new vnics using if top just fine. -
Dear all,
I am configuring an ASA5520, it is working in multi context mode.
I have try to configure the monitor-interface for a subinterface called Inside_shared, i receive an error on the interface name.
This subinterface is a shared interface.
I am within the context.
Why i can't do that?
Best regards,
Igor.Hi Santi,
No You dont have to put the reflector port in any vlan. Just assign any port as a reflector port and it will not longer be a part of any vlan.
http://www.cisco.com/univercd/cc/td/doc/product/lan/c3550/12225see/scg/swspan.htm#wp1401252
HTH,
-amit singh -
Monitoring Interfaces /Integration Scenario's
Hi,
I got a task of Monitoring integration scenario's.
What are the other option available except: Data at Receiving application, RWB, Integration Engine and J2EE logs
to monitor interfaces.
How to do Error Handling in the case of file2file scenario?.Hi,
There are some good documents available in SDN for XI monitoring, check the following links:
http://help.sap.com/saphelp_nw70/helpdata/EN/06/5d1741b393f26fe10000000a1550b0/frameset.htm
https://www.sdn.sap.com/irj/scn/advancedsearch?query=ximonitoirngguide
/people/michal.krawczyk2/blog/2005/09/07/xi-why-dont-start-searching-for-all-errors-from-one-place
For J2EE monitoring :
https://www.sdn.sap.com/irj/sdn/go/portal/prtroot/docs/library/uuid/e63ad672-0801-0010-c5b2-ea75cfffb423
http://help.sap.com/saphelp_nw04/helpdata/en/39/83682615cd4f8197d0612529f2165f/content.htm
https://www.sdn.sap.com/irj/sdn/go/portal/prtroot/docs/library/uuid/fc03a2a2-0a01-0010-b497-87518550e132
http://help.sap.com/saphelp_nw04/helpdata/en/c3/6fff40e39ba854e10000000a1550b0/frameset.htm
For file 2 file error handlimg, as mentioned above, you can set up CCMS Alerts:
/people/sap.user72/blog/2005/11/24/xi-configuring-ccms-monitoring-for-xi-part-i
/people/sap.user72/blog/2005/12/05/xi-grmg-customizing-for-xi-ccms-heartbeat-monitoring-part-ii
Also, a good blog talking about the main XI Production error:
/people/prashanth.azharuddin/blog/2006/11/24/some-errors-in-an-xi-production-environment
Rgds,
Puneet
Edited by: Puneet Singhal on Aug 19, 2009 8:25 AM -
Is there anyway to monitor network traffic on the newer Time Capsules, similar to the SNMP monitoring previously?
Can I use a real router and still have the Time Capsule for backups etc?
Yes, that is what Bridge Mode is for. Just connect the Time Capsule to a LAN <--> Ethernet port on your "main" router. -
SA540 - Monitor Web Traffic (How to)?
Just as the title reads, I'm looking for a way to monitor what traffic is going through my SA540. Looking for what websites are being accessed.
Not sure how to do this. Can anyone assist?
Thanks in advance!I looked into OPENDNS several months ago and seems like it was kinda expensive for commercial usage. It wasn't an option.
I was looking at the Status/Reports section of my 540 and it sounds like it gives the top 10 websites visited. Does this sound correct?
Of course Content Filtering must be turned on. I assume turning on Content Filtering does nothing until allowed or blocked URL data is present?
k -
Anyone know of an area where information on monitoring VNC traffic would be?
I have been asked to monitor VNC traffic and the baseline signature I have loaded
on devices seems a little lacking in scope....
Anyone else looking at this traffic on their network and can give some insight?
I didn't get alot of hits in the knowledge base when looking for VNC traffic so any
inforation can help.
Thanks...I think mainly to see who is actually using or attempting to use VNC products...
Might be as simple as monitoring a port; this will help us track down any unauthorized
attempts at using VNC products...I just want to see what options I have. -
Monitor the traffic/bandwidth of local computers ?
Hi everyone,
What is the software/script to monitor the traffic/bandwidth of the local users ?
I'm currently has Xserve as like a DHCP/gateway, and there are about 20 computers connects through Xserve. I'd like to monitor the local computers to see their bandwidth but not sure what script/software need to be installed on Xserve. All my local computers have ip 10.10.x.x.
I installed darkstat but it doesn't show me the specific ip address that taking how much bandwidth (like download/upload speed..).
ThanksTake a look at Intermapper <http://dartware.com/>, Lithium <http://lithiumcorp.com/> and Zenoss <http://www.zenoss.com/>. They should be able to do what you want. Hope that helps.
- Barrett -
Generate and Monitor Interconnect traffic
Guys
Does anyone has scripts to generate and monitor interconnect traffic? I am trying to test my interconnect on 4 node RAC (10gR2)
Any help?
Thanks in advance
PGSee if this helps....we use the below script to monitor the interconnect traffic.
select b1.inst_id,
b2.value "GCS CR BLOCKS RECEIVED",
b1.value "GCS CR BLOCK RECEIVE TIME",
((b1.value / b2.value) * 10) "AVG CR BLOCK RECEIVE TIME (ms)"
from gv$sysstat b1,
gv$sysstat b2
where b1.name = 'global cache cr block receive time' and
b2.name = 'global cache cr blocks received' and
b1.inst_id = b2.inst_id -
Hi- Is the hit counter button the only way to monitor visitor traffic? Is there a way to see who is visiting my site? Thanks for your time.
I use stat counter, it IS safe and there ISN'T anything on a Mac so there is the need of 3rd party software. Another is Google Anayltics, but that's more complicated. You can use iTweak to easily apply your statcounter code, too
-
How to monitor the traffic on network interface card NIC
hello friends
i m dong a network based project
in that i need to calculate the incoming
and outgoing traffic on network interface
Can anyone help me regarding this...
any API that i van use, i know abt JPCAP
but unable to use that in this repect...
Thanks in Advancesorry for any mistake....
i m new to java
Actually using JPCAP we can capture the packets
and process them..may save to file or some thing like that
but how to know the current incoming and outgoing traffic...on NIC
and also how much it is capable of...
can u tell me any good tutorial
i really need to do that
thanks for concern -
Control and monitoring of traffic lights
i am a student and new to graphical programming.i am using labview 6.1 to monitor and control a system of traffic lights from a central location.my problem is geting the lights to go on and off.
You asked the same question here and the answer is still the same. Provide some details on what exactly you're attempting to do and what specifically is the problem. That means details on what kind of hardware you're using to interface to the lights, any error codes being generated, etc. Posting your program would help as well.
-
I cannot monitor trunk traffic
I have two trunk port over Metroethernet contains several VLAN. And Cisco 3550 is meeting point for 2 trunk. I wanna monitor those trunk (far sites) traffic.
I try several SPAN on cisco 3550 switch but i didn’t get a source-destination traffic .
Here is my configs and output. And you can see my topology in attachement:
Config I:
monitor session 1 source vlan 1 - 4094 rx
monitor session 1 destination interface Fa0/8
Output 1 (tcpdump -i eth1)
10:28:49.398386 STP 802.1d, Config, Flags [none], bridge-id 8000.00:00:0c:69:48:6a.800a, length 43
10:28:49.403695 IP 172.16.2.154 > ospf-all.mcast.net: OSPFv2, LS-Update, length 60
10:28:49.423092 STP 802.1d, Config, Flags [none], bridge-id 8000.00:00:0c:b2:73:c0.800c, length 43
10:28:49.435660 IP 172.16.2.154 > ospf-all.mcast.net: OSPFv2, LS-Update, length 60
10:28:49.467041 IP 172.16.2.154 > ospf-all.mcast.net: OSPFv2, LS-Update, length 60
10:28:49.503562 IP 172.16.2.154 > ospf-all.mcast.net: OSPFv2, LS-Update, length 60
10:28:49.511120 IP 172.16.1.46 > ospf-all.mcast.net: OSPFv2, Hello, length 60
10:28:49.512063 IP 172.16.2.46 > ospf-all.mcast.net: OSPFv2, Hello, length 60
Config II:
monitor session 1 source vlan 1 - 4094 rx
monitor session 1 destination interface Fa0/8 encapsulation dot1q
Output II (tcpdump -i eth1)
tcpdump: WARNING: eth1: no IPv4 address assigned
tcpdump: verbose output suppressed, use -v or -vv for full protocol decode
listening on eth1, link-type EN10MB (Ethernet), capture size 96 bytes
Config III:monitor session 1 source interface Fa0/20
monitor session 1 destination interface Fa0/8
Output III (tcpdump -i eth1)
10:43:59.148118 IP 172.16.2.154 > ospf-all.mcast.net: OSPFv2, LS-Update, length 60
10:43:59.160031 STP 802.1d, Config, Flags [none], bridge-id 8000.00:00:0c:07:5d:ff.8008, length 43
10:43:59.181057 STP 802.1d, Config, Flags [none], bridge-id 8000.00:00:0c:07:5e:3b.8009, length 43
10:43:59.183669 IP 172.16.2.154 > ospf-all.mcast.net: OSPFv2, LS-Update, length 60
10:43:59.188202 IP 172.16.1.114 > ospf-all.mcast.net: OSPFv2, Hello, length 56
10:43:59.219978 IP 172.16.2.154 > ospf-all.mcast.net: OSPFv2, LS-Update, length 60
10:43:59.251886 IP 172.16.2.154 > ospf-all.mcast.net: OSPFv2, LS-Ack, length 1444
10:43:59.255620 IP 172.16.2.154 > ospf-all.mcast.net: OSPFv2, LS-Update, length 60
10:43:59.258862 IP 172.16.1.181 > ospf-all.mcast.net: OSPFv2, LS-Ack, length 64
10:43:59.264209 STP 802.1d, Config, Flags [none], bridge-id 8000.00:00:0c:f3:63:75.800e, length 43
10:43:59.267031 IP 172.16.1.185 > ospf-all.mcast.net: OSPFv2, LS-Ack, length 84
10:43:59.285143 STP 802.1d, Config, Flags [none], bridge-id 8000.00:00:0c:3a:65:4a.800e, length 43
10:43:59.290841 IP 172.16.2.182 > ospf-all.mcast.net: OSPFv2, LS-Ack, length 84
Config IV:
monitor session 1 source interface Fa0/20
monitor session 1 destination interface Fa0/8 encapsulation dot1q
Output IV (tcpdump -i eth1)
10:45:54.508798 STP 802.1d, Topology Change
10:45:56.508461 STP 802.1d, Topology Change
10:45:58.508160 STP 802.1d, Topology Change
10:45:58.748225 DTPv1, length 38
10:46:00.508760 STP 802.1d, Topology Change
10:46:02.508853 STP 802.1d, Topology Change
10:46:04.508826 STP 802.1d, Topology Change
Config V:
monitor session 1 source interface Fa0/20 - 21 rx
monitor session 1 destination interface Fa0/8
Output V (tcpdump -i eth1)
10:50:14.464530 STP 802.1d, Config, Flags [none], bridge-id 8000.00:00:0c:e3:48:b6.800c, length 43
10:50:14.473268 IP 172.16.2.154 > ospf-all.mcast.net: OSPFv2, LS-Update, length 60
10:50:14.481147 STP 802.1d, Config, Flags [none], bridge-id 8000.00:00:0c:cd:64:22.8008, length 43
10:50:14.484894 STP 802.1d, Config, Flags [none], bridge-id 8000.00:00:0c:e3:48:da.800b, length 43
10:50:14.491750 STP 802.1d, Config, Flags [none], bridge-id 8000.00:00:0c:cd:63:e5.8009, length 43
10:50:14.500191 STP 802.1d, Config, Flags [none], bridge-id 8000.00:00:0c:32:8c:52.800e, length 43
10:50:14.505504 IP 172.16.2.154 > ospf-all.mcast.net: OSPFv2, LS-Update, length 60
10:50:14.541735 IP 172.16.2.154 > ospf-all.mcast.net: OSPFv2, LS-Update, length 60
10:50:14.549495 IP 172.16.2.154 > ospf-all.mcast.net: OSPFv2, LS-Ack, length 1444
10:50:14.577783 IP 172.16.2.154 > ospf-all.mcast.net: OSPFv2, LS-Update, length 60
10:50:14.600906 STP 802.1d, Config, Flags [none], bridge-id 8000.00:00:0c:32:8c:4a.800d, length 43
10:50:14.613448 IP 172.16.2.154 > ospf-all.mcast.net: OSPFv2, LS-Update, length 60
10:50:14.649487 IP 172.16.2.154 > ospf-all.mcast.net: OSPFv2, LS-Update, length 60
10:50:14.684209 IP 172.16.1.198 > ospf-all.mcast.net: OSPFv2, Hello, length 60
10:50:14.685534 IP 172.16.2.154 > ospf-all.mcast.net: OSPFv2, LS-Update, length 60
10:50:14.704529 STP 802.1d, Config, Flags [none], bridge-id 8000.00:00:0c:04:62:cd.800e, length 43
10:50:14.706505 STP 802.1d, Config, Flags [none], bridge-id 8000.00:00:0c:04:62:d9.800f, length 43
I can't see hsot interactions. Why?
And How do you solve this problem?You will not be able to tell if Firefox was used in private browsing mode. When in that mode Firefox does not store any details about web browsing.
One option you can use is to install a free parental control program such as K9 Web Protection - http://www1.k9webprotection.com/ - That program can be used to block access to sites based on categories that you choose. It will work with all browsers and does not matter if they are in private browsing mode or not.
Maybe you are looking for
-
Unable to capture fi document number using transaction ABUMN
hello guys, I am trying to create a bdc for transsaction ABUMN which generates a fi document at the end. but in BDC the bdcmsgcoll table is empty. is there any way so that i can capture document number as soon as it is posted. Please help, Thanks in
-
How to find u0091Where used list of BSP Applicationu0092?
Hi, In standard, one BSP application is calling another BSP application by hard coded in application. I want find a where used list of a BSP application. How to find Where used list of BSP Application? Regards, ...Naddy
-
Troubles saving a booklet from indesign 5.5 to a pdf file format
Don't know what im doing wrong here but i can not seem to get my book to save to a PDF FILE can anybody help fast. this needs to be sent to the print shop asap so i can make my deadline for my collage paper !
-
Downloading photoshop for windows 7
Downloading photoshop to windows 7?
-
Do I even need itunes 7 to download games or movies???
I just downgraded back down to Itunes 6.4 or w/e it is, and I can click on Music Store and the games and movies and other new stuff shows up...sooo my question is if i even need to upgrade to 7.0 to download these things???