 | Start a set with this search |
 | Include this search in one of my sets |
 | Exclude this search from one of my sets |
 | Permalink to these results Paste this link in email or IM: |
 | Atom feed for tracking future search results Paste this URL into your reader: |
11 messages in net.nether.puck.cisco-nsp[c-nsp] Re: 6500 Port Monitor| From | Sent On | Attachments |
|---|---|---|
| Ziv Mosery | Jan 18, 2005 3:37 am | |
| Piltrafilla | Jan 18, 2005 4:58 am | |
| Ziv Mosery | Jan 18, 2005 5:05 am | |
| Voll, Scott | Jan 18, 2005 7:14 am | |
| Todd, Douglas M. | Jan 18, 2005 9:35 am | |
| Tim Stevenson | Jan 18, 2005 12:22 pm | |
| Tim Stevenson | Jan 18, 2005 12:30 pm | |
| Ziv Mosery | Jan 18, 2005 4:22 pm | |
| Greg Schwimer | Jan 18, 2005 7:13 pm | |
| Tim Stevenson | Jan 19, 2005 5:29 pm | |
| Justin M. Streiner | Jan 19, 2005 7:21 pm |
| Permalink for this message Paste this link in email or IM: |
| Permalink for this thread Paste this link in email or IM: |
| Atom feed for this thread Paste this URL into your reader: |
| Subject: | [c-nsp] Re: 6500 Port Monitor | Actions... |
|---|---|---|
| From: | Tim Stevenson (tste...@cisco.com) | |
| Date: | Jan 19, 2005 5:29:20 pm | |
| List: | net.nether.puck.cisco-nsp | |
This problem has to do with the particular line card you are using for the span destination ports, ie, one of the 8:1 oversubscribed GETX blades.
There are two solutions to your problem: either move the gig and 100M SPAN dest ports to 2 different muxing ASICs on this module (eg, port 1 & port 9, they are in contiguous groups of 8 ports); or, upgrade to 12.1(26)E, where this problem is resolved.
Tim
At 01:21 PM 1/18/2005, Ziv Mosery proclaimed:
First for your questions: The card is WS-X6148-GE-TX with Version 12.1(20)E2 IOS. Now: I had 2 destinations, as soon as I removed one destination and was left with one I was able to receive all the traffic and wasn't limited. If you say I can have mixed-speed destinations, then my problem is about 200MB limitation, or you are wrong and I can't have mixed-speed on the destination site. I guess it's one of those, the question is which.
Ziv
-----Original Message----- From: cisco-nsp-bounces at puck.nether.net [mailto:cisco-nsp-bounces at puck.nether.net] On Behalf Of Tim Stevenson Sent: Tuesday, January 18, 2005 7:30 PM To: cisco-nsp at puck.nether.net; cisco-nsp at puck.nether.net Subject: [c-nsp] Re: 6500 Port Monitor
Please also let me know the linecard model number for the destination ports - is it 6148-GETX or 6548-GETX by chance?
Tim
At 09:22 AM 1/18/2005, Tim Stevenson proclaimed:
There should be no limitations as described below on 6500 sup2 - you can have mixed-speed span destinations and you can have the destination ports in whatever vlan you choose (they ultimately don't really belong to any vlan anyway once configured as a span destination).
What s/w version are you running on the sup2? I can try to reproduce this 100M limit problem if you let me know the OS & version, but as I say, this is not expected behavior.
Tim
At 07:27 AM 1/18/2005, cisco-nsp-request at puck.nether.net proclaimed:
Message: 3 Date: Tue, 18 Jan 2005 09:36:14 -0500 From: "Todd, Douglas M." <DTODD at PARTNERS.ORG> Subject: [c-nsp] Re: 6500 Port Monitor To: "'Voll, Scott'" <Scott.Voll at wesd.org>, Ziv Mosery <zmosery at mercury.com>, Piltrafilla <piltrafilla at gmail.com> Cc: cisco-nsp at puck.nether.net Message-ID: <59C772E2D8EDF345AE1601F5B60B3CB50D3DB1 at PHSXMB7.partners.org> Content-Type: text/plain
Hey folks:
We run spans/monitors ports all the time and we have not found such a limitation. One would want to have the monitor port in the same vlan as the monitor source to catch ALL traffic. It seems that you will catch more traffic by moving the port in the same vlan as the span, just seems to be the better way to sniff. I would check to make sure that you are not getting errors on your port as this might be one cause of your traffic limitation.
==DMT>
%SIG%
Douglas M. Todd, Jr. Network Engineering (MGH/CNY/NSMC/MCLEAN) Partners Health Care Building 149 13th Street Location: 149-10-10056E Charlestown, MA 02129-2000 (MGH) (T): 617.726.1403 (F): 617.724.9871 Security: Verisign S/N: 7b1bb86860eb26a53b57c8acb8e9fc4f pgp: search keyserver for: dtodd at partners.org
--------------------------------------------------------------------------
------
---- The information transmitted in this email is intended only for the person or entity to which it is addressed and may contain confidential and/or privileged information. Any review, retransmission, dissemination or other use of, or taking of any action in reliance upon this information by persons or entities other than the intended
recipient is prohibited. If you received this email in error, please contact the sender and delete the material from any computer.
old>>-----Original Message----- old>>From: cisco-nsp-bounces at puck.nether.net old>>[mailto:cisco-nsp-bounces at puck.nether.net] On Behalf Of Voll, Scott old>>Sent: Tuesday, January 18, 2005 07:16 old>>To: Ziv Mosery; Piltrafilla old>>Cc: cisco-nsp at puck.nether.net old>>Subject: [c-nsp] Re: 6500 Port Monitor old>> old>>Someone can correct me if I'm wrong, but I believe the old>>limit is that both ports have to be in the same Vlan. old>> old>>Scott old>> old>>-----Original Message----- old>>From: cisco-nsp-bounces at puck.nether.net old>>[mailto:cisco-nsp-bounces at puck.nether.net] On Behalf Of Ziv Mosery old>>Sent: Tuesday, January 18, 2005 2:06 AM old>>To: Piltrafilla; Ziv Mosery old>>Cc: cisco-nsp at puck.nether.net old>>Subject: [c-nsp] Re: 6500 Port Monitor old>> old>>Thanks I found the solution but I don't know what the problem was. old>>I had 2 destination ports both 10/100/1000 ports, one on old>>1000MB and one on 100MB. old>>Was I limited because of the 100MB port? old>>Or is there some kind of limit after all? old>>After I did monitor only to the 1000MB port I was able to old>>get 160MB on the monitor, my probe isn't able to get more old>>than that so I don't know If there is a 200MB limit or not. old>> old>>Thanks, old>>Ziv old>> old>> old>>-----Original Message----- old>>From: Piltrafilla [mailto:piltrafilla at gmail.com] old>>Sent: Tuesday, January 18, 2005 11:58 AM old>>To: Ziv Mosery old>>Cc: cisco-nsp at puck.nether.net old>>Subject: Re: [c-nsp] 6500 Port Monitor old>> old>>I have done vlan monitor sessions on that way without any old>>bandwidth limitation on SupII and Sup720. Could you paste old>>destination interface configuration and 'sh ip interface' old>>information? old>> old>>Regards, old>> old>>On Tue, 18 Jan 2005 10:38:06 +0200, Ziv Mosery old>><zmosery at mercury.com> old>>wrote: old>>> Hi all, old>>> old>>> I am trying to do port monitoring from a VLAN to a GigE old>>destination. old>>> old>>> For some reason I am don't get at the destination more old>>then 100MB. old>>> old>>> Any reason for that? old>>> old>>> Switch details: 6500 Sup2 MSFC2. old>>> old>>> Configuration used: old>>> old>>> monitor session 2 source vlan 13 old>>> old>>> monitor session 2 destination interface Gi10/45 old>>> old>>> Anyone knows of limitations that the switch might have old>>regarding port old>>> monitor? old>>> old>>> Thanks in advance, old>>> old>>> Ziv old>>> old>>> old>>___________________________________________________________ old>>___________ old>>> This email has been scanned by the MessageLabs Email old>>Security System. old>>> For more information please visit old>>http://www.messagelabs.com/email old>>> old>>___________________________________________________________ old>>___________ old>>> _______________________________________________ old>>> cisco-nsp mailing list cisco-nsp at puck.nether.net old>>> https://puck.nether.net/mailman/listinfo/cisco-nsp old>>> archive at http://puck.nether.net/pipermail/cisco-nsp/ old>>> old>> old>>___________________________________________________________ old>>___________ old>>This email has been scanned by the MessageLabs Email old>>Security System. old>>For more information please visit old>>http://www.messagelabs.com/email old>>___________________________________________________________ old>>___________ old>>_______________________________________________ old>>cisco-nsp mailing list cisco-nsp at puck.nether.net old>>https://puck.nether.net/mailman/listinfo/cisco-nsp old>>archive at http://puck.nether.net/pipermail/cisco-nsp/ old>> old>>_______________________________________________ old>>cisco-nsp mailing list cisco-nsp at puck.nether.net old>>https://puck.nether.net/mailman/listinfo/cisco-nsp old>>archive at http://puck.nether.net/pipermail/cisco-nsp/ old>>
Tim Stevenson, tstevens at cisco.com Routing & Switching CCIE #5561 Technical Marketing Engineer, Catalyst 6500 Cisco Systems, http://www.cisco.com IP Phone: 408-526-6759 ******************************************************** The contents of this message may be *Cisco Confidential* and are intended for the specified recipients only.
Tim Stevenson, tstevens at cisco.com Routing & Switching CCIE #5561 Technical Marketing Engineer, Catalyst 6500 Cisco Systems, http://www.cisco.com IP Phone: 408-526-6759 ******************************************************** The contents of this message may be *Cisco Confidential* and are intended for the specified recipients only.
_______________________________________________ cisco-nsp mailing list cisco-nsp at puck.nether.net https://puck.nether.net/mailman/listinfo/cisco-nsp archive at http://puck.nether.net/pipermail/cisco-nsp/
______________________________________________________________________ This email has been scanned by the MessageLabs Email Security System. For more information please visit http://www.messagelabs.com/email
______________________________________________________________________
Tim Stevenson, tstevens at cisco.com Routing & Switching CCIE #5561 Technical Marketing Engineer, Catalyst 6500 Cisco Systems, http://www.cisco.com IP Phone: 408-526-6759 ******************************************************** The contents of this message may be *Cisco Confidential* and are intended for the specified recipients only.