Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
483
Views
0
Helpful
1
Replies

Mirror single ACE context

johnmillbrandeis
Level 1
Level 1

‎10-26-2012 07:53 AM

Hello everyone,

I'm setting up a load-balanced DNS environment, and would like to mirror all of our DNS traffic to a statistics collection and monitoring server.  Our setup is pretty simple--just load-balance udp port 53 traffic to a single serverfarm (4 rservers) using one VIP (I've gotten both transparent LB and routed LB/static NAT working).  Is there some way within a context to do this?  By creating a second context?  Or does this need to happen outside of the ACE?  I'm by no means a networking guru, so any help (even if it seems obvious) would be appreciated.

I'm using an ACE 30 module in a 6500 switch.

John

Labels:
0 Helpful
1 Reply 1

Amir Asfandyarov
Cisco Employee
Cisco Employee

‎10-30-2012 04:08 AM

Hello John,

If I correctly understood, you want to "mirror" (so, to have an exact copy of DNS traffic) hitting ACE, is this correct?

If so, take a look at this article https://supportforums.cisco.com/docs/DOC-15652 , which describes how to set up a SPAN capture from ACE internal interface.

Note you can filter on VLAN (that is, redirect/capture traffic on particular front-end/back-end VLAN. A bit tricky to make additional filtering on ports/protocols, though... Take a look at VACL captures in the same article as well.

HTH, Amir

0 Helpful
Customers Also Viewed These Support Documents

Review Cisco Networking for a $25 gift card