cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
555
Views
0
Helpful
1
Replies

Sniffer Trace on ACE w/VACLs and One-Arm Design

cantorb1
Level 1
Level 1

Wow...that was a mouthful of a title!

Here is what I'm trying to accomplish. There is an application that is having issues. This application is being load balanced by the ACE. The ACE is configured in a One-Armed design. Essentially the application flow is as follows:

client --> ACE VIP --> SNAT Pool --> rserver and then the reverse.

The vlan for my ACE is 3002. It is the only vlan in this context. I have a WildPackets OmniEngine connected to port on the 6500. Here is its config:

interface GigabitEthernet x/xx

switchport

switchport trunk encapsulation dot1q

switchport mode trunk

switchport nonegotiate

switchport capture

switchport capture allowed vlan 3002

no ip address

no cdp enable

Here is the problem. When I take a trace I only see the back half of the conversation. That is I only see from the SNAT pool IPs to the rservers and back. I need to be able to see the conversation between the client IPs and the VIP. Does anyone know how this can be done? If you need more details or have questions please fire away! Thanks for the help...

bc

1 Reply 1

This can be done by setting up a monitor session on the Sup, with the

TenGig/1 as SPAN

source, and a trunk port as SPAN destination.

For example, if the ACE is in slot X, the configuration would be:

!

monitor session 10 source interface TeX/1

monitor session 10 destination interface Giy/z

!

The configuration for this port would be:

!

int giy/z

switchport

switchport trunk encapsulation dot1q

switchport mode trunk

switchport nonegotiate

Syed Iftekhar Ahmed

Review Cisco Networking for a $25 gift card