cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
531
Views
0
Helpful
1
Replies
Highlighted
Beginner

Maintain history or capture of traffic passing through a router

Hello Friends,

Looking for some industry practice or advise how to handle such situation proactively.

 

I generally come across a situation where users report a disconnection of production application connectivity in recent past (few minutes or hours back) and would like to know the cause of the issue. Unless a state change of routing protocol or HSRP, or interface status, etc logging buffer (or syslog) doesnt suffice the investigation; need more logs like NAT translation during realtime or check if did the traffic had really reached the router. Is there a way to capture this information continuously? 

 

I have heard of EPC (Embedded Packet Capture) can be used to monitor pass-through traffic, but its CPU intensive.

 

Thank you,

Krishna

1 REPLY 1
Highlighted
VIP Mentor

Either you can span the port  / Monitor the traffic sending to Log Server

 People use TAP also for the best practice in large environment.

BB

BB
*** Rate All Helpful Responses ***
Content for Community-Ad