02-10-2005 09:48 AM - edited 03-02-2019 09:35 PM
System image file is "flash:c3550-i9q3l2-mz.121-12c.EA1/c3550-i9q3l2-mz.121-12c.
EA1.bin"
Using the above image I'm trying to verify traffic is going through the switch. IP accounting doesn't show it. Debug ip packet doesn't show it, NBAR isn't supported in the image. mls flow statistics doesn't appear to be supported.
My next step is physically go to the switch with a sniffer, but how can I see the traffic from the CLI?
02-10-2005 10:09 AM
You can use:
1. show ip traffic
2. debug ip packet. The output from debug will be sent to the buffer log. Do show log to view the debug output.
Hope this helps.
02-11-2005 04:46 AM
Show ip traffic isn't granular enough and show log only shows what was also available at the console.
I thought it might be because the traffic was fast switched (or cef switched). So I disabled route-cacheing, to force process switching. But that didn't help either.
02-10-2005 04:25 PM
Try "show interface counters" , this gives you the traffic on a port by port basis . You can also use "show interface accounting" for more info .
02-11-2005 04:51 AM
These stats are granular enough. I need to see that it's telnet traffic to a specific address.
02-11-2005 04:54 AM
Whoops, I typed "are" granular enough; I meant to type "ARE NOT" granular enough.
02-11-2005 05:12 AM
You would probably need a packet analyzer and use the span function to get that kind of information . It would be nice if they had a built in type packet capture that you could retrieve , they had this functionality on our old Bay networks hubs that we still use , comes in handy once in awhile .
02-11-2005 05:41 AM
Would that do?
access-list 102 permit tcp source-ip reverse-mask destination-ip reverse-mask eq telnet
debug ip packet 102
02-11-2005 06:17 AM
ACL 102 already permits any traffic to or from the target host.
02-11-2005 11:34 AM
though of adding the log to the permit in the acl? I use following to give me details about rogue devices on our network. I then look through the log to help classify my traffic.
access-list 111 permit TCP host 172.20.2.14 any range 0 65535 log
access-list 111 permit UDP host 172.20.2.14 any range 0 65535 log
access-list 111 permit ip any any
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide