Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
764
Views
1
Helpful
8
Replies

Programmable Switch and Managing Traffic

HassanAbdullah
Level 1
Level 1

‎08-04-2023 01:32 PM

I'm working on a project in which I need to do something like, I'll monitor and collect traffic passing through a switch, then classify it based upon port number, packet size and maybe IP range too. Then I want to display this on a web page. The web page will show real time traffic passing through a switch and classified. Now, if I want to drop certain type of packets, I'll just click on the block button on the web page and I'll command the switch to block the packets with particular port number, packet size and IP range.

I want to know, if it's possible. And if it is possible how can I do so?? What should I use,  GNS3 Mininet or something else. I'll appreciate as many suggestions as I Can. 

0 Helpful
8 Replies 8

Flavio Miranda
VIP
VIP

‎08-04-2023 01:46 PM

Hi @HassanAbdullah 

 I believe it would be possible but you need to think in switches mode 9300 or 9200 or switch model with API. And this requires a physical device as GNS3 only run older switches model.

I believe this video can give you a start  point

https://www.youtube.com/watch?v=AJhnt-sIfK0

Here in the community there are people discussing about cisco devices and programability

https://community.cisco.com/t5/cisco-software/ct-p/j-cisco-software

 

 

0 Helpful

HassanAbdullah
Level 1
Level 1
In response to Flavio Miranda

‎08-04-2023 01:50 PM

So we can't have a virtual implementation of the problem?

 

0 Helpful

Flavio Miranda
VIP
VIP
In response to HassanAbdullah

‎08-04-2023 01:58 PM

Easy like GNS3 no. The switch that will give you that level of programability run IOS-XE which is not emulated so far.

You can try to do this with older switches running IOS on the GNS3 but I dont believe it would be possible to have the level of control you are aiming to get.

 

0 Helpful

HassanAbdullah
Level 1
Level 1
In response to Flavio Miranda

‎08-04-2023 02:19 PM

How much control am I expecting to get if I use an older switch?? Like what part of the project can be implemented, can the website part be done without actually blocking part?? Or just the blocking part can implemented in a better way without including the website part?

 

0 Helpful

Flavio Miranda
VIP
VIP
In response to HassanAbdullah

‎08-04-2023 02:37 PM - edited ‎08-04-2023 02:41 PM

Sure you can. The website part does not depend on the switch.  Although the switch does have web interface. 

 Your challenge I believe would be to figure out how to interact with the switch.  Switch allows for telnet/ssh interaction.  So,  when you click a button on your web site are.you going to translate this clikck to a ssh command?

 You can use Python for that. Netmiko is a good Python library to interact with cisco devices.

0 Helpful

HassanAbdullah
Level 1
Level 1
In response to Flavio Miranda

‎08-04-2023 02:49 PM

So, if I have understood this correctly, I need to use a cisco switch with IOS on GNS3. Then I'll be able to project the traffic on the website. And the switch is programmable, so I have to convert the click of a button on the website into ssh command inorder to block a certain type of traffic. 

0 Helpful

Flavio Miranda
VIP
VIP
In response to HassanAbdullah

‎08-04-2023 03:03 PM

This is one possibility.

You need a web interface,  a connection to the switch using some interactive language like python and execute the commamd on the switch.

Leo Laohoo
Hall of Fame
Hall of Fame

‎08-04-2023 06:53 PM

A switch cannot do deep packet inspection.  

The description falls exclusively into a beefy firewall appliance (subject to the size of the WAN/LAN traffic).

0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking for a $25 gift card