cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
2047
Views
10
Helpful
15
Replies

How to log packets(frames) on a switch

I want to know if the packets go through the switch.

Is it possible to log frames with origin and destination on the switch?

I'm not asking, check with wireshark.

1 Accepted Solution

Accepted Solutions

hi,

you can use debug ip packet privilege command.

you can also use an ACL to be more granular/specific in your output and also not to overwhelm CPU.

View solution in original post

15 Replies 15

what is SW platform ?
if your SW platform support capture you can use it to capture the traffic enter the SW. 

2960 3850 9200 9300
Viewing with wireshark using SPAN is not what I want.

balaji.bandi
Hall of Fame
Hall of Fame

There are different ways to do this, depending on requirements.

1. you can SPAN the session to mirror the traffic

2. if you have the latest model of switch, you can packet capture inside

3. same way if you have the latest model switch IOS code support, you can use NetFlow

BB

***** Rate All Helpful Responses *****

How to Ask The Cisco Community for Help

Viewing with wireshark using SPAN is not what I want.

how about other tools which i suggested, what have you tried?

 

BB

***** Rate All Helpful Responses *****

How to Ask The Cisco Community for Help

mlund
Level 7
Level 7

If the switch supports QoS, you can define class-map that identify your flow, then a policy-map that have your class-map. Then put your policy-map into an interface. Then you can look up the counters in the policy-map with "show service-policy interface <nr>"

What do you want to accomplish exactly, why don't you want to use SPAN ? The 9300 supports circular and linear packet capture, see the link below. It is still recommended to export a .pcap file (to e,g, wireshark). Why don't you want to use Wireshark ?

https://www.engineerkhan.com/networking/packet-capture-on-cisco-9300-switches/

real-time-traffic-capture-in-ASA-CLI.png

What I want is something like this.

are you ever check the link I share ?

Like this using ASA ? or on what device you looking to do ?

ASA already doing that task, what you expecting here ?

BB

***** Rate All Helpful Responses *****

How to Ask The Cisco Community for Help

Like the ASA, I want similar functionality on a 2960 or 9200 switch.

hi,

you can use debug ip packet privilege command.

you can also use an ACL to be more granular/specific in your output and also not to overwhelm CPU.

Review Cisco Networking for a $25 gift card