Buy or Renew
Buy or Renew
Cisco + Splunk: It’s a new day for your data. Learn more.
 
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
920
Views
0
Helpful
1
Replies

VACL puzzle on Cat6500 IOS

p.calcaterra
Level 1
Level 1

‎05-14-2007 04:28 AM - edited ‎03-05-2019 04:02 PM

Hi,

I have to capture traffic and I wish to apply the VACL Capture as described in the doc "VACL Capture for Granular Traffic Analysis with Cisco Catalyst 6000/6500 Running Cisco IOS Software"

(http://www.cisco.com/en/US/partner/tech/tk389/tk689/technologies_configuration_example09186a00808122ac.shtml):

1. Define the interesting traffic.

Cat6K-IOS(config)#ip access-list extended HTTP_UDP_TRAFFIC

...

2. Define the VLAN access map.

Cat6K-IOS(config)#vlan access-map HTTP_UDP_MAP 10

Cat6K-IOS(config-access-map)#match ip address HTTP_UDP_TRAFFIC

Cat6K-IOS(config-access-map)#action forward capture

3. Apply the VLAN access map to the appropriate VLANs.

Cat6K-IOS(config)#vlan filter HTTP_UDP_MAP vlan-list 10

4. Configure the Capture Port

...

I am wondering that if I apply that "vlan filter", the 6500 will discard all the traffic that does not match the ACL, as sketched in the IOS 12.2(SX) conf. guide (3rd example):

(http://www.cisco.com/en/US/partner/products/hw/switches/ps708/products_configuration_guide_chapter09186a0080160a7e.html#wp1055968).

The question is: to capture only the matched part of IP traffic without to discard the unmatched traffic, must I end the access-map with a default "action forward"?

Best regards. Paolo Calcaterra

Labels:
0 Helpful
1 Reply 1

carenas123
Level 5
Level 5

‎05-21-2007 06:06 AM

This limitation also exists with VACL Capture when running in IOS.

CatOS does not have these limitations.

If you want to know more please click Below URL:

http://www.cisco.com/en/US/products/hw/switches/ps708/products_configuration_guide_chapter09186a00805e34fe

0 Helpful
Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Customers Also Viewed These Support Documents
Review Cisco Networking products for a $25 gift card