Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
581
Views
0
Helpful
2
Replies

Why SPAN port show traffic from other network.

msompong1
Level 1
Level 1

‎12-19-2022 07:32 PM

Hi All,

I am troubleshooting on network intermittent slow issue.

I have the connection like the picture in attached the VLAN is the server VLAN the L3 switch routing IP is 10.1.4.1/24 and the firewall for route traffic to internet and controlled segment is 10.1.4.8/24 , From the L3 I have default route to 10.1.4.8

The server also in VLAN4 with IP 10.1.4.57/24 and physical connected to L3 port with access VLAN A.

I've Wireshark to SPAN the traffic on Server A port and sometime I found huge traffic 50-300Mbps for 5-10 sec that not only communication from/to server A appear ,but from other networks like from 10.1.28.0/24 to internet or 10.1.93.0/24 to 10.1.50.0/24. Normally it should be found only broadcast and traffic from/to 10.1.4.57/24 right?

Could someone share the idea on this and which I can start to check?

Diagram.png

Thank you.

Labels:
0 Helpful
2 Replies 2

balaji.bandi
Hall of Fame
Hall of Fame

‎12-20-2022 03:52 AM

what switch is this, can you share the config.

if you doing captgure on VLAN interface as source sure (i am assuming ) you going to see all that information.

instead you use source port as server connected port, so you see what server sending traffic (hope this works as expected)

I've Wireshark to SPAN the traffic on Server A port and sometime I found huge traffic 50-300Mbps for 5-10 sec that not only communication from/to server A appear ,but from other networks like from 10.1.28.0/24 to internet or 10.1.93.0/24 to 10.1.50.0/24. Normally it should be found only broadcast and traffic from/to 10.1.4.57/24 right?

Server A port as source ? what is this Server role in the network ?

I am troubleshooting on network intermittent slow issue.  - is the issue between client and internet or client to Server ?

BB

***** Rate All Helpful Responses *****

How to Ask The Cisco Community for Help

0 Helpful

msompong1
Level 1
Level 1
In response to balaji.bandi

‎12-21-2022 12:20 AM

Hi,

- The switch is Cisco4510R and the SPAN source do on the port that server A is connected not a VLAN.

- The server A is the Voice gateway with low performance resources.

- As I test SPAN from the other source port that assigned to VLAN A , I found the same issue with can see other network traffic and I think it will impact to the connected host that has the low performance like Voice gateway above. 

 

0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking for a $25 gift card