|
Posted by adsaero on April 23, 2007, 12:31 am
If you were Registered and logged in, you could reply and use other advanced thread options
]Why I see only the traffic to/from the EtherApe machine ?
]
]Probably you have a switched network. Unless all traffic goes thru
the etherape machine (or you have an hub), etherape sees local
traffic.
]Etherape can "see" only the traffic physically passing on the netcard
wire. Many small network use hubs to connect computers, so every
packet is
]ysically transmitted to every netcard.
]A larger network use combinations of switches and routers, sometimes
even firewalls to connect nodes, so your network card receives only
its own traffic or
]broadcast.
]To monitor an entire network you can enable analisys/roving mode on
your switch (essentially copies all traffic to a single port). If you
have multiple switches,
]or routers, or the total bandwith exceeds the port maximum, you still
will see only part of the traffic.
]If you only want to monitor internet traffic, a better solution is to
place etherape on the (internal) internet gateway.
Essentially, yes - all the equipment I want to monitor is on a
switch. If I can copy all IP traffic going through my WAN port to a
spare ethernet port on my router (note the idea is to copy it so as
not to disrupt the traffic). Essentially bridge the traffic from the
WAN port to the spare ethernet nic.
> > Hey there - I have a Cisco 7206 running IOS 12.1, and I'm wondering if
> > there's a way to forward copies of all packets that pass thru the
> > router (or at least, through a specific interface) to another ethernet
> > interface on the router for use in network monitoring; I've got a
> > network analysis box that needs to see all the traffic in order to
> > analyze it.
>
> The obvious solution would be to span the switch port the router
> interface you want to monitor is connected to.
>
>
>
> > I've ready online that it looks like I can do this, but I haven't been
> > able to figure out the concepts and the commands needed to do it. Can
> > anyone point me in the right direction?
>
> Forward us (the internet community) a few of the links that you think
> talks about what you want to do - This may help us better identify
> your solution.
>
> JC
| 
Yahoo! 
Google 
Windows Live 
del.icio.us 
digg 
Netscape 
XML site map