|
Posted by glen herrmannsfeldt on October 5, 2007, 4:56 am
If you were Registered and logged in, you could reply and use other advanced thread options
Will wrote:
(snip)
> Occasionally when I run a sniffer on port C, I'll see traffic that is going
> from A to B. It is usually UDP traffic, and I'll see the return packets as
> well. I've examined the Mac addresses, and it's clear that the source
> and destination Mac and IP do not belong to the computer that is sniffing
> the network on C. There is nothing configured in the switch to allow that
> traffic to be seen on port C.
> This is happening maybe for two packets every two hours, and it seems fairly
> random behavior that targets just a few packets rather than entire TCP
> conversations. Should I be passing this off as just bad firmware in a low
> quality ethernet switch (in this case it is a Netgear gigabit switch)? Or
> is such an event a statistically rare but normal occurrence on many ethernet
> switches?
It sounds like it times out the addresses after a while, and then
forwards one to all ports as it relearns the address.
That sounds reasonable to me.
-- glen
| 
Yahoo! 
Google 
Windows Live 
del.icio.us 
digg 
Netscape 
XML site map