Skip to content
View in the app

A better way to browse. Learn more.
Gear Crushers

A full-screen app on your home screen with push notifications, badges and more.

To install this app on iOS and iPadOS
  1. Tap the Share icon in Safari
  2. Scroll the menu and tap Add to Home Screen.
  3. Tap Add in the top-right corner.
To install this app on Android
  1. Tap the 3-dot menu (⋮) in the top-right corner of the browser.
  2. Tap Add to Home screen or Install app.
  3. Confirm by tapping Install.

Monitor Switchport (Packet Capturing)

wildweaselmi
in Cisco

Featured Replies

To span a port you need to use the monitor session commands



EXAMPLE:


ISSUE#1 RPC errors on some users


ISSUE#2 East Coast having issues connecting in the early morning



STEP 1 (PERFORMED BY NETWORK ADMIN)


Have network engineer identify what ports in the switch the four devices are plugged into


10.10.10.1 (CSS) example Gi3/37


10.10.10.12 (plgmr1a1) example Gi7/28


10.10.10.13 (plgmr1a1) example Gi7/29


10.10.10.14 (plgmr1a2) example Gi7/43


10.10.10.15 (plgmr1a2) example Gi7/44


10.10.10.16 (plgmr1a3) example Gi7/46


10.10.10.17 (plgmr1a3) example Gi7/48



STEP 2 (PERFORMED BY NETWORK ADMIN)


Have the private network (10.10.10.xx) from the CSS to the servers spanned to a port for monitoring (below example is using the above sample ports and is assuming the sniffer expert is plugging there laptop into port gi4/1)


(config)#monitor session 1 source int Gi3/37 , Gi7/28 - 29 , Gi7/43 - 44 , Gi7/46 , Gi7/48 both


(config)#monitor session 1 dest int Gi4/1



STEP 3 (PERFORMED BY SNIFFER EXPERT)


** If STEP 2 is not performed then create the following capture RULE, otherwise skip to STEP 4


10.10.10.1 <--> 10.10.10.12


10.10.10.1 <--> 10.10.10.13


10.10.10.1 <--> 10.10.10.14


10.10.10.1 <--> 10.10.10.15


10.10.10.1 <--> 10.10.10.16


10.10.10.1 <--> 10.10.10.17



STEP 4 (PERFORMED BY SNIFFER EXPERT)


Add to the capture rule:


TCP communication for all traffic over port 39999



STEP 5 (PERFORMED BY SNIFFER EXPERT)


Customize the Sniffer Capture files settings:


Find out how much space is available on your hard drive (example: 1GB)


Setup sniffer captures files to a size of 10MB


Setup maximum files 10/1000 = 100 files


Setup overight oldest file when full



STEP 6 (PERFORMED BY SNIFFER EXPERT)


Establish contact with requester for start time, stop time and destination for capture logs



STEP 7 (PERFORMED BY APPLICATION TECH.)


Notify a contact at all Debt Manager Branches that they need to notify you when:


1.) Logon issues occur in the morning


2.) RPC errors happen


Once contacted by customer, capture


1.) When did incident occur


2.) what is the ip address of machine with issue


3.) Is it issue #1(RPC errors) or issue #2(logon issues)


Notify Sniffer expert to


1.) Stop captures


2.) Copy existing data to predetermined destination for time frame under folder labeled DMRPC or DMLOGON


3.) Resume capturing data



STEP 8 (PEFORMED BY APPLICATION TECH.)


Send captured data (once completely uploaded) to necessary technicians with user information (IP address and when the issue occurred and what issue was captured)


Create an account or sign in to comment
Go to topic listing

Important Information

By using this site, you agree to our Terms of Use.

I accept

Account

Navigation

Search

Search

Configure browser push notifications
Chrome (Android)
  1. Tap the lock icon next to the address bar.
  2. Tap Permissions → Notifications.
  3. Adjust your preference.
Chrome (Desktop)
  1. Click the padlock icon in the address bar.
  2. Select Site settings.
  3. Find Notifications and adjust your preference.