Wireshark
the world's foremost network protocol analyzer
Wireshark-users: [Wireshark-users] Decoding packets from a Cisco's "ip traffic-export" flow
From: Frank Bulk <fbulk@xxxxxxxxxxxxxxxxxxx>
Date: Fri, 29 Feb 2008 22:30:41 -0600
I must be missing something obvious, so hopefully there's an easy answer. I'm testing Cisco's "ip traffic-export" (http://tinyurl.com/3yalw4) feature on a spare 7206VXR. I've configured the "ip traffic export profile" to monitor a PPPoE client on a WinXP laptop which is terminated onto one of the router's Ethernet interface and am exporting the traffic out the router's other Ethernet interface to my workstation equipped with Wireshark. I've applied the profile to the Virtual-Template. To keep my tests simple, I'm just sending a ping from the laptop the router. The packets are showing up in Wireshark my workstation, but the packets aren't decoding to show that they are a ping. I see the payload of the ping in the data section, but it's like the "ip traffic export" feature added another header. But the documentation says, "The unaltered IP packets are exported on a single LAN or VLAN interface, thereby, easing deployment of protocol analyzers and monitoring devices." Does anyone have experience with this Cisco feature and explain to me if I'm doing something wrong, or if I need to somehow create a filter that take this into account? Regards, Frank
- Prev by Date: Re: [Wireshark-users] i need Help with jitter, packet loss, packet drops (i'm new)
- Next by Date: [Wireshark-users] Decoding packets from a Cisco's "ip traffic-export" flow
- Previous by thread: Re: [Wireshark-users] i need Help with jitter, packet loss, packet drops (i'm new)
- Next by thread: [Wireshark-users] Decoding packets from a Cisco's "ip traffic-export" flow
- Index(es):