Ethereal-users: RE: [Ethereal-users] VLan Tagging
Note: This archive is from the project's previous web site, ethereal.com. This list is no longer active.
From: Petr Vácha <vacha@xxxxxxxxxxx>
Date: Tue, 2 Aug 2005 11:48:49 +0200
Or easier with commands (if supported by your machine, I have Cat 2950) monitor session 1 source interface xyz monitor session 1 destination interface Fa5/48 encapsulation dot1q without need to reconfigure port 5/48 if you want to generate traffic from the machine you are sniffing on (to e.g. sniff your own traffic), use the following instead: monitor session 1 destination interface Fa5/48 encapsulation dot1q ingress vlan xyz Petr Vacha > -----Original Message----- > From: ethereal-users-bounces@xxxxxxxxxxxx > [mailto:ethereal-users-bounces@xxxxxxxxxxxx] On Behalf Of > Lars Scheffmann > Sent: Wednesday, July 27, 2005 1:11 PM > To: Ethereal user support > Subject: Re: [Ethereal-users] VLan Tagging > > On Tue, 26 Jul 2005 15:54, Travis L. Riesenberg wrote: > > TLR >I am using a TrendNet 10/100/1000Mbps NIC card that > supports 802.1q in > TLR >my laptop. I am using Ethereal version Version 0.10.11 > (C) 1998-2005 > TLR >Gerald Combs <gerald@xxxxxxxxxxxx> > . > TLR >I am trying to get an ip phone up that is in Italy. I > can see packets > TLR >coming from the phone from italy. However I need to look > at the 802.1q/p > TLR >bits that are inserted into the MAC frame to make sure > they are being > TLR >tagged. I can't seem to see the 802.1q field on any of > the packets. I am > TLR >using Cisco trunking on ports going to the router and IP > Phones using > TLR >dot1q encapsulation. I am also using SPAN to port mirror > the trunk to > TLR >see the traffic. I can see all the traffic but that I > can't see the VLAN > TLR >information or the COS bits. Can you please help me? > > Normally the ports on the switch are set to access mode, and > therefore the > VLAN tag is stripped off. > Set the port, you span to, to trunk mode. > > My present NIC doesn't supports 802.1q, so I use these commands on our > Cat 6000, when I want to monitor: > -------------------- > conf t > monitor session 1 source interface xyz > monitor session 1 destination interface Fa5/48 > > interface Fa5/48 > no switchport mode access > no switchport access vlan 823 > switchport trunk encapsulation dot1q > switchport mode trunk > end > sh monitor detail > -------------------- > > > > And back to normal: > -------------------- > conf t > no monitor session all > > interface Fa5/48 > no switchport mode trunk > no switchport trunk encapsulation dot1q > switchport access vlan 823 > switchport mode access > end > > sh monitor detail > -------------------- > > > > > > Best regards > > Security co-ordinator > Lars Scheffmann, E-Mail: > scheffmann@xxxxxxxxxxxxxxxxx > Syddansk Universitet, IT-service Direct: +45 6550 2867 > Campusvej 55, DK-5230 Odense M Mobile: +45 6011 2867 > Denmark Fax: +45 6550 2860 > > _______________________________________________ > Ethereal-users mailing list > Ethereal-users@xxxxxxxxxxxx > http://www.ethereal.com/mailman/listinfo/ethereal-users >
- Prev by Date: Re: [Ethereal-users] Kernal Buffer In Capture Options
- Next by Date: [Ethereal-users] how to find large ethreal dumps
- Previous by thread: Re: [Ethereal-users] Kernal Buffer In Capture Options
- Next by thread: [Ethereal-users] how to find large ethreal dumps
- Index(es):