Hello Everyone,
We have an issue we are trying to track down with a IPv6 BGP peer. The
session resets randomly sometimes 4-5 times a day and sometimes doesn't
reset for several days. We are trying to run a monitor session to mirror
the traffic of the port to another port for the purposes of capturing it
with TCPDUMP.
The problem we are running into is that it seems that it is not mirroring
the egress BGP traffic on the port. Additionally, it would seem that we are
not able to see two way traffic. If we specify ingress ACL, we see the BGP
traffic. If we specify ingress and egress ACLs, we get no traffic. If we
specify egress we see no BGP traffic. Below is what we are using to mirror
this traffic. Is there something that is being done wrong or is this
something that does not mirror both directions at the same time? Not sure
why if we set to only do egress, it does not see BGP traffic. We tested
this by setting the ACL to capture all IPv6 traffic and there was no BGP
traffic.
Best regards,
Lee
monitor-session TEST ethernet
destination interface TenGigE0/0/1/1
ipv6 access-list span
10 permit ipv6 host 2001:xxx:xxxx::212 host 2001:xxx:xxxx::213 capture
15 permit ipv6 host 2001:xxx:xxxx::213 host 2001:xxx:xxxx::212 capture
20 permit ipv6 any any
interface TenGigE0/0/1/0
description COX 10G Circuit ID:
ipv4 address X.X.X.X
ipv6 address 2001:xxx:xxxx::213/127
monitor-session TEST ethernet
acl
!
load-interval 30
flow ipv4 monitor NFAmonitor sampler NFAsampler ingress
flow ipv4 monitor NFAmonitor sampler NFAsampler egress
flow ipv6 monitor NFAmonitorIPv6 sampler NFAsampler ingress
flow ipv6 monitor NFAmonitorIPv6 sampler NFAsampler egress
ipv6 access-group span ingress
ipv6 access-group span egress
!
_______________________________________________
cisco-nsp mailing list cisco-nsp@puck.nether.net
https://puck.nether.net/mailman/listinfo/cisco-nsp
archive at http://puck.nether.net/pipermail/cisco-nsp/
We have an issue we are trying to track down with a IPv6 BGP peer. The
session resets randomly sometimes 4-5 times a day and sometimes doesn't
reset for several days. We are trying to run a monitor session to mirror
the traffic of the port to another port for the purposes of capturing it
with TCPDUMP.
The problem we are running into is that it seems that it is not mirroring
the egress BGP traffic on the port. Additionally, it would seem that we are
not able to see two way traffic. If we specify ingress ACL, we see the BGP
traffic. If we specify ingress and egress ACLs, we get no traffic. If we
specify egress we see no BGP traffic. Below is what we are using to mirror
this traffic. Is there something that is being done wrong or is this
something that does not mirror both directions at the same time? Not sure
why if we set to only do egress, it does not see BGP traffic. We tested
this by setting the ACL to capture all IPv6 traffic and there was no BGP
traffic.
Best regards,
Lee
monitor-session TEST ethernet
destination interface TenGigE0/0/1/1
ipv6 access-list span
10 permit ipv6 host 2001:xxx:xxxx::212 host 2001:xxx:xxxx::213 capture
15 permit ipv6 host 2001:xxx:xxxx::213 host 2001:xxx:xxxx::212 capture
20 permit ipv6 any any
interface TenGigE0/0/1/0
description COX 10G Circuit ID:
ipv4 address X.X.X.X
ipv6 address 2001:xxx:xxxx::213/127
monitor-session TEST ethernet
acl
!
load-interval 30
flow ipv4 monitor NFAmonitor sampler NFAsampler ingress
flow ipv4 monitor NFAmonitor sampler NFAsampler egress
flow ipv6 monitor NFAmonitorIPv6 sampler NFAsampler ingress
flow ipv6 monitor NFAmonitorIPv6 sampler NFAsampler egress
ipv6 access-group span ingress
ipv6 access-group span egress
!
_______________________________________________
cisco-nsp mailing list cisco-nsp@puck.nether.net
https://puck.nether.net/mailman/listinfo/cisco-nsp
archive at http://puck.nether.net/pipermail/cisco-nsp/