Advanced
Mailing List Archive

Mailing List Archive

  1. Home >
  2. nsp>
  3. juniper
MAC logging in filter.
david.martinez at rediris
Oct 31, 2003, 6:16 AM
Post #1 of 2 (506 views)
Permalink
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Hello all.

Is it possible to log MAC address in a Gigabit Ethernet filter? We're
receiving a lot of unwanted traffic through a GigaSwitch, and I haven't found
any statement for logging MAC addresses.

Thanks in advance,


Ender.
- --
So much to do, so little time...
-- Joker (Batman)
- --
Servicios de red - Network services
Centro de Comunicaciones CSIC/RedIRIS
Spanish Academic Network for Research and Development
Madrid (Spain)
Tlf (+34) 91.585.49.05
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.3 (GNU/Linux)

iD4DBQE/okRqWs/EhA1iABsRAixFAKCAYTypIzgdKeSGE/QHPFjpmVFPaACYhvMa
D0O+DvR2djfpo64NQT+5oQ==
=95vH
-----END PGP SIGNATURE-----
MAC logging in filter. [ In reply to ]
jesper at skriver
Oct 31, 2003, 6:37 AM
Post #2 of 2 (496 views)
Permalink
On Fri, Oct 31, 2003 at 01:15:54PM +0200, David Martinez CSIC RedIRIS wrote:
> -----BEGIN PGP SIGNED MESSAGE-----
> Hash: SHA1
>
> Hello all.
>
> Is it possible to log MAC address in a Gigabit Ethernet filter? We're
> receiving a lot of unwanted traffic through a GigaSwitch, and I haven't found
> any statement for logging MAC addresses.

Unless you have a Q-PIC, you cannot, as the L2 header is stripped off
before the IP2 processor see the packet.

If you have a Q-PIC, I believe you can do something similar to Cisco's
MAC accouting, but only for the MAC addresses you specify, so you'd need
to look at the L2 forwarding table in the switch, to see the active MAC
addresses in your L2 domain.

/Jesper

--
Jesper Skriver, jesper(at)skriver(dot)dk - CCIE #5456

One Unix to rule them all, One Resolver to find them,
One IP to bring them all and in the zone to bind them.

©2024 GT.net. A Gossamer Threads company.
5th Floor, 455 Granville St., Vancouver, BC V6C 1T1, Canada | Legal