Setting PacketShaper in watch mode in a VLAN segment

book

Article ID: 166893

calendar_today

Updated On:

Products

PacketShaper

Issue/Introduction

In watch mode, one of the ports on PacketShaper is connected to a switch or hub so that it can see all the traffic that goes through the link. Since the unit is not in-line, it cannot do shaping--only monitoring and reporting.

Are there any special configuration issues when performing watch mode in a VLAN environment where we cannot connect to the main link?

See also How do I set PacketShaper/PacketSeeker in watch mode?

Resolution

In certain configurations, you can use the SwitchProbe Analyzer Port (SPAN) feature on Cisco switches to direct traffic to a PacketShaper port. When configuring the SPAN port on the Cisco switch, you should also configure that port to be on the same VLAN as the traffic's default router port in order for PacketShaper to resolve the router's IP address.

If PacketShaper is not able to get the MAC address of the site router, it will not classify the traffic. PacketShaper's site router settings on the setup page must be set to the router's IP address. From PacketShaper's command line (CLI), shaping must be set to watch mode using the setup shaping watch command.

Note: In order for the watch mode to work, PacketShaper MUST be able to access the site router (to resolve ARP requests). Cisco also provides an option to allow incoming packets on the SPAN port which may help in case of problems resolving the router address.

From Cisco documentation: set span {_mod/src_ports|src_vlan} dest_mod/dest_port [rx|tx|both] [inpkts {enable|disable}]