How to perform a TCPDump on NPM8600 span ports with IPv4 addresses filtersN/A
Customers using NPM 86x0 would like to perform tcpdump on the physical interface using a mirror port. Due to the NPM6 architecture and the use of VLAN stacking we are unable to use properly the TCPDUMP filters.
The NPM 6 is using VLAN stacking to identify the Physical port at the EZChip level and the inner VLA tag corresponds to the VLAN tag received from the ethernet wire.
At that point, TCPDump software provided onto the NPM does not let the user the ability to setup regular libpcap filters to match on the host or protocol portion.
The solution is:
1) Telnet to the npm you want to monitor ports
2) Set the monitoring parameters
./cbsif smcfg xxx 21 8100
xxx represent the bitmask decimal conversion of the physical port
11 10 9 8 7 6 5 4 3 2 1
x x x x x x x x x x x