Sniffer / Packet trace on Nexus7000 or Nexus7k

Cisco Config/Code

  1. Setup acl with log entries to punt traffic to control plain.
    • !
      no ip access-list aclSniffLocal
      ip access-list aclSniffLocal
      statistics per-entry
      ! with out log, exclude from logging.
      permit udp 10.10.0.31/32   10.11.1.0/24
      !
      permit tcp 10.10.0.0/16   10.11.1.0/24  log
      ! finally allow all traffic, we don't want to block any traffic.
      permit ip any any 
      !
  2. Add acl to interface/vlan
    • interface vlan 10
      ip access-group aclSniffLocal in
      ip access-group aclSniffLocal out
  3. Protect Nexus incase we make a mistake and log to-many packets/second.
    • hardware rate-limiter access-list-log 250
  4. Run the capture, and dump packets to screen and into a file.
    • ethanalyzer local interface inband capture-filter "net 10.1.1.0/24" limit-captured-frames 200 write bootflash:sniff-20140210-ecnVoip

...


CategoryCisco

vigor: Nexus/SniffPacketTrace (last edited 2015-01-09 05:50:44 by PieterSmit)