Andrew wrote:
We have several Baystack 450 T24 switches and I cannot see the TCP
traffic on a subnet because (I am assuming this) of the way these
switches process traffic. What are my options with ethereal to
capture TCP packets on these switches?
http://www.ethereal.com/faq.html#q5.2
which refers you to
http://www.ethereal.com/faq.html#q5.1
which discusses this issue in general, and gives information about
*some* switches - the ones where we've found information about doing
"port mirroring" or whatever the particular switch vendor calls it,
wherein a port is set up as a "mirror port", and all traffic going
through the switch is sent to that port so that you can plug a machine
running a network analyzer such as Ethereal into that port.
(We found at least some of that information for the switches in question
by looking at the information sellers of some commerical network
analyzer software have for the same problem - this is *NOT* a problem
unique to Ethereal.)
Unfortunately, we have no information on the Bay^H^H^HNortel Networks
switches, so you'd have to check the documentation for the switch to see
if there's a way to do "spanning" or "port mirroring" or whatever they
call it. If you find that information, please supply it to us so that
we can add it to the FAQ.
