[c-nsp] debugging all incoming traffic on an interface

Jason Lixfeld jason at lixfeld.ca
Mon Sep 22 19:23:11 EDT 2008


Hi James,

It's bridged, so no.

Regardless, an ACL works fine on the ATM subinterface, except the  
traffic isn't anything that is matched by an access-list, from what I  
can see based on what I've tried so far.

In retrospect, I should have clarified that better initially.  Sorry  
for the confusion.

On 22-Sep-08, at 7:17 PM, James Baker wrote:

> Do you have a Dialer interface defined and attached to the ATM
> interfaces?
>
> If you do, try the ACL on that.
>
> -----Original Message-----
> From: cisco-nsp-bounces at puck.nether.net
> [mailto:cisco-nsp-bounces at puck.nether.net] On Behalf Of Jason Lixfeld
> Sent: Tuesday, 23 September 2008 10:52 a.m.
> To: cisco-nsp at puck.nether.net
> Subject: [c-nsp] debugging all incoming traffic on an interface
>
> I'm trying to give a local ILEC an idea on where to look to  
> troubleshoot
> an issue on a bridged DSL circuit.  It terminates directly onto a
> WIC-1ADSL interface in a 2651 on the one side and a VLAN on the other
> side.  Can't pass traffic over it, but the inbound packet counters are
> incrementing on the 2651 side, however I have no idea what kind of
> traffic is actually hitting the interface, nor do I know what the  
> source
> or destination of the traffic is.
>
> My question in all of this is what's the best way to see all the  
> traffic
> coming into this interface?  Attaching a access-list 100 permit ip any
> any log-input to the interface and/or subinterface via ip access-group
> didn't show anything - the interface counters incremented while the
> access-list counter didn't.  I can't debug the ATM (sub)interface, nor
> can I configure a SPAN port on an ATM (sub)interface.
>
> Anyone know how I might go about this?  I suppose in a worst case
> scenario, I could hook up a DSL modem to the line and plug that into a
> wireshark box, but I'm hoping there's a more localized solution.
>
> Thanks in advance.
> ----------
>
> The information contained in this e-mail and any attachments is  
> confidential
> and is intended for the attention and use of the named addressee(s)  
> only.
> Any views expressed in this message are those of the individual  
> sender and
> may not necessarily reflect the views of Chelmer Limited.
>
> #####################################################################################
> This e-mail message has been scanned for Viruses and Content and  
> cleared
> by NetIQ MailMarshal
> #####################################################################################



More information about the cisco-nsp mailing list