IT Employment

General discussion


Network Traffic Analyser

By bassjace ·
Would anyone be able to suggest a good, pref free network analyser or packet sniffer for a network. We are about to implement a F5 Network Load balancer and I would like to take an in depth look at network traffic. I have toyed with a couple but they seem to be limited to traffic that is only coming or going to the single PC's nic. I would like to see all traffic on our subnet.

This conversation is currently closed to new comments.

Thread display: Collapse - | Expand +

All Comments

Collapse -

Port Mirroring to see other activity

by justin In reply to Network Traffic Analyser

You may be able to use the same software you've been using but you will need to configure port mirroring on your switch.

Port mirroring will allow you to mirror all traffic that is hitting any single NIC on your network and send it to the PC of your choice.

So if you have a server connected to port 48 of your switch, and you have a PC connected to port 1, you can configure port mirroring such that port 48 is the source port and port 1 is the destination port.

Setup the packet sniffer or network analyzer on the machine plugged into port 1 of the switch, and start capturing packets.

The machine in port 1 will lose network connectivity once it's configured for port mirorring. It will receive a copy of all traffic sent to or from port 48.

port 48 is not affected by this.

Keep another station handy with access to the switch so you can disable the port mirroring when you are done because your machine on that port will be unable to access the switch as the NIC is only able to receive mirrored traffic.

Collapse -

Yep, you can't analyze something that isn't there...

by robo_dev In reply to Port Mirroring to see oth ...

A low-tech way to do this is to put a simple hub between the devices, or an ethernet tap device.

But you typically have to port-mirror something to get the traffic to the analyzer.

Related Discussions

Related Forums