[73061] in North American Network Operators' Group
Re: Legal intercept - 3550
daemon@ATHENA.MIT.EDU (Ricardo \"Rick\" Gonzalez)
Wed Aug 11 10:48:43 2004
Date: Wed, 11 Aug 2004 10:48:06 -0400
From: "Ricardo \"Rick\" Gonzalez" <rico.gonzalez@gmail.com>
To: Stefan Baltus <stefan.baltus@xbn.nl>
Cc: nanog@merit.edu
In-Reply-To: <20040811143724.GA25297@xbn.nl>
Errors-To: owner-nanog-outgoing@merit.edu
Stefan,
I think you're confusing your OSI layers here, routers route and
switches switch.
If you're spanning 300 megabits per second, what you'll need is a
gigabit card for the span port on the 3550 (or directly connected to
the passive tap you've installed).
---Rico
On Wed, 11 Aug 2004 16:37:24 +0200, Stefan Baltus <stefan.baltus@xbn.nl> wrote:
>
> Hi,
>
> We have a situation where we need to intercept certain IP traffic
> that is somewhere within a link of 300Mbit/s of traffic (GigabitEthernet).
> The setup that we built is as follows:
>
> router
> ^
> | GE
> |
> fiber tap -------> cisco catalyst 3550
> |
> | GE
> v
> switch
>
> The catalyst 3350 is receiving the traffic from router to switch
> and vice versa. Now, we'd like to filter all but certain IP's on the
> 3350 and switch this traffic to a FE port on that same 3550. Currently
> we've put the FE interface in SPAN mode, but that fills up the
> FE port completely (obviously). Is there any way to accomplish this?
>
> Regards,
>
> Stefan
>
> --
> Stefan Baltus <stefan.baltus@xbn.nl> XB Networks B.V.
> Manager Engineering Televisieweg 2
> telefoon: +31 36 5462400 1322 AC Almere
> fax: +31 36 5462424 The Netherlands
>
