Ameen,
We've had very good success using Brocade MLX's for this very thing
(actually, might be older XMRs, but should be same platform at this point).
Check out the transparent-hw-flooding command under a VLAN. It basically
turns off mac learning, and just floods it on the vlan's member ports.
Instead of monitoring the physical interface, monitor the vlan from a Cisco IOS
perspective on a CAT6500. This will capture all physical interfaces associated
with that vlan for mirroring/span.
HTH
Jonathan
#22744
Sent from my HTC on the Now Network from Sprint!
- Reply message -
No the issue isnt monitoring many ports at once, its having more then 1 set
of monitoring or 2 sets in the 6500 case. So I am monitoring say port
channel 1 to ports 1 2 3 4, and port channel 2 , ports 4 5 6 and 7. After
that I cannot monitor anymore ports.
On Thu, Mar 1, 2012 at 2:34 AM,
Has it been known the exact time of the incident?
I have found an article reporting that the cut occurred in the mid-day
of Saturday 25th but nothing more precise.
We would like to use such information for a BGP anomaly detection
analysis that we are carrying out in our research centre.
GAI/GNI do not return TTL values, but this should not be a problem.
If they were to return anything, it should not be a TTL, but a time()
value, after which the result may no longer be used.
One way to achieve that would be for GAI to return an opaque structure
that contained the IP and
Take a look at VACLs on the Cat side. It has a capture feature that is
effectively the same as a local SPAN, but without the 2 session limit. If
you do a lot of RSPAN though, this wouldn't be your complete answer (VACL
captures are local only). VACLs are a bit more granular in defining what's
Echoing what Terry said... we use gigamon devices for this too.
-Chris
On Mar 1, 2012 5:53 AM, Terry Baranski terry.baranski.l...@gmail.com
wrote:
On Mar 1, 2012, at 02:13 AM, apishd...@gmail.com wrote:
Hello All,
We are looking for a switch or a device that we can use for mirroring
On Feb 29, 2012, at 10:15 PM, Jimmy Hess wrote:
On Mon, Feb 27, 2012 at 10:57 PM, Matt Addison
matt.addi...@lists.evilgeni.us wrote:
gai/gni do not return TTL values on any platforms I'm aware of, the
only way to get TTL currently is to use a non standard resolver (e.g.
lwres). The issue is
A. Pishdadi apishd...@gmail.com writes:
We are looking for a switch or a device that we can use for mirroring tap
ports. For example , take a mirror port off of a core router say a 6509,
connect it to a port on said device, say port 1. I would like then to be
able to mirror port 1 on said
Hi Ameen,
Wouldn#39;t it work to have a switch aggregating your monitor sessions just
disable MAC learning? Traffic from a single input interface would be
replicated to all other ports on the vlan where learning is disabled.
I#39;ve used this with a 3750, and I haven#39;t seen any trouble
On Wed, Feb 29, 2012 at 4:02 PM, Joe Greco jgr...@ns.sol.net wrote:
In the specific case of TTL, the problem is made much worse due to the
way most client code has hidden this data from developers, so that many
developers don't even have any idea that such a thing exists.
I'm not sure
On Thu, Mar 1, 2012 at 7:20 AM, Owen DeLong o...@delong.com wrote:
The simpler approach and perfectly viable without mucking
up what is already implemented and working:
Don't keep returns from GAI/GNI around longer than it takes
to cycle through your connect() loop immediately after the
On Thu, Mar 1, 2012 at 8:25 AM, Joe Greco jgr...@ns.sol.net wrote:
If three people died and the building burned down then the sprinkler
system didn't work. It may have sprayed water, but it didn't *work*.
That's not true. If it sprayed water in the manner it was designed to,
then it worked.
Yes, the Cat 6500s are limited to a certain number of SPAN/port
monitoring sessions.
Another tool, we've switched to after using the Gigamon for many years
are taps and the Anue 5236 (10Gb) port aggregator. From this we can
split the SPAN feeds into different IDS/monitoring servers or load-share
On Thu, Mar 1, 2012 at 8:25 AM, Joe Greco jgr...@ns.sol.net wrote:
If three people died and the building burned down then the sprinkler
system didn't work. It may have sprayed water, but it didn't *work*.
That's not true. =A0If it sprayed water in the manner it was designed to,
then it
On Thu, Mar 1, 2012 at 4:11 AM, Georgios Theodoridis gt...@iti.gr wrote:
Has it been known the exact time of the incident?
I have found an article reporting that the cut occurred in the mid-day of
Saturday 25th but nothing more precise.
We would like to use such information for a BGP anomaly
On 03/01/2012 06:26 AM, William Herrin wrote:
On Thu, Mar 1, 2012 at 7:20 AM, Owen DeLongo...@delong.com wrote:
The simpler approach and perfectly viable without mucking
up what is already implemented and working:
Don't keep returns from GAI/GNI around longer than it takes
to cycle through
I believe MRV's Media Cross Connects will do this.
http://www.mrv.com/tap/physical-layer/
On Thu, Mar 1, 2012 at 1:12 AM, A. Pishdadi apishd...@gmail.com wrote:
Hello All,
We are looking for a switch or a device that we can use for mirroring tap
ports. For example , take a mirror port off
Be careful when considering the Anue products. When we evaluated both Anue and
Gigamon, we had to rule out Anue due to total lack of IPv6 support, and went
with Gigamon instead. I have not heard whether the situation has changed in
the last year. We liked both products for their
As long as we're talking about cloud networks, Akamai and Riverbed
have finally let out details on their partnership for optimizing
Cloud applications:
http://www.nojitter.com/post/232601716/rakamai-makes-the-cloud-work-better
While I'm familiar with Akamai (what they do and how they do it) I
On 03/01/2012 06:26 AM, William Herrin wrote:
On Thu, Mar 1, 2012 at 7:20 AM, Owen DeLongo...@delong.com wrote:
The simpler approach and perfectly viable without mucking
up what is already implemented and working:
Don't keep returns from GAI/GNI around longer than it takes
to cycle
How about splitting up a heavy stream (10G) into components (1G) to run through
an
inline device and reassemble the pieces back to an aggregate afterward?
TippingPoint makes a core controller box for this but it's pretty hideously
expensive.
Could do it with two 6500s but that's pretty
Gigamon has a new product offering that claims to do this (their sales
guys just met with me a few days ago and gave me a update on their
latest offerings).
It's the G-Secure-something or other.
We're using the 2404's so I don't have any experience with it.
Cheers,
Harry
On 03/01/2012 10:22
On 3/1/2012 5:54 PM, Oliver Garraux wrote:
On Thu, Mar 1, 2012 at 4:11 AM, Georgios Theodoridis gt...@iti.gr wrote:
Has it been known the exact time of the incident?
I have found an article reporting that the cut occurred in the mid-day of
Saturday 25th but nothing more precise.
We would like
In a message written on Thu, Mar 01, 2012 at 10:09:27AM -0500, Kristian
Kielhofner wrote:
Does anyone know what they actually do and how they do it? As usual
it's tough to cut through the marketing on the little detail they make
available (never a good sign).
It's been a while since I looked
On 03/01/2012 07:22 AM, Joe Greco wrote:
It's deeper than just that, though. The whole paradigm is messy, from
the point of view of someone who just wants to get stuff done. The
examples are (almost?) all fatally flawed. The code that actually gets
at least some of it right ends up being too
- Original Message -
From: Dale Shaw dale.shaw+na...@gmail.com
What about something like this?
http://www.comsol.com.au/SL-PCC-01
While they might not sell to the US, that's roughly equivalent in formfactor
to the Lantronix spider to which I posted a link...
Cheers,
-- jra
--
Jay
Hi Georgios,
.-- My secret spy satellite informs me that at 12-03-01 1:11 AM
Georgios Theodoridis wrote:
Has it been known the exact time of the incident?
I have found an article reporting that the cut occurred in the mid-day
of Saturday 25th but nothing more precise.
We would like to use
We're doing something similar - VACLs (using the redirect action) with
port-channel destinations on a span aggregation 650x. If you've got a
spare 650x chassis lying around and your configuration requirements
aren't terribly complex/dynamic, you can do monitoring with filtering
and load-balancing
Found this in one of my RSS feeds this am:
http://www.youtube.com/watch?v=GNOXSmMfcGs
Sort of explains it.
On Thu, Mar 1, 2012 at 10:09 AM, Kristian Kielhofner k...@kriskinc.com wrote:
As long as we're talking about cloud networks, Akamai and Riverbed
have finally let out details on their
On Thu, Mar 1, 2012 at 10:01 AM, Michael Thomas m...@mtcc.com wrote:
On 03/01/2012 06:26 AM, William Herrin wrote:
The even simpler approach: create an AF_NAME with a sockaddr struct
that contains a hostname instead of an IPvX address. Then let
connect() figure out the details of caching,
Thus spake Jeff Kell (jeff-k...@utc.edu) on Thu, Mar 01, 2012 at 10:22:29AM
-0500:
How about splitting up a heavy stream (10G) into components (1G) to run
through an
inline device and reassemble the pieces back to an aggregate afterward?
Sounds like a perfect job for a commodity switch that
Hi, I'm seeing quite a lot of queries for a.root-servers.net IN A in the
logs of my caching servers. They seem to be coming from home normal DSL
customers (IPs who would be expected to be using the name servers) with
each sending one query every 2 seconds.
They all together represents more than de
On Feb 29, 2012, at 11:17 17AM, Marshall Eubanks wrote:
On Wed, Feb 29, 2012 at 10:08 AM, Justin M. Streiner
strei...@cluebyfour.org wrote:
On Wed, 29 Feb 2012, Rodrick Brown wrote:
There's about 1/2 a dozen or so known private and government research
facilities on Antarctica and I'm
On 03/01/2012 08:57 AM, David Conrad wrote:
Moving it across the kernel boundary solves nothing
Actually, it does. Right now, applications effectively cache the address in
their data space, requiring the application developer to go to quite a bit of
work to deal with the address changing
On 03/01/2012 08:58 AM, William Herrin wrote:
On Thu, Mar 1, 2012 at 10:01 AM, Michael Thomasm...@mtcc.com wrote:
On 03/01/2012 06:26 AM, William Herrin wrote:
The even simpler approach: create an AF_NAME with a sockaddr struct
that contains a hostname instead of an IPvX address. Then let
On Thu, Mar 1, 2012 at 1:32 PM, Michael Thomas m...@mtcc.com wrote:
On 03/01/2012 08:58 AM, William Herrin wrote:
libc != kernel. I want to move the action into the standard libraries
where [resolve and connect] can be done once and done well.
A little kernel action on top
to parallelize
It's deeper than just that, though. The whole paradigm is messy, from
the point of view of someone who just wants to get stuff done. The
examples are (almost?) all fatally flawed. The code that actually gets
at least some of it right ends up being too complex and too hard for
people to
On Thu, Mar 1, 2012 at 4:07 PM, Owen DeLong o...@delong.com wrote:
I think that the modern set of getaddrinfo and connect is actually not that
complicated:
Owen,
If took you 50 lines of code to do
'socket=connect(www.google.com,80,TCP);' and you still managed to
produce a version which, due
In message CAP-guGXLpzai4LrxyJcNn06yQ1jAEu4QeRpVzGRah=+ogly...@mail.gmail.com
, William Herrin writes:
On Thu, Mar 1, 2012 at 4:07 PM, Owen DeLong o...@delong.com wrote:
I think that the modern set of getaddrinfo and connect is actually not th=
at complicated:
Owen,
If took you 50 lines
William,
I could have done it in a lot less lines of code, but, it would have been much
less readable.
Not blocking on the connect() call is a little more complex, but, not terribly
so. It does, however, again, make the code quite a bit less readable.
There are libraries available that
On Thu, Mar 1, 2012 at 5:37 PM, Owen DeLong o...@delong.com wrote:
You don't have to reinvent what I've done. Neither does every
or any other application programmer.
You are welcome to use any of the many connection
abstraction libraries that are available in open source.
I suggest you make a
On Thu, Mar 01, 2012 at 05:57:11PM -0500, William Herrin wrote:
Which is what everybody basically does. And when it works during the
decidedly non-rigorous testing, they move on to the next problem...
with code that doesn't perform well in the corner cases. Such as when
a host has just been
On Thu, Mar 1, 2012 at 4:11 AM, Georgios Theodoridis gt...@iti.gr wrote:
Has it been known the exact time of the incident?
I have found an article reporting that the cut occurred in the mid-day of
Saturday 25th but nothing more precise.
We would like to use such information for a BGP anomaly
Randy Carpenter wrote:
Does anyone have any recommendation for a reliable cloud host?
Basic requirements:
1. Full redundancy with instant failover to other hypervisor hosts upon
hardware failure (I thought this was a given!)
Assuming a simple set up as you suggest. If what you want to do
On Mar 1, 2012, at 2:57 PM, William Herrin wrote:
On Thu, Mar 1, 2012 at 5:37 PM, Owen DeLong o...@delong.com wrote:
You don't have to reinvent what I've done. Neither does every
or any other application programmer.
You are welcome to use any of the many connection
abstraction libraries
On Thu, Mar 1, 2012 at 8:02 PM, Owen DeLong o...@delong.com wrote:
There's no need to
break the current functionality of the underlying system calls and
libc functions which would be needed by any such library anyway.
Owen,
Point to one sentence written by anybody in this entire thread in
On Mar 1, 2012, at 5:15 PM, William Herrin wrote:
On Thu, Mar 1, 2012 at 8:02 PM, Owen DeLong o...@delong.com wrote:
There's no need to
break the current functionality of the underlying system calls and
libc functions which would be needed by any such library anyway.
Owen,
Point to one
On Mar 1, 2012, at 17:10, William Herrin b...@herrin.us wrote:
If took you 50 lines of code to do
'socket=connect(www.google.com,80,TCP);' and you still managed to
produce a version which, due to the timeout on dead addresses, is
worthless for any kind of interactive program like a web
On Thu, Mar 1, 2012 at 8:47 PM, Owen DeLong o...@delong.com wrote:
On Mar 1, 2012, at 5:15 PM, William Herrin wrote:
On Thu, Mar 1, 2012 at 8:02 PM, Owen DeLong o...@delong.com wrote:
There's no need to
break the current functionality of the underlying system calls and
libc functions which
On Mar 1, 2012, at 9:34 PM, William Herrin wrote:
On Thu, Mar 1, 2012 at 8:47 PM, Owen DeLong o...@delong.com wrote:
On Mar 1, 2012, at 5:15 PM, William Herrin wrote:
On Thu, Mar 1, 2012 at 8:02 PM, Owen DeLong o...@delong.com wrote:
There's no need to
break the current functionality of the
I would like to deeply thank you all for your prompt response as well as
for your generous contribution and the most interesting information that
you shared.
Of course any further insight is still more than welcome.
Best regards,
George
On 03/02/2012 01:22 AM, Jim Cowie wrote:
On Thu, Mar
53 matches
Mail list logo
