Re: [CentOS] What about port mirroring? (Was: Switch to measure traffic at IP level)

23 Oct 2009


      Neil Aggarwal wrote:
...
Hello everyone:
I was just reading an ntop guide and it mentioned
many switches have port mirroring.
According to what I am reading, the Cisco I am using
will copy all traffic to the mirror port.  Then,
I can monitor what is going on from there.
That seems like a good way to do this.
Are there any pitfalls with this approach?
yeah, a 1gig port can't handle all the traffic from N 1gig ports.  heck, 
ti can't even handle all the traffic from a single full duplex connection
btw, someone mentioned NTOP... I played with this and found it can 
consume a LOT of cpu calculating statistics on the fly.

2025

2024

2023

2022

2021

2020

2019

2018

2017

2016

2015

2014

2013

2012

2011

2010

2009

2008

2007

2006

2005

2004

Re: [CentOS] What about port mirroring? (Was: Switch to measure traffic at IP level)