Wireshark On Vss - Cisco Catalyst 4500 Series Software Configuration Manual
Cisco ios xe release 3.9.xe and cisco ios release 15.2(5)ex
Hide thumbs
Also See for Catalyst 4500 Series:
- Administration manual (1814 pages) ,
- Configuration manual (1610 pages) ,
- Command reference manual (1230 pages)
Table of Contents
Advertisement
Chapter 68
Configuring Wireshark
•
•
Wireshark on VSS
Wireshark is supported on the VSS, and usage differs slightly from the Standalone switch. Depending
on whether the attachment points are in the VSS active switch, the VSS standby switch, or both, you
need to take specific actions.
You need to create and delete capture points separately in the VSS active and VSS standby switches.
Although you also need to start and stop capture operations separately in these switches, you can issue
the same set of attachment points for a capture session in both switches. The individual switches ignore
attachments points that are not local to the switch.
In the VSS active switch, the operation is identical to that of the standalone switch. In the VSS standby,
hardware copies the relevant packets and sends them to the CPU where they are packets are
software-tunneled to the VSS active switch via the VSL link. In the VSS active switch, these packets are
sent to software as if the packets came from local hardware. Packets from the local switch and those from
the standby switch are processed by the Wireshark session in the VSS active switch while the VSS
standby switch copies the relevant packets and passes them to the VSS active switch. The Wireshark
session in the VSS standby is otherwise unused and no packets are delivered.
If the attachment points are only in the VSS active switch, then the operations are similar to those on the
Standalone switch. If the attachment points are either only in VSS standby switch or in both the switches,
then you must start and stop the session both in VSS active switch and in VSS standby switch.
Note
Your Wireshark session in VSS standby only helps in packet capture and does not participate otherwise.
Do not start the Wireshark session on the VSS standby with the display and any related parameters.
How to Configure Wireshark
To configure Wireshark, follow these general steps:
Default Wireshark Configuration
Table 68-1
Table 68-1
Feature
Duration
Packets
Packet-length
Classification copy features—Features that generate copies of packets from the role-based and
Security lookup types are compatible with Wireshark. Multiple copies of these packets are
generated.
SPAN—Wireshark cannot capture packets on interface configured as a SPAN source or destination.
Define, modify or delete a capture point.
Step 1
Activate or deactivate a capture point.
Step 2
shows the default Wireshark configuration.
Default Wireshark Configuration
Catalyst 4500 Series Switch, Cisco IOS Software Configuration Guide - Cisco IOS XE 3.9.xE and IOS 15.2(5)Ex
Default Setting
No limit
No limit
No limit (full packet)
How to Configure Wireshark
68-11
Advertisement
Chapters
Table of Contents
Troubleshooting
