tcpdump mailing list archives
Re: sniffing HTTP traffic to load-balancer on a dedicated machine
From: Guy Harris <guy () alum mit edu>
Date: Mon, 1 Nov 2010 23:44:12 -0700
On Nov 1, 2010, at 8:57 PM, Andrej van der Zee wrote:
Hi, I am looking for a solution that sniffs all HTTP traffic to the load-balancer in a multi-tier web application, but WITHOUT starting tcpdump on the load-balancer itself.
Does the load balancer support some form of "mirror port"?
If so, you might be able to capture on that (although that port would have to support the *total* aggregate traffic
through the load balancer...).
If not, is there only one network feeding into the load balancer?
If so, can you capture on that network with, for example, some sort of tap?
If not, you presumably can't do this with a single tap, as you'd either have to tap on all the networks going
*into* the load balancer or *out of* the load balancer. You might try running multiple captures and merging them.-
This is the tcpdump-workers list.
Visit https://cod.sandelman.ca/ to unsubscribe.
Current thread:
- sniffing HTTP traffic to load-balancer on a dedicated machine Andrej van der Zee (Nov 01)
- Re: sniffing HTTP traffic to load-balancer on a Jim Lloyd (Nov 01)
- Re: sniffing HTTP traffic to load-balancer on a Guy Harris (Nov 01)
- Re: sniffing HTTP traffic to load-balancer on a dedicated machine Guy Harris (Nov 01)
- Re: sniffing HTTP traffic to load-balancer on a Andrej van der Zee (Nov 02)
- Re: sniffing HTTP traffic to load-balancer on a Guy Harris (Nov 02)
- Re: sniffing HTTP traffic to load-balancer on a Andrej van der Zee (Nov 02)
- Re: sniffing HTTP traffic to load-balancer on a Andrej van der Zee (Nov 02)
- Re: sniffing HTTP traffic to load-balancer on a Jim Lloyd (Nov 01)