tcpdump mailing list archives
Re: sniffing HTTP traffic to load-balancer on a
From: Guy Harris <guy () alum mit edu>
Date: Tue, 2 Nov 2010 00:15:54 -0700
On Nov 2, 2010, at 12:05 AM, Andrej van der Zee wrote:
The idea is to sniff all incoming/outgoing traffic on the WAN side of the load-balancer,
Is the "WAN side" implemented as: some form of WAN (a T{n} or E{n} serial line, or an OC{n} or STM{n} optical link) going directly into the load balancer; an Ethernet coming out of some flavor of WAN-to-Ethernet router/switch/whatever; multiple Ethernets coming out of such a device; something else?
I mean all external traffic of users that visit the web site hosted through the load-balancer. Does this change anything regarding the use of "port mirroring"?
If the WAN side is a WAN going directly into the load balancer, and you want to capture traffic on the WAN side, that wouldn't be done with "port mirroring" unless the load balancer can funnel copies of all WAN-side traffic into an Ethernet port; in that case, you'd need to somehow capture on the WAN side, e.g. with a DAG card from Endace: http://www.endace.com/endace-dag-high-speed-packet-capture-cards.html If it's an Ethernet or multiple Ethernets coming some routing device, it might be possible to have *that* device mirror the WAN traffic to a port - and if it's only one Ethernet, you could try just tapping that Ethernet.- This is the tcpdump-workers list. Visit https://cod.sandelman.ca/ to unsubscribe.
Current thread:
- sniffing HTTP traffic to load-balancer on a dedicated machine Andrej van der Zee (Nov 01)
- Re: sniffing HTTP traffic to load-balancer on a Jim Lloyd (Nov 01)
- Re: sniffing HTTP traffic to load-balancer on a Guy Harris (Nov 01)
- Re: sniffing HTTP traffic to load-balancer on a dedicated machine Guy Harris (Nov 01)
- Re: sniffing HTTP traffic to load-balancer on a Andrej van der Zee (Nov 02)
- Re: sniffing HTTP traffic to load-balancer on a Guy Harris (Nov 02)
- Re: sniffing HTTP traffic to load-balancer on a Andrej van der Zee (Nov 02)
- Re: sniffing HTTP traffic to load-balancer on a Andrej van der Zee (Nov 02)
- Re: sniffing HTTP traffic to load-balancer on a Jim Lloyd (Nov 01)