All Packets in VLAN sent to host... Switch not filtering packets

  • 0
  • 2
  • Question
  • Updated 5 years ago
When I am running a snoop of packets on a host in this VLAN I am seeing all packets in the VLAN being delivered to this host. When I snoop on hosts in other VLAN's I am only seeing packets that either have the source or destination for that  particular host.
When I check the VLAN's in the Black Diamond they are configured the same with the same flags set. So not sure why it appears that all packets are being forwarded to hosts only in this VLAN. Any ideas? Thanks!
Photo of Martin

Martin

  • 90 Points 75 badge 2x thumb

Posted 5 years ago

  • 0
  • 2
Photo of JAMES WIEDEL

JAMES WIEDEL

  • 780 Points 500 badge 2x thumb
Martin,
Your setup is a little unclear but here's what I think is going on:
When running snoop with no filters will see everything on the VLAN you are connected to because it would be running in promiscuous mode.      When you applied the filters, you told it to ignore everything except what is addressed to/from  the other host.     Had you started snoop  and told it to filter on the host you were on, you should see only packets addressed to/from the host you are on, (not everything)  which would be consistent.
Is that anywhere near what you are seeing?
Also remember that you will only see packets going to/from that remote host   IF they pass through the VLAN you are snooping from.
James
  
Photo of Martin

Martin

  • 90 Points 75 badge 2x thumb
Hi James, I have a standalone server and a server in a HP blade chassis connected up to an extreme x350 switch (2 different switches) and the nwtwork conatins a black diamond router. When i do a snoop on either the standalone server and the blade server on an interface on this VLAN I am seeing traffic from other blades to other servers. This should not be the case.
When I do a snoop on another interface on the seever in a different VLAN I am only seeing the packets that have a source or destination of that server. 
If the snoop is in promiscuous or non promiscuous mode should the server be seeing only the traffic that is destined for it? I would of thought that the switch should only send on packets with a destination MAC of that servers interface. Is that not what the switch should do? Also as I was saying the when I snoop on another interface in a diff VLAN I don't have this problem where I see other packets not destined for the server.
One thing I have noticed is that the source of these packets is always from blades within a HP chassis and he traffic is NFS traffic. So I am wondering is there something special about the packets coming from the HP blades chassis ere which makes the switch forward the packets to all ports?
thanks for previous reply! Martin