This website uses cookies. By clicking Accept, you consent to the use of cookies. Click Here to learn more about how we use cookies.
Accept
Reject
Help
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

All Packets in VLAN sent to host... Switch not filtering packets

All Packets in VLAN sent to host... Switch not filtering packets

Martin1
New Contributor

‎05-01-2014 08:24 AM

When I am running a snoop of packets on a host in this VLAN I am seeing all packets in the VLAN being delivered to this host. When I snoop on hosts in other VLAN's I am only seeing packets that either have the source or destination for that particular host.
When I check the VLAN's in the Black Diamond they are configured the same with the same flags set. So not sure why it appears that all packets are being forwarded to hosts only in this VLAN. Any ideas? Thanks!
2 REPLIES 2

Martin1
New Contributor

‎05-02-2014 01:36 PM

Hi James, I have a standalone server and a server in a HP blade chassis connected up to an extreme x350 switch (2 different switches) and the nwtwork conatins a black diamond router. When i do a snoop on either the standalone server and the blade server on an interface on this VLAN I am seeing traffic from other blades to other servers. This should not be the case.
When I do a snoop on another interface on the seever in a different VLAN I am only seeing the packets that have a source or destination of that server.
If the snoop is in promiscuous or non promiscuous mode should the server be seeing only the traffic that is destined for it? I would of thought that the switch should only send on packets with a destination MAC of that servers interface. Is that not what the switch should do? Also as I was saying the when I snoop on another interface in a diff VLAN I don't have this problem where I see other packets not destined for the server.
One thing I have noticed is that the source of these packets is always from blades within a HP chassis and he traffic is NFS traffic. So I am wondering is there something special about the packets coming from the HP blades chassis ere which makes the switch forward the packets to all ports?
thanks for previous reply! Martin
0 Kudos

JAMES_WIEDEL
New Contributor II

‎05-01-2014 04:14 PM

Martin,
Your setup is a little unclear but here's what I think is going on:
When running snoop with no filters will see everything on the VLAN you are connected to because it would be running in promiscuous mode. When you applied the filters, you told it to ignore everything except what is addressed to/from the other host. Had you started snoop and told it to filter on the host you were on, you should see only packets addressed to/from the host you are on, (not everything) which would be consistent.
Is that anywhere near what you are seeing?
Also remember that you will only see packets going to/from that remote host IF they pass through the VLAN you are snooping from.
James

0 Kudos
GTM-P2G8KFN