On Thursday, October 2, 2003, at 10:57 AM, Jeffrey.Stebelton_at_bisys.com
wrote:
>
> What we have done is to set a 10 Mb Ethernet hub up near the tap and
> run
> both tap ports into it. We then plug whatever sniffers you want into
> the
> hub and you will see both sides of the traffic.
I think this works in a very small environment, but doesn't scale too
well. Since the tap ports aren't participating in an Ethernet network
the way a normal host does, there is a real opportunity for collisions.
Especially when using a hub which is real dumb about things like this.
It's all about your budget and needs, but for a little more money you
can get a Cisco 2900 (or whatever vendor you prefer) which can mirror
both Tx and Rx ports to a common port without the risk of collision.
SfS
____
S.f.Stover
sstover_at_iwc.sytexinc.com
- application/pgp-signature attachment: PGP_sig
Received on Oct 02 2003
Intro
