Port Mirroring with tagged destination
Posted: 20 Nov 2011 20:10
Hello guys,
Great forum you guys have going here. I have a particular problem I wish to share with you guys in the hopes of finding a solution. I need to capture frames from an IP Touch phone connected to a 6850. The phone tags packets with the voice VLAN and the switch port is accordingly 802.1q-tagged for the same voice VLAN and it is this 802.1q header that I need to capture to see if the phone is marking frames with the correct 802.1p value. You might think this would be quite simple using port mirroring but unfortunately that's not the case. The problem is that the switch doesn't allow the port mirroring destination port to be a 802.1q tagged port. In other words, the destination port must belong to a default VLAN. That defeats the whole purpose of capturing packets from a 802.1q source port! When I try to set up this port mirroring, I see the packets from the phone but the 802.1q header is stripped because my PC which is connected to an access port on the switch, which strips the 802.1q header before sending the mirrored packets to my PC. Mind you, I have set up my PC and wireshark to see 802.1q packets so this is not a problem with my NIC or a software issue.
How can I capture 802.1q packets? Is it possible to connect a PC to the phone and capture packets like that? Again, I don't think this would work because the PC is connected to an access port on the phone which doesn't support 802.1q. It would be the same problem as above? How can I do this? Is it even possible to capture 802.1q headers?
Any help is greatly appreciated!
Great forum you guys have going here. I have a particular problem I wish to share with you guys in the hopes of finding a solution. I need to capture frames from an IP Touch phone connected to a 6850. The phone tags packets with the voice VLAN and the switch port is accordingly 802.1q-tagged for the same voice VLAN and it is this 802.1q header that I need to capture to see if the phone is marking frames with the correct 802.1p value. You might think this would be quite simple using port mirroring but unfortunately that's not the case. The problem is that the switch doesn't allow the port mirroring destination port to be a 802.1q tagged port. In other words, the destination port must belong to a default VLAN. That defeats the whole purpose of capturing packets from a 802.1q source port! When I try to set up this port mirroring, I see the packets from the phone but the 802.1q header is stripped because my PC which is connected to an access port on the switch, which strips the 802.1q header before sending the mirrored packets to my PC. Mind you, I have set up my PC and wireshark to see 802.1q packets so this is not a problem with my NIC or a software issue.
How can I capture 802.1q packets? Is it possible to connect a PC to the phone and capture packets like that? Again, I don't think this would work because the PC is connected to an access port on the phone which doesn't support 802.1q. It would be the same problem as above? How can I do this? Is it even possible to capture 802.1q headers?
Any help is greatly appreciated!