Configuring a port analyzer (port mirror) on the Juniper EX switch
Yes, it's been a while since my last update, so I'm going to make this one short and sweet. Lately I started messing around with Plex Media Center/Server and sharing my server with a couple of my friends. While I do have a good bit of bandwidth here at the house, my friends sure know how to suck that bandwidth dry. So, it's time to implement some traffic shaping here at the house.
In order to implement the traffic shaping, I need to know what the traffic looks like. For me to shape it, I need to know what it looks like, so I'm going to setup an analyzer. I have a specific media server that is separate from my lab rack. It's plugged into a little Cisco gigabit switch that has an LACP Lag bundle going back to my core EX3200-48T. To setup an analyzer is very simple...in fact, it's only 3 commands.
set ethernet-switching options analyzer plex–monitor input ingress interface ae0.0 set ethernet-switching options analyzer plex–monitor input egress interface ae0.0 set ethernet-switching options analyzer plex–monitor output interface xe-0/0/45.0
That's it. Now, let me explain what I did there.
To configure an analyzer called "plex-monitor" and specify the input (source) interfaces and the output interface, I need to configure the interface connected to my media server as input interfaces for the port-mirror analyzer. I want to see both ingress and egress traffic, so I tell it to do both.
[edit ethernet-switching-options] user@switch# set analyzer plex-monitor input ingress interface ae0.0 user@switch# set analyzer plex-monitor input egress interface ae0.0
Now, I configure the output analyzer interface for the analyzer. This will be the destination interface for the mirrored packets:
[edit ethernet-switching-options] user@switch# set analyzer plex-monitor output interface ge-0/0/45.0
That's it. Now, all the traffic going to that lag bundle (the server is the only thing plugged into that switch) will be mirrored to port ge-0/0/45. I can plug my Wireshark box into that port, get a good capture of the traffic, and set my traffic shaping accordingly. Can you guess what my next post is going to be about? 
Problems with your D-Link DP-300U?
If you're like me, you have a ton of computer crap laying around your house. Today I found an old D-Link DP-300U print server laying around and thought that I could put it to good use. The bad thing about these things is the fact that they do not have a hardware reset button on them, so if you forget the IP or the Password, you're pretty much hosed... or so I thought. After doing some google searches for how to find a lost IP, I came back empty. The PS Admin program that D-Link publishes for use with this thing couldn't find it on my network either. After some thinking, I came up with an idea.
If you know anything about networking and how networks work, you should have thought about this too. Get a Wireshark capture running. Unplug the power from the print server and then replug it. It's going to send out an ARP on the network looking for it's gateway which should be picked up by Wireshark. It should look like this:
In my case, it came back as 192.168.1.253. After changing the IP on my laptop to fit that subnet, I was able to log into it via it's web interface (there was no password on it thank God!) and put it back to factory settings. Voila! What once was a brick is now a working print server!
-Greg
Categories
- How To's (9)
- Hurricanes (60)
- Networking (44)
- Other stuff (14)
Blogroll
- Adventures in Open Source
- Bejoy's Site
- Charlie Moreno Web Design
- Fark.com
- Greenhat security
- GregoryLedet.com
- JefTek.com
- Packet Life
- Shannon Bray
- Shortest Path First
Social Networking
Recent Comments
- essaydone on Configuring a port analyzer (port mirror) on the Juniper EX switch
- Tony on Port Forwarding on the Cisco ASA in 8.3 from the ASDM made easy
- Greg Ledet on Windows IP conflict when there is no conflict
- Y8 on Windows IP conflict when there is no conflict
- juegos de yepi on SSH Configuration in IOS
Meta
Certifications
