• Part I
  • sun managers I
• Part D
  • sun managers D
• Part L
  • sun managers L
• Part H
  • sun managers H
• Part B
  • sun managers B
• Part E
  • sun managers E
• Part J
  • sun managers J
• Part F
  • sun managers F
• Part C
  • sun managers C
• Part K
  • sun managers K

SITEMAP

Read-Only Ethernet Interface?

We have the need to do some passive network monitoring in our environment.
Particuarlly, we would like to listen promiscously on the ethernet interface
(hme1) in read-only mode with a guarantee that we will not be transmitting
anything back on the wire.

This is more or less how we have our network monitoring environment sat up:

+---------+ +----------+
| Central |------------------| Internet |
| Router | | Router |
+---------+ +----------+
|
| mirrored port +-----------+
+--------------->| 100MB Hub |---Ultra 10
(read-only) +-----------+
| |
Ultra 10 Ultra 10

When our network monitoring environment was simpler, we used a switch in
place of the hub. However, the switches we have can only do a one-to-one
mirroring, meaning that we could only hang a single sun machine off the
switch to listen to a particular feed.

The hub deals with that problem, but since the ports off the hub aren't
read-only ports, any chatter coming back from the sun would get sent to the
other suns attached to the hub, which could cause collisions or other weird
networking anomolies... keep in mind that we are wanting to do statistics
on the data in the incoming stream, so we don't want data from the other
suns being added to it.

Anyways, I don't see an obviuous way to put an ethernet interface into
read-only mode. I didn't see anything in ifconfig. I guess one possible
way to do it is to *not* assign an IP address to the ethernet interface
and try reading from it normally (promiscous mode). I believe this will
work, but I am not sure if this would produce a true read-only mode.

Another possible way is to snip a couple wires in an ethernet cable (the
transmit wires) [ICK!] to prevent the suns from talking back to the hub,
but I am not sure if the hub requires to see something on those wires in
order to enable the port (link light?). That is an area I don't know much
about anyways...

So, I solicit your help... I thank in advance for any help offered!

Scott
--
+-=-=-=-=-=-=-=-=-=+=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=+=-=-=-=-=-=-=-=-+
Scott W. Adkins http://www.cns.ohiou.edu/~sadkins/
UNIX Systems Engineer mailto:adkinss at ohio.edu
ICQ 7626282 Work (740)593-9478 Fax (740)593-1944
+-=-=-=-=-=-=-=-=-=+=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=+=-=-=-=-=-=-=-=-+
CNS, HDL Center, Suite 301, Ohio University, Athens, OH 45701-2979

Comments

"sun managers B [Part B]" Sponsored Links

• "sun managers B [Part B]" New Questiones!

  • Read-Only Ethernet Interface?
  • reading console error messages
  • Read Only Filesystems
  • Read only / filesystem
  • read of LM75 Failed
  • re. Adaptec 160 series / Solaris IA
  • Rdist problem
  • RDAC (rdriver.conf) Question
  • rcp quirk on server with IP's
  • rcp and connection time out
  • rc3.d scripts -- SUMMARY
  • rc3.d scripts
  • rc3 script problem
  • RBAC question
  • RBAC on Solaris 8
  • RBAC
  • raw devices..
  • random port selection and tcp_ip_abort_interval
  • RAM for SS10/SS20
  • RAM disk, SUNWdrvs under Solaris 2.6

Copyright © 2008 thatsjava.com • All rights reserved • CMS Theme by WebmasterFund.com - 0.594