Below is the Ethanalyzer for data palne. For control plane please click on green button below:
By default, wireshark or ETH is used to capture the control plane traffic. But we can also capture the data plane traffic by creating ACLs with log keyword and then apply the ACL on interface.
In this case, control plane and data plane both type of traffic will be capture and have to find the data plane traffic.
But best option is SPAN for capture the data plane traffic.
Example:
conf t
ip access-list abc
statistics per-entry
permit tcp host 1.1.1.1 host 3.3.3.3 eq 88 log
permit ip any any
interface e3/23
ip access-group abc in
ethanalyzer local interface inband limit-captured-frame 1000 write bootflash:xyz
dir bootflash:xyz
ethanalyzer local read bootflash:xyzCommand to check the number of packets per second filter capacity of ACL on interface:
show hardware rate-limiter access-list-log
Thanks for Reading ………………………
We will recommend you to read below posts: