I ran a 2 minute capture and I see many other IP's TCP traffic (source & destination). My understanding is I should only see my own laptops IP traffic and maybe broadcast traffic. We have 12 switches all plugged into a Cisco 6506 backbone. When I plug directly into other switches I also see other IP's TCP traffic. Any help would be appreciated. One thing I have read is mac address table may be full. I have checked the switch I am in and it had only 147 addresses. Maybe the backbones mac address table is full??
asked 21 Oct '11, 05:36
To see other IP's as source should not be alarming, as long as they send broadcast and multicast traffic. If you see the IP of other systems as destination in a unicast packet, that indicates flooding.
Flooding occurs when a switch does not know where to send the traffic. That can be caused by a full table, which is not the case in your case. It could also be caused by asymmetric routing. Also Microsoft Network Loadbalancing is a notorious source for flooding.
So have a good look at the mac and ip addresses of the traffic you did not expect to find out the cause.
answered 21 Oct '11, 05:51