The Local Manager's secondary Ethernet port can operate in one of four modes:
Connect the secondary Ethernet port on your Local Manager to your alternate/out-of-band network connection using this port. The following list identifies the secondary Ethernet port for each Local Manager platform:
Use the GE-1 port located below Management Ethernet port GE-0.
Use the GE-1 port located below Management Ethernet port GE-0.
Use the AUX port located on the back of the device beneath the power controller port.
Use the AUX port located to the left of the power controller port.
Use the AUX 1 port located on the back of the device.
This mode is enabled by default, even if no physical connection is present. Both Ethernet interfaces are combined into a single logical bond0 Ethernet management interface. If a switch port, cable, or interface fails on the primary Ethernet port connection, the system will automatically fail over to the secondary Ethernet connection.
This mode allows the capture and review of network traffic via the secondary Ethernet interface. A switch can be configured to span/mirror traffic to a port that is connected to the secondary Ethernet port of the Local Manager, where the Local Manager can then capture, filter, display and export traffic captures.
To configure capture mode, run config system secondary from the system resource. When asked for type, specify 'capture' and options will become available for speed/duplex.
[admin@LantronixLM]# config system secondary
--- Existing Values ---
Type: bonded
Bonding Link: yes
Primary Ethernet Link: yes (bonded active)
Auxiliary Ethernet Link: no (bonded)
Change these? (y/n) [n]: y
--- Enter New Values ---
Type [bonded]: capture
speed/duplex [auto]:
Warning: Remote connections may be lost if you commit changes.
Do you want to commit these changes? (y/n): y
To begin capturing packets, use the capture command from the system resource. Capture will continue until you press x, CTRL-C, or the 5MB capture limit is reached.
[admin@LantronixLM]# capture
Press 'x' or Ctrl+C to stop capturing packets.
4864 bytes
Capture stopped.
A variety of options for the capture command are available to filter captured packets.
Option | Syntax |
---|---|
IP Address | capture host 192.168.1.100 |
Network | capture net 192.168.1.0/24 |
Port | capture port 80 |
IP Address and Port | capture host 192.168.1.100 and port 80 |
Source | capture src 192.168.1.1 |
Destination | capture destination 192.168.1.253 |
Frame Size | capture greater 512, capture less 128 |
Bytes Per Frame | capture -size 1514 |
To view captured packets, use the show capture command from the system resource.
[admin@LantronixLM]# show capture
18:53:25.281292 CDPv2, ttl: 180s, Device-ID '333A'[|cdp]
18:53:25.284526 CDPv2, ttl: 180s, Device-ID '333A'[|cdp]
18:53:25.287029 CDPv2, ttl: 180s, Device-ID '333A'[|cdp]
18:53:25.926118 802.1d config TOP_CHANGE 8000.00:d0:ba:bf:62:cd.8022 root 2000.00:d0:01:c1:c4:34 pathcost 23 age 3 max 20 hello 2
fdelay 15
18:53:26.315752 IP6 :: > ff02::16: HBH ICMP6, multicast listener report v2, 1 group record(s), length 28
18:53:26.391749 IP6 :: > ff02::1:ff00:1524: ICMP6, neighbor solicitation, who has fe80::20f:2cff:fe00:1524, length 24
18:53:26.942055 802.1d config TOP_CHANGE 8000.00:d0:ba:bf:62:cd.8022 root 2000.00:d0:01:c1:c4:34 pathcost 23 age 2 max 20 hello 2
fdelay 15
18:53:27.391840 IP6 fe80::20f:2cff:fe00:1524 > ff02::2: ICMP6, router solicitation, length 16
18:53:28.358245 802.1d config TOP_CHANGE 8000.00:d0:ba:bf:62:cd.8022 root 2000.00:d0:01:c1:c4:34 pathcost 23 age 2 max 20 hello 2
fdelay 15
To export the capture file in pcap format, use the show capture -pcap command and pipe it to SCP, FTP, or E-mail.
[admin@LantronixLM]# show capture -pcap | scp uplogix@203.0.113.5:u5000.cap1
uplogix@203.0.113.5's password:*******
..
File successfully sent to 203.0.113.5.
copy succeeded
To export via E-mail, use the following syntax:
[admin@LantronixLM]# show capture -pcap | mailto support@uplogix.com:u5000.cap1
..
File successfully sent to uplogix.com.
copy succeeded
In the above example, the capture file will be attached to the email with the filename u5000.cap1. You can then view this file in any third party application capable of reading pcap files like Wireshark, etc.
To export the capture file in plain text with SCP, FTP, or E-mail, simply omit the - pcap option.
This mode allows the secondary Ethernet interface to operate as a WAN Traffic Failover interface for a local router, where traffic received from the router will be forwarded over the out-of-band cellular network connection when the primary Network/WAN is down.
To configure DHCPServer mode, run config system secondary from the system resource. When asked for type, specify dhcpserver and options will become available for DHCP MAC filter and speed/duplex.
The following example uses DHCPserver.
[admin@LantronixLM]# config system secondary
--- Existing Values ---
Type: bonded
Bonding Link: yes
Primary Ethernet Link: yes (bonded active)
Auxiliary Ethernet Link: no (bonded)
Change these? (y/n) [n]: y
--- Enter New Values ---
Type [bonded]: dhcpserver
DHCP MAC Address Filter:
speed/duplex [auto]:
Forward traffic over Out-of-Band Connection (y/n) [n]: y
Warning: Remote connections may be lost if you commit changes.
Do you want to commit these changes? (y/n): y
To view the DHCPServer settings on the secondary Ethernet interface, use the show system secondary command from the system resource. Note that the device IP shown below is the IP address given to the failover interface on the connected router.
[admin@LantronixLM]# show system secondary
Type: dhcpserver
Device IP: 169.254.100.254
Port IP: 169.254.100.253
Subnet: 255.255.255.252
Speed/duplex: auto (no link)
MAC Address: 00:0F:2C:00:CF:07
Forward traffic over Out-of-Band Connection: yes
This mode allows the secondary Ethernet interface to be configured as an out-of-band channel for use during primary network outages.
To configure outband mode, run config system secondary from the system resource. When asked for type, specify 'outband' and options will become available for DHCP, speed/duplex, and DNS. If not using DHCP, the device will prompt for IP address, subnet mask, and default route.
The following example uses DHCP.
[admin@uplogixLM]# config system secondary
--- Existing Values ---
Type: bonded
Bonding Link: yes
Primary Ethernet Link: yes (bonded active)
Auxiliary Ethernet Link: no (bonded)
Change these? (y/n) [n]: y
--- Enter New Values ---
Type [bonded]: outband
Use DHCP (y/n) [n]: y
speed/duplex [auto]:
Use DNS (y/n/auto) [auto]:
Enable Out-of-Band Sharing (y/n) [n]:
Warning: Remote connections may be lost if you commit changes.
Do you want to commit these changes? (y/n): y
Outband mode is further discussed in Secondary Ethernet Access.