A question for anyone who can help?
I am seeing an odd thing happening on our network. We have a switched network with 3548s in closests and 6509s with MSFC as the core. In the VLANs I am seeing traffic that I should not be seeing. If my pc's ip address is 172.16.16.5 (255.255.240.0), I would only expect my PC to see such traffic as broadcasts, multicasts, and traffic to or from it. However, I am also seeing traffic from other PCs to other pcs, printers, and servers i.e. 172.16.38.4 to 172.16.16.45.
What is odder is that I don't see all the packets or even a conversation. I just happen to catch a packet here or there from the the other pcs. Such as a ping reply from 172.16.38.4 to 172.16.16.45, but I never see the ping request. It is not limited to just ICMP, but also to UDP and TCP. Out of 20,000 packets I might see 3 or 4 of these packets. The switches don't give me any kind of message indicating an error.
Thoughts? I have run out of ideas to test on this to see what could be happening. It appears to be be in all our subnets, from what I can tell. It is not causing a problem on the network or with any devices, it is just odd to me. I happened to come across it by chance while monitoring a pc we were testing.
I hope this is not too vague of a description on my problem, I just don't want to make this a huge question and ramble on.
I will gladly pass along anymore info if requested.
I cannot say how long this has been going on as I never looked for it before. I have though been working on it for about 3-4 months and am at the point where I don't know what else to do.
Any help would be appreciated.
Thanks,
Ken
I am seeing an odd thing happening on our network. We have a switched network with 3548s in closests and 6509s with MSFC as the core. In the VLANs I am seeing traffic that I should not be seeing. If my pc's ip address is 172.16.16.5 (255.255.240.0), I would only expect my PC to see such traffic as broadcasts, multicasts, and traffic to or from it. However, I am also seeing traffic from other PCs to other pcs, printers, and servers i.e. 172.16.38.4 to 172.16.16.45.
What is odder is that I don't see all the packets or even a conversation. I just happen to catch a packet here or there from the the other pcs. Such as a ping reply from 172.16.38.4 to 172.16.16.45, but I never see the ping request. It is not limited to just ICMP, but also to UDP and TCP. Out of 20,000 packets I might see 3 or 4 of these packets. The switches don't give me any kind of message indicating an error.
Thoughts? I have run out of ideas to test on this to see what could be happening. It appears to be be in all our subnets, from what I can tell. It is not causing a problem on the network or with any devices, it is just odd to me. I happened to come across it by chance while monitoring a pc we were testing.
I hope this is not too vague of a description on my problem, I just don't want to make this a huge question and ramble on.
I will gladly pass along anymore info if requested.
I cannot say how long this has been going on as I never looked for it before. I have though been working on it for about 3-4 months and am at the point where I don't know what else to do.
Any help would be appreciated.
Thanks,
Ken
