Address: http://network.51cto.com/art/201109/291738.htm
A port image copies the data on the monitored port to the specified Monitoring port for data analysis and monitoring. The ethernet switch supports multiple-to-one images to copy packets from multiple ports to one monitoring port.
Vswitch port image configuration such as Huawei 3026
Vswitches such as S2008/S2016/S2026/S2403H/S3026 support port mirroring in either of the following ways:
Method 1
1. Configure the port image (observed)
[SwitchA] monitor-porte0/8
2. Configure the port Image
[SwitchA] portmirrorEthernet0/1toEthernet0/2
Method 2
You can define images and ports at one time.
[SwitchA] portmirrorEthernet0/1toEthernet0/2observing-portEthernet0/8
Port image configuration of Huawei 8016 vswitch
1. Assume that the port image of the 8016 switch is E1/0/15, the port image is E1/0/0, and Port 1/0/15 is the observation port of the port image.
[SwitchA] portmonitorethernet1/0/41
2. Set Port 1/0/0 to the image on the target port, and image the input and output data.
[SwitchA] portmirroringethernet1/0/0bothethernet1/0/15
You can also mirror the input and output data through two different ports.
1. Set E1/0/15 and E2/0/0 as mirror (observation) ports.
[SwitchA] portmonitorethernet1/0/41
2. Set Port 1/0/0 as the port image, and use E1/0/15 and E2/0/0 to mirror the input and output data respectively.
- [SwitchA]portmirroringgigabitethernet1/0/0ingressethernet1/0/15
-
- [SwitchA]portmirroringgigabitethernet1/0/0egressethernet2/0/0
A vswitch based on a flow image mirrors some streams. Each connection has two data streams. For a vswitch, these two data streams must be mirrored separately.
Image configuration of Huawei 3500/3026 E/3026F/3050 Switch Port
Images Based on L3 streams
1. Define an extended access control list
[SwitchA] aclnum101
2. Define a rule message source address as 1.1.1.1/32 to all destination addresses
[SwitchA-acl-adv-101] rule0permitipsource1.1.1.10destinationany
3. Define a rule message source address as the destination address of all source addresses 1.1.1.1/32
[SwitchA-acl-adv-101] rule1permitipsourceanydestination1.1.1.10
4. mirror the packets that comply with the preceding ACL rules to the E0/8 Port
[SwitchA] mirrored-toip-group101interfacee0/8
Layer-2 stream-Based Image
1. Define an ACL
[SwitchA] aclnum200
2. Define a rule to send data packets from E0/1 to all other ports.
[SwitchA] rule0permitingressinterfaceEthernet0/1 (egressinterfaceany)
3. Define a packet rule from all other ports to E0/1
[SwitchA] rule1permit (ingressinterfaceany) egressinterfaceEthernet0/1
4. mirror the packets that match the preceding ACL to E0/8.
[SwitchA] mirrored-tolink-group200interfacee0/8
Port image configuration of Huawei 5516 vswitch
5516 the vswitch supports mirroring inbound port traffic, and configures the port Ethernet3/0/1 as the monitoring port to mirror inbound traffic of port Ethernet3/0/2.
[SwitchA] mirrorEthernet3/0/2ingress-toEthernet3/0/1
Image configuration of the port of the 6506/6503/vswitch
The image group name is 1, the monitoring port is Ethernet4/0/2, and the inbound traffic on the port Ethernet4/0/1 is mirrored.
[SwitchA] mirroring-group1inboundEthernet4/0/1mirrored-toEthernet4/0/2
Additional instructions
1. Generally, port images can achieve high-speed port mirroring and low-speed ports. For example, a port of M can mirror a port of M, and vice versa.
2.8016 support cross-board Port Mirroring
3 test and verification
On the observation port, the tool software can view the corresponding packets of the port image and conduct traffic observation or fault locating.
Catalyst29503550 does not support portmonitor
2950/3550/3750
The format is as follows:
- #monitorsessionnumbersourceinterfacemod_number/port_numberboth
-
- #monitorsessionnumberdestinationinterfacemod_mnumber/port_number
// Rx --> indicates the incoming port traffic. tx --> outgoing port traffic: both incoming and outgoing traffic.
Forexample:
The first image: 1-10 Source Port in the first module to Port 12;
- #monitorsession1sourceinterface1/1-10both
-
- #monitorsession1destinationinterface1/12
In the second image, the source port of the second module is 13-20 to port 24;
- #monitorsession2sourceinterface2/13-20both
-
- #monitorsession2destinationinterface2/24
Restrictions on port image Configuration
The port image and the port to be mirrored must be on the same business board. For business boards with non-48 ports, only one port image group can be configured on one business board for one image direction. For example, you can configure only one port Image Group for Monitoring received packets on a business board. If you configure the second port Image Group for Monitoring received packets on this business board, the system will prompt a configuration failure. The configuration restrictions for the port image group that monitors sent packets are similar. For the business board with 48 ports, either the monitored port or the monitored port is 1 ~ The ports in the 24-port range can be 25 ~ The port within the port range of 48. At the same time, only one image group can be configured for one image direction in the range of Port 1 to port 24 or port 25 to port 48. For example, you can configure only one port Image Group for Monitoring and receiving packets within the range from Port 1 to port 24. If you configure a port Image Group for the second monitoring and receiving packet, the system will prompt a configuration failure. The configuration limits of the port Image Group for Monitoring sent packets are the same as those above. The limits for image configuration from port 25 to port 48 are the same as those for image configuration from Port 1 to port 24.