Simply put, an image port is used to completely copy the traffic of one (several) Port (source port) of the switch and send the traffic from another port (destination port, so that the network administrator can analyze the traffic of the source port from the target port to find out the cause of the network problem.
After the port image of the vswitch is configured, You can conveniently monitor and manage your network by using the netjob internet behavior management software. You can use netjob to monitor and manage the company's internet records and QQ chat content, MSN Chat content, email sending and receiving records, etc. Next, let's take a look at how the Huawei switch configures Port Mirroring:
Configure environment parameters: the IP addresses of PC1 and PC2 are 10.10.1.1/24, and 10.10.1.2/24, respectively.
Networking requirements: configure a port image on SwitchA to monitor the packets sent and received by pc1.
Huawei switch: S2000EI, S2000C series port image configuration process
Mirror ing-port is used to define the mirror port, and monitor-port is used to define the monitoring port.
[SwitchA configuration]
1. Configure port E0/2 as the monitoring port
[SwitchA] monitor-portEthernet0/2no-filt
2. Configure port E0/1 as the mirror Port
[SwitchA] mirroring-portEthernet0/1 both
[Additional description]
Multiple-to-one port mirroring is supported, but the mirroring port must belong to the same chip as the monitoring port (one chip per eight ports ).
When configuring the Image Port, you can use parameters to define the direction of the monitored packets. For example, the both parameter indicates that packets are received and sent by the monitoring port at the same time. The inbound parameter indicates that only packets received by the monitoring port are monitored. The outbound parameter indicates that only packets sent by the monitoring port are monitored.
When configuring a monitoring port, you can use parameters to define the monitoring port type. For example, the parameter no-filt indicates that all packets are monitored; the parameter filt-da indicates that only packets of the specified destination mac address are monitored; the parameter filt-sa, monitoring only the packets of the specified source mac address.
Specific models of this series switch include: S2008-EI, S2016-EI and S2403H-EI, S2008C, S2016C and S2024C.
Huawei switch: S2000-SI and S3000-SI series port mirroring configuration process
Mirror ing-port is used to define the mirror port, and monitor-port is used to define the monitoring port.
[SwitchA configuration]
1. Configure port E0/2 as the monitoring port
[SwitchA] monitor-portEthernet0/2
2. Configure port E0/1 as the mirror Port
[SwitchA] mirroring-portEthernet0/1 both
[Additional description]
Supports multiple-to-one port images and hao352 Internet homepage.
When configuring the Image Port, you can use parameters to define the direction of the monitored packets. For example, the both parameter indicates that packets are received and sent by the monitoring port at the same time. The inbound parameter indicates that only packets received by the monitoring port are monitored. The outbound parameter indicates that only packets sent by the monitoring port are monitored.
The specific models of this series of switches include: S2026C/Z-SI, S3026C/G/S-SI and E026-SI.
Huawei switch: S3050C series port image configuration process
Mirror ing-port is used to define the mirror port, and monitor-port is used to define the monitoring port.
[Switch configuration]
1. Configure port E0/2 as the monitoring port
[SwitchA] monitor-portEthernet0/2
2. Configure port E0/1 as the mirror Port
[SwitchA] mirroring-portEthernet0/1 both
[Additional description]
Supports multiple-to-one port images.
When configuring the Image Port, you can use parameters to define the direction of the monitored packets. For example, the both parameter indicates that packets are received and sent by the monitoring port at the same time. The inbound parameter indicates that only packets received by the monitoring port are monitored. The outbound parameter indicates that only packets sent by the monitoring port are monitored.
Considering the chip efficiency, S3050C provides one image destination port and three image source ports. Note that S3050C image sources can be divided into input images and output images. The so-called three image sources are independently calculated in the direction. For example, if the image direction of port E0/1 is both, because it contains in and out directions, it is calculated based on two sources.
Huawei switches: S3026E, S3526E, and S3526 port image configuration process
The monitor-port is used to define the monitoring port. Combined with the acl configuration, the mirroed-to command is used in the System View to mirror the data packets matching the acl rules to the monitoring port.
[SwitchA configuration]
1. Configure port E0/2 as the monitoring port
[SwitchA] monitor-portEthernet0/2
2. Configure the acl and define data flow rules that comply with the monitoring rules.
[SwitchA] aclnumber4000 [SwitchA-acl-link-4000] rulepermitingressinterfacee0/1 egressany [SwitchA-acl-link-4000] rulepermitingressanyegressinterfacee0/1
3. mirror the packets matching the acl rules to the monitoring port E0/2.
[SwitchA] mirroed-tolink-group4000interfaceEthernet0/2
[Additional description]
These vswitches use a stream image instead of a port image. Therefore, you must combine the acl Configuration to mirror packets that match the acl rules.
The specific models of this series of switches include S3026E/C/G/T, S3526E/C, S3026FS/FM, S3526, and S3526FS/FM.
Huawei switches: S5012 and S5024 Port Mirroring configuration process
Mirror ing-port is used to define the mirror port, and monitor-port is used to define the monitoring port.
[Additional description]
Port images and stream images are supported. The flow image configuration method is the same as that of the S3026E series switch.
When configuring the Image Port, you can use parameters to define the direction of the monitored packets. For example, the both parameter indicates that packets are received and sent by the monitoring port at the same time. The inbound parameter indicates that only packets received by the monitoring port are monitored. The outbound parameter indicates that only packets sent by the monitoring port are monitored.
When configuring the monitoring port, you can use parameters to define the direction of the packets monitored by the Image Port. For example, the both parameter indicates that packets are received and sent by the monitoring port at the same time. The inbound parameter indicates that only packets received by the monitoring port are monitored. The outbound parameter indicates that only packets sent by the monitoring port are monitored.
The specific models of these vswitches include S3528G/P and S3552G/P/F.
Huawei switches: S3900, S5600 series port image configuration process
Monitor-port is used to define the monitoring port. Combined with acl configuration, the mirroed-to command is used in the Ethernet physical port configuration view to mirror the data packets matching the acl rules to the monitoring port. Or directly configure a physical port as an Image Port. Hao352.com.
Method 1: Stream Image
[SwitchA configuration]
1. Configure port G1/0/2 as the monitoring port
[SwitchA] interfaceGigabitEthernet1/0/2 [SwitchA-GigabitEthernet1/0/2] monitor-port
2. Configure the acl and define data flow rules that comply with the monitoring rules.
[SwitchA] aclnumber3000 [SwitchA-acl-link-3000] rulepermitipsource10.1.10destinationany [SwitchA-acl-link-3000] rulepermitipsourceanydestination10.10.1.10
3. mirror the packets that pass through port G1/0/1 and match the acl rules to the monitoring port.
[SwitchA] interfaceGigabitEthernet1/0/1 [SwitchA-GigabitEthernet1/0/1] mirrored-toinboundip-group3000monitor-interface [SwitchA-GigabitEthernet1/0/1] mirrored-tooutboundip-group3000monitor-interface
Method 2: Port Image
[SwitchA configuration]
1. Configure port G1/0/2 as the monitoring port
[SwitchA] interfaceGigabitEthernet1/0/2 [SwitchA-GigabitEthernet1/0/2] monitor-port
2. Configure port G1/0/1 as the mirror Port
[SwitchA] interfaceGigabitEthernet1/0/41 [SwitchA-GigabitEthernet1/0/41] inserting ing-portboth
Port Mirroring by Huawei 6502
[Cur] mirroring-group1local create group [cur-GigabitEthernet1/0/8] mirroring-group1monitor-port monitoring port [cur-GigabitEthernet0/0/1] mirroring-group1mirroring-portboth monitoring port [cur] disconfiguring-groupall mirroring-group1: type: local status: active monitoring ingport: gigabitEthernet0/0/1 both
All the configurations of the port image of the Huawei switch are described. This article describes the port image configuration process of several common switches to make it easier for you to see, hope to help you