Summary of port image configuration methods for various vswitches of Huawei

Many of my friends are asking questions about Huawei switch images. Based on my existing materials and documents, we will summarize the methods of vswitch image of various models. So that you can easily check it! Before learning the configuration, you must understand the basic concepts of port images!
I. Port Mirroring concept:
Port Mirror is used for network performance monitoring. It can be understood as follows: Establish an image relationship between port A and port B. In this way, data transmitted through port A will be copied to port B at the same time, analyzer or analysis software connected to port B for performance analysis or fault determination.

Ii. Port image Configuration

"Environment configuration parameters 』

1. PC1 is connected to port E0/1 of vswitch, IP address 1.1.1.1/24

2. PC2 is connected to port E0/2 of vswitch, IP address 2.2.2.2/24

3. E0/24 indicates the uplink port of the switch.

4. The Server is connected to port E0/8 of the vswitch. This port serves as the mirror port.

"Networking requirements 』

1. Use the vswitch port image function to monitor the service packets of two PCs.

2. Configure the image according to the following methods:

1) Port-Based Image

2) stream-Based Image

2 Data configuration steps
"Port Image Data Process 』

Port-based images completely copy incoming and outgoing data packets from the mirrored ports to the mirrored ports for traffic observation or fault locating.

[Vswitch image 3026]

Vswitches such as S2008/S2016/S2026/S2403H/S3026 support port-based images. There are two methods:

Method 1

1. Configure the image (observation) Port

[SwitchA] monitor-port e0/8

2. Configure the port to be mirrored

[SwitchA] port mirror Ethernet 0/1 to Ethernet 0/2

Method 2

1. You can define the image and the port to be mirrored at a time.

[SwitchA] port mirror Ethernet 0/1 to Ethernet 0/2 observing-port Ethernet 0/8

[8016 vswitch port image configuration]

1. Assume that the image port of the 8016 switch is E1/0/15, the Image Port is E1/0/0, and Port 1/0/15 is the observation port of the port image.

[SwitchA] port monitor ethernet 1/0/15

2. Set Port 1/0/0 as the port to be mirrored, and image the input and output data.

[SwitchA] port bonding ing ethernet 1/0/0 both ethernet 1/0/15

You can also mirror the input and output data through two different ports.

1. Set E1/0/15 and E2/0/0 as mirror (observation) ports.

[SwitchA] port monitor ethernet 1/0/15

2. Set Port 1/0/0 as the mirrored port, and use E1/0/15 and E2/0/0 to mirror the input and output data respectively.

[SwitchA] port bonding ing gigabitethernet 1/0/0 ingress ethernet 1/0/15

[SwitchA] port bonding ing gigabitethernet 1/0/0 egress ethernet 2/0/0

"Stream Image-based Data Process 』

A vswitch based on a flow image mirrors some streams. Each connection has two data streams. For a vswitch, these two data streams must be mirrored separately.

[3500/3026 E/3026F/3050]

Cloudification-Based Image 〗

1. Define an extended access control list

[SwitchA] acl num0 100

2. Define a rule message source address as 1.1.1.1/32 to all destination addresses

[SwitchA-acl-adv-101] rule 0 permit ip source 1.1.1.1 0 destination any

3. Define a rule message source address as the destination address of all source addresses 1.1.1.1/32

[SwitchA-acl-adv-101] rule 1 permit ip source any destination 1.1.1.1 0

4. mirror the packets that comply with the preceding ACL rules to the E0/8 Port

[SwitchA] mirrored-to ip-group 100 interface e0/8

2-layer stream-Based Image 〗

1. Define an ACL

[SwitchA] acl num0 200

2. Define a rule to send data packets from E0/1 to all other ports.

[SwitchA] rule 0 permit ingress interface Ethernet0/1 egress interface Ethernet0/2

3. Define a packet rule from all other ports to E0/1

[SwitchA] rule 1 permit ingress interface Ethernet0/2 egress interface Ethernet0/1

4. mirror the packets that match the preceding ACL to E0/8.

[SwitchA] mirrored-to link-group 200 interface e0/8

[5516/6506/6503/6506 R]

Currently, these three products support mirroring inbound port traffic.

1. Define the Image Port

[SwitchA] monitor-port Ethernet 3/0/2

2. Define the port to be mirrored

[SwitchA] routing ing-port Ethernet 3/0/1 inbound

[Additional description]

1. Images can generally achieve high-speed port mirroring with low-speed ports. For example, a m port can mirror a m port. Otherwise, Images cannot be implemented.

2. 8016 support cross-board Port Mirroring

"Environment configuration parameters 』

1. PC1 is connected to port E0/1 of vswitch, IP address 1.1.1.1/24

2. PC2 is connected to port E0/2 of vswitch, IP address 2.2.2.2/24

3. E0/24 indicates the uplink port of the switch.

4. The Server is connected to port E0/8 of the vswitch. This port serves as the mirror port.

"Networking requirements 』

1. Use the vswitch port image function to monitor the service packets of two PCs.

2. Configure the image according to the following methods:

1) Port-Based Image

2) stream-Based Image

2 Data configuration steps
"Port Image Data Process 』

Port-based images completely copy incoming and outgoing data packets from the mirrored ports to the mirrored ports for traffic observation or fault locating.

[Vswitch image 3026]

Vswitches such as S2008/S2016/S2026/S2403H/S3026 support port-based images. There are two methods:

Method 1

1. Configure the image (observation) Port

[SwitchA] monitor-port e0/8

2. Configure the port to be mirrored

[SwitchA] port mirror Ethernet 0/1 to Ethernet 0/2

Method 2

1. You can define the image and the port to be mirrored at a time.

[SwitchA] port mirror Ethernet 0/1 to Ethernet 0/2 observing-port Ethernet 0/8

[8016 vswitch port image configuration]

1. Assume that the image port of the 8016 switch is E1/0/15, the Image Port is E1/0/0, and Port 1/0/15 is the observation port of the port image.

[SwitchA] port monitor ethernet 1/0/15

2. Set Port 1/0/0 as the port to be mirrored, and image the input and output data.

[SwitchA] port bonding ing ethernet 1/0/0 both ethernet 1/0/15

You can also mirror the input and output data through two different ports.

1. Set E1/0/15 and E2/0/0 as mirror (observation) ports.

[SwitchA] port monitor ethernet 1/0/15

2. Set Port 1/0/0 as the mirrored port, and use E1/0/15 and E2/0/0 to mirror the input and output data respectively.

[SwitchA] port bonding ing gigabitethernet 1/0/0 ingress ethernet 1/0/15

[SwitchA] port bonding ing gigabitethernet 1/0/0 egress ethernet 2/0/0

"Stream Image-based Data Process 』

A vswitch based on a flow image mirrors some streams. Each connection has two data streams. For a vswitch, these two data streams must be mirrored separately.

[3500/3026 E/3026F/3050]

Cloudification-Based Image 〗

1. Define an extended access control list

[SwitchA] acl num0 100

2. Define a rule message source address as 1.1.1.1/32 to all destination addresses

[SwitchA-acl-adv-101] rule 0 permit ip source 1.1.1.1 0 destination any

3. Define a rule message source address as the destination address of all source addresses 1.1.1.1/32

[SwitchA-acl-adv-101] rule 1 permit ip source any destination 1.1.1.1 0

4. mirror the packets that comply with the preceding ACL rules to the E0/8 Port

[SwitchA] mirrored-to ip-group 100 interface e0/8

2-layer stream-Based Image 〗

1. Define an ACL

[SwitchA] acl num0 200

2. Define a rule to send data packets from E0/1 to all other ports.

[SwitchA] rule 0 permit ingress interface Ethernet0/1 egress interface Ethernet0/2

3. Define a packet rule from all other ports to E0/1

[SwitchA] rule 1 permit ingress interface Ethernet0/2 egress interface Ethernet0/1

4. mirror the packets that match the preceding ACL to E0/8.

[SwitchA] mirrored-to link-group 200 interface e0/8

[5516/6506/6503/6506 R]

Currently, these three products support mirroring inbound port traffic.

1. Define the Image Port

[SwitchA] monitor-port Ethernet 3/0/2

2. Define the port to be mirrored

[SwitchA] routing ing-port Ethernet 3/0/1 inbound

Note! I would like to remind you that the configuration methods of devices of the same model and different versions are sometimes different. In the end, the operation manual corresponding to the version should prevail.