1-42
To do… Use the command… Remarks
Configure the port as the
monitor port
monitor-port
Required
Return to system view
quit
—
Enter Ethernet port view
interface interface-type
interface-number
—
Mirror incoming ACL
matching packets on the
port to the monitor port
mirrored-to inbound
acl-rule monitor-interface
Required
User-defined traffic classification rules configured for traffic mirroring in the global scope
or for a VLAN take precedence over the default rules used for processing protocol packets.
The device will perform mirroring action preferentially, which may affect device
management implemented through Telnet and so on.
Configuration examples
# Duplicate the incoming packets from network segment 10.1.1.0/24 to monitor port
GigabitEthernet 1/0/4 (assume that GigabitEthernet 1/0/1 is connected to network segment
10.1.1.0/24 and carries VLAN 2).
1) Method I: configure traffic mirroring for port GigabitEthernet 1/0/1
<Sysname> system-view
[Sysname] acl number 2000
[Sysname-acl-basic-2000] rule permit source 10.1.1.0 0.0.0.255
[Sysname-acl-basic-2000] quit
[Sysname] interface GigabitEthernet 1/0/4
[Sysname-GigabitEthernet1/0/4] monitor-port
[Sysname-GigabitEthernet1/0/4] quit
[Sysname] interface GigabitEthernet 1/0/1
[Sysname-GigabitEthernet1/0/1] mirrored-to inbound ip-group 2000
monitor-interface
2) Method II: configure traffic mirroring for VLAN 2
<Sysname> system-view
[Sysname] acl number 2000
[Sysname-acl-basic-2000] rule permit source 10.1.1.0 0.0.0.255
[Sysname-acl-basic-2000] quit
[Sysname] interface GigabitEthernet 1/0/4
[Sysname-GigabitEthernet1/0/4] monitor-port
[Sysname-GigabitEthernet1/0/4] quit
[Sysname] mirrored-to vlan 2 inbound ip-group 2000 monitor-interface
To Next Page
Loading...
