181
Flow mirroring configuration example
Network requirements
As shown in Figure 67, configure flow mirroring so that the server can monitor following traffic:
• All traffic that the Technical department sends to access the Internet.
• IP traffic that the Technical department sends to the Marketing department during working
hours (8:00 to 18:00) on weekdays.
Figure 67 Network diagram
Configuration procedure
# Create a working hour range work, in which the working hour is from 8:00 to 18:00 on weekdays.
<DeviceA> system-view
[DeviceA] time-range work 8:00 to 18:00 working-day
# Create ACL 3000 to allow packets from the Technical department to access the Internet and to the
Marketing department during working hours.
[DeviceA] acl number 3000
[DeviceA-acl-adv-3000] rule permit tcp source 192.168.2.0 0.0.0.255 destination-port eq
www
[DeviceA-acl-adv-3000] rule permit ip source 192.168.2.0 0.0.0.255 destination
192.168.1.0 0.0.0.255 time-range work
[DeviceA-acl-adv-3000] quit
# Create traffic class tech_c, and configure the match criterion as ACL 3000.
[DeviceA] traffic classifier tech_c
[DeviceA-classifier-tech_c] if-match acl 3000
[DeviceA-classifier-tech_c] quit
# Create traffic behavior tech_b, configure the action of mirroring traffic to port GigabitEthernet 1/0/3.
[DeviceA] traffic behavior tech_b
[DeviceA-behavior-tech_b] mirror-to interface gigabitethernet 1/0/3
[DeviceA-behavior-tech_b] quit
Internet
Marketing Dept.
192
.168
.1.
0/24
ServerHost BHost A
Host C Host D
Technical Dept
.
192.168
.2.
0/24
Device A
GE1/0/1
GE1
/0
/2
GE1
/0/
3
GE1
/0/
4
To Next Page
Loading...
