Sx300 Series Switches Typical Configuration Examples
Example for Configuring Local Port Mirroring (1:1 Mirroring)
Local Port Mirroring Overview
In local port mirroring, an observing port is directly connected to a monitoring device and directly forwards the packets copied from a mirrored port to the monitoring device for fault location and service monitoring.
Configuration Notes
You must dedicate observing ports for mirroring use and do not configure other services on them to prevent mirrored traffic and other service traffic from affecting each other. Do not configure any member port of an Eth-Trunk as an observing port. If you must do so, ensure that the bandwidth of service traffic on this port and the bandwidth occupied by the mirrored traffic do not exceed the bandwidth limit of the port.
If the mirroring function is deployed on many ports of a device, a great deal of internal forwarding bandwidth will be occupied, which affects the forwarding of other services. Additionally, if the mirrored port bandwidth is higher than the observing port bandwidth, for example, 1000 Mbit/s on a mirrored port and 100 Mbit/s on an observing port, the observing port will fail to forward all mirrored packets in a timely manner because of insufficient bandwidth, leading to packet loss.
Both physical interfaces and Eth-Trunks can be configured as mirrored ports. If an Eth-Trunk is configured as a mirrored port, its member ports cannot be configured as observing ports.
- This example applies to all versions of the S9300 and S9300X.
Networking Requirements
As shown in Figure 14-7, the administrative department of a company accesses the Internet through the Switch, and the monitoring device Server is directly connected to the Switch.
Internet access traffic of the administrative department needs to be monitored through the Server.
Configuration Roadmap
- Configure GE1/0/2 of the Switch as a local observing port to forward mirrored packets to the Server.
- Configure GE1/0/1 of the Switch as a mirrored port to copy Internet access traffic of the administrative department to the local observing port.
Procedure
- Configure an observing port.
# Configure GE1/0/2 of the Switch as a local observing port.
<HUAWEI> system-view [HUAWEI] sysname Switch [Switch] observe-port 1 interface gigabitethernet 1/0/2 //Configure GE1/0/2 as a local observing port 1.
- Configure a mirrored port.
# Configure GE1/0/1 of the Switch as a mirrored port to copy the packets received by the mirrored port to the local observing port.
[Switch] interface gigabitethernet 1/0/1 [Switch-GigabitEthernet1/0/1] port-mirroring to observe-port 1 inbound //Mirror incoming packets on GE1/0/1 to observing port 1. [Switch-GigabitEthernet1/0/1] return
- Verify the configuration.
# Check the observing port configuration.
<Switch> display observe-port ---------------------------------------------------------------------- Index : 1 Untag-packet : No Forwarding : No Interface : GigabitEthernet1/0/2 ----------------------------------------------------------------------
# Check the mirrored port configuration.
<Switch> display port-mirroring ---------------------------------------------------------------------- Observe-port 1 : GigabitEthernet1/0/2 ---------------------------------------------------------------------- Port-mirror: ---------------------------------------------------------------------- Mirror-port Direction Observe-port ---------------------------------------------------------------------- 1 GigabitEthernet1/0/1 Inbound Observe-port 1 ----------------------------------------------------------------------