No relevant resource is found in the selected language.

This site uses cookies. By continuing to browse the site you are agreeing to our use of cookies. Read our privacy policy>

Reminder

To have a better experience, please upgrade your IE browser.

upgrade

S7700 mirroring configuration by MQC

Publication Date:  2017-06-27 Views:  604 Downloads:  0
Issue Description

During network operation and maintenance, customer want to obtain and analyze packets sent to or from devices for service monitoring and fault location purposes. So customer have done some configuration that try to mirror data for VLAN 44 and 2378.from the uplink port which allow many vlan through, The switch is S7700 V200R008C00SPC500.

But After configuration, customer observed mirrored traffic from VLAN 2378 (relevant vlan) and other VLAN 885 (undesired vlan).

Output capture as bellow:


Customer topology as bellow:


Customer configuration as bellow:

AGG-2>display current-configuration | include observe

observe-port 6 interface GigabitEthernet2/0/15 vlan 2378

port-mirroring to observe-port 6 inbound

port-mirroring to observe-port 6 outbound

 

AGG-2>display current-configuration interface GigabitEthernet 2/0/15

#

interface GigabitEthernet2/0/15

description *PINNACLE-POC*

port link-type trunk

undo port trunk allow-pass vlan 1

port trunk allow-pass vlan 44 2378

stp disable

port-mirroring to observe-port 6 inbound

port-mirroring to observe-port 6 outbound

#

Return

Alarm Information

none

Handling Process

Firstcheck the configuration of observe-port, Customer configuration is Remote Traffic Mirroring it no need here, Suggest change to Local Traffic Mirroring as bellow:

 

observe-port 6 interface gigabitethernet 2/0/15

 

Secondcustomer want to mirror data for VLAN 44 and 2378 so we suggest configuration MQC as bellow:

 

traffic classifier test operator or precedence 35

if-match vlan-id 2378

if-match vlan-id 44

traffic behavior test

permit

mirroring to observe-port 6

statistic enable

traffic policy test match-order config

classifier test behavior test

interface XGigabitEthernet1/0/10

traffic-policy test inbound

traffic-policy test outbound

 

ERROR : when binding the above config to interface XG 1/0/10 we get error :  traffic-policy test outbound  

 

Error: Check rule failed, outbound mirroring can not be configured together with other actions about policy test, class test, behavior test on interface XGigabitEthernet1/0/10 of slot 1.

Root Cause

Configuration is wrong, Because when outbound mirroring is configured, traffic mirroring is not allowed to be configured with other behaviors. When inbound mirroring is configured, traffic is allowed to be configured with other behaviors. So about this issue we need delete the traffic behavior that other than mirroring.

Solution

Change the configuration as bellow:

traffic classifier test operator or precedence 35 // operator OR to capture multiple vlan

if-match vlan-id 2378

if-match vlan-id 44

 

traffic behavior test // undo permit and statistic

mirroring to observe-port 6

 

traffic policy test match-order config

classifier test behavior test

 

interface XGigabitEthernet1/0/10

traffic-policy test inbound

traffic-policy test outbound // no error when applying the policy on the capture interface


Suggestions

Configuration is wrong, Because when outbound mirroring is configured, traffic mirroring is not allowed to be configured with other behaviors. So when we want configuration the mirroring by MQC please need delete the traffic behavior that other than mirroring.

END