端口镜像时,如何配置多个观察口

发布时间:  2014-09-12 浏览次数:  574 下载次数:  0
问题描述

如图
告警信息
处理过程
配置举例:

预留vlan3500(for example)

#
vlan batch 3 10 20 100 300 to 301 3000 to 3002 3500 4000
#

观察端口

#
observe-port 1 interface GigabitEthernet0/0/21 vlan 3500
#

三个镜像端口:

#
interface GigabitEthernet0/0/3
port-mirroring to observe-port 1 both
#
interface GigabitEthernet0/0/4
port-mirroring to observe-port 1 both
#
interface GigabitEthernet0/0/5
port-mirroring to observe-port 1 both
#

三个观察端口:

#
interface GigabitEthernet0/0/11
port link-type trunk
undo port trunk allow-pass vlan 1
port trunk allow-pass vlan 3500
#
interface GigabitEthernet0/0/12
port link-type trunk
undo port trunk allow-pass vlan 1
port trunk allow-pass vlan 3500
#
interface GigabitEthernet0/0/13
port link-type trunk
undo port trunk allow-pass vlan 1
port trunk allow-pass vlan 3500
#
环回端口:
#
interface GigabitEthernet0/0/21
description neibuhuanhui
loopback internal
mac-address learning disable
port link-type trunk
undo port trunk allow-pass vlan 1
port trunk allow-pass vlan 3500
stp disable

根因
建议与总结
实现原理:将所有端口镜像报文引入一个观察端口,通过观察端口内部环回(配置loopback internal),将报文在vlan内广播道其它若干实际观察端口,报文出端口时剥除vlan id。

注意:如果交换机全局配置stp enable,需要在环回端口上配置stp disable,否则该端口如果接收到交换机自己发出去的stp报文,会将端口置为discarding状态,环回报文都会在入向被丢弃

END