No relevant resource is found in the selected language.

This site uses cookies. By continuing to browse the site you are agreeing to our use of cookies. Read our privacy policy>Search

Reminder

To have a better experience, please upgrade your IE browser.

upgrade

S2700, S3700, S5700, S6700, S7700, and S9700 Series Switches Typical Configuration Examples

This document provides examples for configuring features in typical usage scenarios.
Rate and give feedback:
Huawei uses machine translation combined with human proofreading to translate this document to different languages in order to help you better understand the content of this document. Note: Even the most advanced machine translation cannot match the quality of professional translators. Huawei shall not bear any responsibility for translation accuracy and it is recommended that you refer to the English document (a link for which has been provided).
Example for Configuring Local MAC Address Mirroring

Example for Configuring Local MAC Address Mirroring

Local MAC Address Mirroring Overview

In local MAC address mirroring, an observing port is directly connected to a monitoring device and forwards the packets with a specified MAC address to the monitoring device for analysis.

Configuration Notes

  • You must dedicate observing ports for mirroring use and do not configure other services on them to prevent mirrored traffic and other service traffic from affecting each other. Do not configure any member port of an Eth-Trunk as an observing port. If you must do so, ensure that the bandwidth of service traffic on this port and the bandwidth occupied by the mirrored traffic do not exceed the bandwidth limit of the port.

  • If the mirroring function is deployed on many ports of a device, a great deal of internal forwarding bandwidth will be occupied, which affects the forwarding of other services. Additionally, if the mirrored port bandwidth is higher than the observing port bandwidth, for example, 1000 Mbit/s on a mirrored port and 100 Mbit/s on an observing port, the observing port will fail to forward all mirrored packets in a timely manner because of insufficient bandwidth, leading to packet loss.

  • On all Huawei S series modular switch models, Eth-Trunks can be configured as observing ports. On the following Huawei S series fixed switch models, Eth-Trunks can be configured as observing ports in V200R005 and later versions: S5700HI, S5710EI, S5710HI, S5720EI, S5720HI, S5730HI, S6700EI, S6720EI, S6720HI, and S6720S-EI.

  • MAC address mirroring applies only to inbound packets.

  • For the applicable products and versions of this configuration example, see Applicable product models and versions.

Networking Requirements

As shown in Figure 17-20, all the hosts of a company access the Internet through the Switch and belong to VLAN 10. The monitoring device Server is directly connected to the Switch.

Internet access traffic of the host with a MAC address 0001-0001-0001 needs to be monitored through the Server.

Figure 17-20  Local MAC address mirroring networking

Configuration Roadmap

The configuration roadmap is as follows:
  1. Create VLAN 10 on the Switch and add the ports that connect the Switch to hosts to VLAN 10 so that the hosts can communicate with the Switch at Layer 2.
  2. Configure GE0/0/4 of the Switch as a local observing port to forward mirrored packets to the Server.
  3. Configure MAC address mirroring in VLAN 10 to copy Internet access traffic of the host with a specified MAC address in VLAN 10 to the local observing port.

Procedure

  1. Add ports to a VLAN.

    # Create VLAN 10 on the Switch and add GE0/0/1 through GE0/0/3 to VLAN 10.

    <HUAWEI> system-view
    [HUAWEI] sysname Switch
    [Switch] vlan batch 10
    [Switch] interface gigabitethernet 0/0/1
    [Switch-GigabitEthernet0/0/1] port link-type access     //Set the link type of the host-side interface to access. The default link type of interfaces is not access.
    [Switch-GigabitEthernet0/0/1] port default vlan 10
    [Switch-GigabitEthernet0/0/1] quit
    [Switch] interface gigabitethernet 0/0/2
    [Switch-GigabitEthernet0/0/2] port link-type access     //Set the link type of the host-side interface to access. The default link type of interfaces is not access.
    [Switch-GigabitEthernet0/0/2] port default vlan 10
    [Switch-GigabitEthernet0/0/2] quit
    [Switch] interface gigabitethernet 0/0/3
    [Switch-GigabitEthernet0/0/3] port link-type access     //Set the link type of the host-side interface to access. The default link type of interfaces is not access.
    [Switch-GigabitEthernet0/0/3] port default vlan 10
    [Switch-GigabitEthernet0/0/3] quit

  2. Configure an observing port.

    # Configure GE0/0/4 of the Switch as a local observing port.

    [Switch] observe-port 1 interface gigabitethernet 0/0/4     //Configure GE0/0/4 as local observing port 1.
    

  3. Configure MAC address mirroring.

    # On the Switch, configure MAC address mirroring in VLAN 10 and copy the packets that are received by all the ports in VLAN 10 and contain a MAC address 0001-0001-0001 to the local observing port.

    [Switch] vlan 10
    [Switch-vlan10] mac-mirroring 0001-0001-0001 to observe-port 1 inbound     //Mirror incoming packets with the MAC address 0001-0001-0001 on all the interfaces in VLAN 10 to observing port 1.
    [Switch-vlan10] return

  4. Verify the configuration.

    # Check the observing port configuration.

    <Switch> display observe-port
      ----------------------------------------------------------------------
      Index          : 1
      Untag-packet   : No
      Interface      : GigabitEthernet0/0/4
      ----------------------------------------------------------------------
    

    # Check the mirroring configuration.

    <Switch> display port-mirroring
      ----------------------------------------------------------------------
      Observe-port 1 : GigabitEthernet0/0/4
      ---------------------------------------------------------------------- 
      Mac-mirror:
      ----------------------------------------------------------------------
      Mirror-mac       Vlan    Direction     Observe-port
      ----------------------------------------------------------------------
      0001-0001-0001   10      Inbound       Observe-port 1
      ----------------------------------------------------------------------
    

Configuration Files

  • Configuration file of the Switch

    #
    sysname Switch
    #
    vlan batch 10
    #
    observe-port 1 interface GigabitEthernet0/0/4
    #
    vlan 10
     mac-mirroring 0001-0001-0001 to observe-port 1 inbound
    #
    interface GigabitEthernet0/0/1
     port link-type access
     port default vlan 10
    #
    interface GigabitEthernet0/0/2
     port link-type access
     port default vlan 10
    #
    interface GigabitEthernet0/0/3
     port link-type access
     port default vlan 10
    #
    return
    

Applicable product models and versions

Product Product Model

Software Version

S2700

S2720EI

V200R006C10, V200R009C00, V200R010C00, V200R011C10, V200R012C00, V200R013C00

S2750EI

V200R003C00, V200R005C00SPC300, V200R006C00, V200R007C00, V200R008C00, V200R009C00, V200R010C00, V200R011C00, V200R011C10, V200R012C00

S2700-52P-EI, S2700-52P-PWR-EI

V100R006C05

S3700

S3700SI

V100R006C05

S3700EI

V100R006C05

S3700HI

V200R001C00

S5700

S5700LI

V200R001C00, V200R002C00, V200R003(C00&C02&C10), V200R005C00SPC300, V200R006C00, V200R007C00, V200R008C00, V200R009C00, V200R010C00, V200R011C00, V200R011C10, V200R012C00

S5700S-LI

V200R001C00, V200R002C00, V200R003C00, V200R005C00SPC300, V200R006C00, V200R007C00, V200R008C00, V200R009C00, V200R010C00, V200R011C00, V200R011C10, V200R012C00

S5710-C-LI

V200R001C00

S5710-X-LI

V200R008C00, V200R009C00, V200R010C00, V200R011C00, V200R011C10, V200R012C00

S5700SI

V200R001C00, V200R002C00, V200R003C00, V200R005C00

S5700EI

V200R001(C00&C01), V200R002C00, V200R003C00, V200R005(C00&C01&C02&C03)

S5710EI

V200R001C00, V200R002C00, V200R003C00, V200R005(C00&C02)

S5700HI

V200R001(C00&C01), V200R002C00, V200R003C00, V200R005(C00SPC500&C01&C02)

S5710HI

V200R003C00, V200R005(C00&C02&C03)

S5720LI, S5720S-LI

V200R010C00, V200R011C00, V200R011C10, V200R012(C00&C20), V200R013C00

S5720SI, S5720S-SI

V200R008C00, V200R009C00, V200R010C00, V200R011C00, V200R011C10, V200R012C00, V200R013C00

S5720I-SI

V200R012C00, V200R013C00

S5730SI

V200R011C10, V200R012C00, V200R013C00

S5730S-EI

V200R011C10, V200R012C00, V200R013C00

S5720EI

V200R007C00, V200R008C00, V200R009C00, V200R010C00, V200R011C00, V200R011C10, V200R012C00, V200R013C00

S6700

S6700EI

V200R001(C00&C01), V200R002C00, V200R003C00, V200R005(C00&C01&C02)

S6720LI, S6720S-LI

V200R011C00, V200R011C10, V200R012C00, V200R013C00

S6720SI, S6720S-SI

V200R011C00, V200R011C10, V200R012C00, V200R013C00

S6720EI

V200R008C00, V200R009C00, V200R010C00, V200R011C00, V200R011C10, V200R012C00, V200R013C00

S6720S-EI

V200R009C00, V200R010C00, V200R011C00, V200R011C10, V200R012C00, V200R013C00

NOTE:
For details about software mappings, visit Hardware Query Tool and search for the desired product model.
Download
Updated: 2019-04-20

Document ID: EDOC1000069520

Views: 661315

Downloads: 29838

Average rating:
This Document Applies to these Products
Related Documents
Related Version
Share
Previous Next