No relevant resource is found in the selected language.

This site uses cookies. By continuing to browse the site you are agreeing to our use of cookies. Read our privacy policy>Search

Reminder

To have a better experience, please upgrade your IE browser.

upgrade

S2700, S3700, S5700, S6700, S7700, and S9700 Series Switches Typical Configuration Examples

This document provides examples for configuring features in typical usage scenarios.
Rate and give feedback:
Huawei uses machine translation combined with human proofreading to translate this document to different languages in order to help you better understand the content of this document. Note: Even the most advanced machine translation cannot match the quality of professional translators. Huawei shall not bear any responsibility for translation accuracy and it is recommended that you refer to the English document (a link for which has been provided).
Example for Configuring Local Port Mirroring (M:N Mirroring)

Example for Configuring Local Port Mirroring (M:N Mirroring)

M:N Mirroring Overview

In M:N mirroring, packets on M mirrored ports are copied to N observing ports so that packets on multiple ports can be copied to different monitoring devices for analysis and processing.

An M:N mirroring rule is equivalent to multiple 1:N mirroring rules and also requires multiple observing ports to be configured and connected to different monitoring devices. There are two modes for configuring observing ports: configure a single observing port and configure an observing port group. Observing port group is often used in 1:N mirroring to simplify the configuration and save observing port indexes. This is because an observing port group occupies only one observing port index regardless of how many ports are configured in the group.

Configuration Notes

  • You must dedicate observing ports for mirroring use and do not configure other services on them to prevent mirrored traffic and other service traffic from affecting each other. Do not configure any member port of an Eth-Trunk as an observing port. If you must do so, ensure that the bandwidth of service traffic on this port and the bandwidth occupied by the mirrored traffic do not exceed the bandwidth limit of the port.

  • If the mirroring function is deployed on many ports of a device, a great deal of internal forwarding bandwidth will be occupied, which affects the forwarding of other services. Additionally, if the mirrored port bandwidth is higher than the observing port bandwidth, for example, 1000 Mbit/s on a mirrored port and 100 Mbit/s on an observing port, the observing port will fail to forward all mirrored packets in a timely manner because of insufficient bandwidth, leading to packet loss.

  • On all Huawei S series modular switch models, Eth-Trunks can be configured as observing ports. On the following Huawei S series fixed switch models, Eth-Trunks can be configured as observing ports in V200R005 and later versions: S5700HI, S5710EI, S5710HI, S5720EI, S5720HI, S5730HI, S6700EI, S6720EI, S6720HI, and S6720S-EI.

  • Both physical interfaces and Eth-Trunks can be configured as mirrored ports. If an Eth-Trunk is configured as a mirrored port, its member ports cannot be configured as observing ports.

  • In M:N mirroring, if you batch configure either inbound or outbound packets to be copied from a mirrored port to multiple observing ports, the packets cannot be copied to other observing ports.
  • In this configuration example, observing ports are configured in a batch, so applicable products and versions of this example are the same as Example for Configuring Local 1:N Port Mirroring (Observing Ports Are Configured in a Group). If observing ports are configured one by one, applicable products and versions of the configuration example are the same as Example for Configuring Local 1:N Port Mirroring (Observing Ports Are Configured One by One).

Networking Requirements

As shown in Figure 17-12, three departments (R&D department 1, R&D department 2, and Marketing department) of a company access the Internet through the Switch, and monitoring devices Server1 and Server2 are directly connected to the Switch.

Internet access traffic of the three departments needs to be mirrored to different servers for different monitoring and analysis purposes.

Figure 17-12  Local port mirroring networking

Configuration Roadmap

The configuration roadmap is as follows:
  1. Configure GE1/0/4 and GE1/0/5 of the Switch as local observing ports to forward mirrored packets to different servers.
  2. Configure GE1/0/1 through GE1/0/3 of the Switch as mirrored ports to copy the traffic passing through the mirrored ports to different local observing ports.

Procedure

  1. Configure observing ports.

    # Configure GE1/0/4 and GE1/0/5 of the Switch as local observing ports in a batch.

    <HUAWEI> system-view
    [HUAWEI] sysname Switch
    [Switch] observe-port 1 interface-range gigabitethernet 1/0/4 gigabitethernet 1/0/5     //Configure GE1/0/4 and GE1/0/5 as local observing ports in a batch and share observing port 1.
    

  2. Configure mirrored ports.

    # Configure GE1/0/1 through GE1/0/3 of the Switch as mirrored ports to copy the packets received by the mirrored ports to different local observing ports.

    [Switch] interface gigabitethernet 1/0/1
    [Switch-GigabitEthernet1/0/1] port-mirroring to observe-port 1 inbound     //Mirror incoming traffic on GE1/0/1 to observing port 1.
    [Switch-GigabitEthernet1/0/1] quit
    [Switch] interface gigabitethernet 1/0/2
    [Switch-GigabitEthernet1/0/2] port-mirroring to observe-port 1 inbound     //Mirror incoming traffic on GE1/0/2 to observing port 1.
    [Switch-GigabitEthernet1/0/2] quit
    [Switch] interface gigabitethernet 1/0/3
    [Switch-GigabitEthernet1/0/3] port-mirroring to observe-port 1 inbound     //Mirror incoming traffic on GE1/0/3 to observing port 1.
    [Switch-GigabitEthernet1/0/3] return

  3. Verify the configuration.

    # Check the observing port configuration.

    <Switch> display observe-port
      ----------------------------------------------------------------------
      Index          : 1
      Untag-packet   : No
      Interface-range: GigabitEthernet1/0/4 to GigabitEthernet1/0/5
      ----------------------------------------------------------------------
    

    # Check the mirrored port configuration.

    <Switch> display port-mirroring
      ----------------------------------------------------------------------
      Observe-port 1 : GigabitEthernet1/0/4 to GigabitEthernet1/0/5
      ----------------------------------------------------------------------
      Port-mirror:
      ----------------------------------------------------------------------
           Mirror-port               Direction  Observe-port
      ----------------------------------------------------------------------
      1    GigabitEthernet1/0/1      Inbound    Observe-port 1
      2    GigabitEthernet1/0/2      Inbound    Observe-port 1
      3    GigabitEthernet1/0/3      Inbound    Observe-port 1
      ----------------------------------------------------------------------  
    

Configuration Files

  • Configuration file of the Switch

    #
    sysname Switch
    #
    observe-port 1 interface-range GigabitEthernet1/0/4 to GigabitEthernet1/0/5
    #
    interface GigabitEthernet1/0/1
     port-mirroring to observe-port 1 inbound
    #
    interface GigabitEthernet1/0/2
     port-mirroring to observe-port 1 inbound
    #
    interface GigabitEthernet1/0/3
     port-mirroring to observe-port 1 inbound
    #
    return
    
Download
Updated: 2019-04-20

Document ID: EDOC1000069520

Views: 656759

Downloads: 29801

Average rating:
This Document Applies to these Products
Related Documents
Related Version
Share
Previous Next