No relevant resource is found in the selected language.

This site uses cookies. By continuing to browse the site you are agreeing to our use of cookies. Read our privacy policy>Search

Reminder

To have a better experience, please upgrade your IE browser.

upgrade

S600-E V200R011C10 Configuration Guide - Network Management and Monitoring

This document provides the configurations of network management and monitoring features supported by the product, including SNMP, RMON, LLDP, NQA, Service Diagnosis, Mirroring, Packet Capture, and sFlow.
Rate and give feedback:
Huawei uses machine translation combined with human proofreading to translate this document to different languages in order to help you better understand the content of this document. Note: Even the most advanced machine translation cannot match the quality of professional translators. Huawei shall not bear any responsibility for translation accuracy and it is recommended that you refer to the English document (a link for which has been provided).
Configuring ACL-based Local Traffic Mirroring

Configuring ACL-based Local Traffic Mirroring

Procedure

  1. Run the system-view command to enter the system view.
  2. Configure local observing ports.

    Run the observe-port [ observe-port-index ] interface interface-type interface-number command to configure a local observing port.

    NOTE:

    An observing port is dedicated to forwarding mirrored traffic. Do not configure other services on an observing port; otherwise, mirrored traffic and other service traffic interfere with each other.

  3. Configure ACL-based traffic mirroring.

    • Configure ACL-based traffic mirroring in the system or a VLAN.

      • Run the following command to apply a basic ACL, an advanced ACL, a named ACL, a Layer 2 ACL, or a user-defined ACL (in IPv4).

        traffic-mirror [ vlan vlan-id ] inbound acl { bas-acl | adv-acl | name acl-name | l2-acl | user-acl } [ rule rule-id ] to observe-port observe-port-index

      • Run the following command to apply a basic ACL, an advanced ACL, or a named ACL (in IPv6).

        traffic-mirror [ vlan vlan-id ] inbound acl ipv6 { bas-acl | adv-acl | name acl-name } [ rule rule-id ] to observe-port observe-port-index

      • Run the following command to apply a Layer 2 ACL and a basic ACL/advanced ACL/named ACL (in IPv4).

        traffic-mirror [ vlan vlan-id ] inbound acl l2-acl [ rule rule-id ] acl { bas-acl | adv-acl | name acl-name } [ rule rule-id ] to observe-port observe-port-index

      • Run the following command to apply a basic ACL/advanced ACL and a Layer 2 ACL/named ACL (in IPv4).

        traffic-mirror [ vlan vlan-id ] inbound acl { bas-acl | adv-acl } [ rule rule-id ] acl { l2-acl | name acl-name } [ rule rule-id ] to observe-port observe-port-index

      • Run the following command to apply a named ACL and a basic ACL/advanced ACL/Layer 2 ACL/named ACL (in IPv4).

        traffic-mirror [ vlan vlan-id ] inbound acl name acl-name [ rule rule-id ] acl { bas-acl | adv-acl | l2-acl | name acl-name } [ rule rule-id ] to observe-port observe-port-index

    • Configure ACL-based traffic mirroring on an interface. (Before the configuration, run the interface interface-type interface-number command to enter the interface view.)

      • Run the following command to apply a basic ACL, an advanced ACL, a named ACL, a Layer 2 ACL, or a user-defined ACL (in IPv4).

        traffic-mirror inbound acl { bas-acl | adv-acl | name acl-name | l2-acl | user-acl } [ rule rule-id ] to observe-port observe-port-index

      • Run the following command to apply a basic ACL, an advanced ACL, or a named ACL (in IPv6).

        traffic-mirror inbound acl ipv6 { bas-acl | adv-acl | name acl-name } [ rule rule-id ] to observe-port observe-port-index

      • Run the following command to apply a Layer 2 ACL and a basic ACL/advanced ACL/named ACL (in IPv4).

        traffic-mirror inbound acl l2-acl [ rule rule-id ] acl { bas-acl | adv-acl | name acl-name } [ rule rule-id ] to observe-port observe-port-index

      • Run the following command to apply a basic ACL/advanced ACL and a Layer 2 ACL/named ACL (in IPv4).

        traffic-mirror inbound acl { bas-acl | adv-acl } [ rule rule-id ] acl { l2-acl | name acl-name } [ rule rule-id ] to observe-port observe-port-index

      • Run the following command to apply a named ACL and a basic ACL/advanced ACL/Layer 2 ACL/named ACL (in IPv4).

        traffic-mirror inbound acl name acl-name [ rule rule-id ] acl { bas-acl | adv-acl | l2-acl | name acl-name } [ rule rule-id ] to observe-port observe-port-index

    observe-port-index specifies the observing port index and must be the same as the index of the configured observing port.

Configuration Tips

Restoring the default configuration of an Ethernet port configured as an observing port

  1. Delete the ACL-based traffic mirroring configured in the system or interface view. In the following example, ACL-based traffic mirroring is deleted from the interface view.

    [HUAWEI] interface gigabitethernet x/x/x
    [HUAWEI-GigabitEthernetx/x/x] undo traffic-mirror inbound acl xxx
    [HUAWEI-GigabitEthernetx/x/x] quit
  2. Delete the observing port configuration in the system view.

    [HUAWEI] undo observe-port x
    
  3. After steps 1 and 2 are complete, the default configuration of the Ethernet port is restored. You can then configure other services on the Ethernet port.

Translation
Download
Updated: 2019-09-23

Document ID: EDOC1000178020

Views: 73790

Downloads: 8

Average rating:
This Document Applies to these Products
Related Documents
Related Version
Share
Previous Next