No relevant resource is found in the selected language.

This site uses cookies. By continuing to browse the site you are agreeing to our use of cookies. Read our privacy policy>Search

Reminder

To have a better experience, please upgrade your IE browser.

upgrade

Command Reference

S7700 and S9700 V200R011C10

This document describes all the configuration commands of the device, including the command function, syntax, parameters, views, default level, usage guidelines, examples, and related commands.
Rate and give feedback:
Huawei uses machine translation combined with human proofreading to translate this document to different languages in order to help you better understand the content of this document. Note: Even the most advanced machine translation cannot match the quality of professional translators. Huawei shall not bear any responsibility for translation accuracy and it is recommended that you refer to the English document (a link for which has been provided).
Mirroring Configuration Commands

Mirroring Configuration Commands

NOTE:

The device supports the mirroring function, which is mainly used for network monitoring and fault management and may use user communication information. Huawei will not collect or save user communication information independently. You must use this function in compliance with applicable laws and regulations. Ensure that your customers' privacy is protected when you are using or saving communication information.

Command Support

Commands provided in this section and all the parameters in the commands are supported by all switch models by default, unless otherwise specified. For details, see specific commands.

display observe-port

Function

The display observe-port command displays the observing port configuration.

Format

display observe-port

Parameters

None

Views

All views

Default Level

1: Monitoring level

Usage Guidelines

After observing ports are configured using the observe-port (local observing port) or observe-port (remote observing port) command in the system view, you can run the display observe-port command to check detailed information about the configured observing ports.

Example

# Display the observing port configuration.

<HUAWEI> display observe-port
  ----------------------------------------------------------------------
  Index          : 1
  Untag-packet   : No
  Interface      : GigabitEthernet1/0/1
  ----------------------------------------------------------------------
  Index          : 2
  Untag-packet   : No
  Interface-range: GigabitEthernet2/0/1 to GigabitEthernet2/0/3
  ----------------------------------------------------------------------
  Index          : 3
  Untag-packet   : No
  Interface-range: GigabitEthernet3/0/1 to GigabitEthernet3/0/3
  Vlan           : 2
  ----------------------------------------------------------------------
Table 16-80  Description of the display observe-port command output

Item

Description

Index

Index of an observing port. This parameter is configured using the observe-port (local observing port) or observe-port (remote observing port) command.

Untag-packet

Whether to remove VLAN tags of mirrored packets. This parameter is configured using the observe-port (local observing port) command.

NOTE:

VLAN tags of mirrored packets can be removed only when local observing ports are configured on X series cards and packets are mirrored to local observing ports. Each mirrored packet can have at most two VLAN tags removed.

Interface

Observing ports configured one by one. This parameter is configured using the observe-port (local observing port) or observe-port (remote observing port) command.

Interface-range

Observing ports configured in a batch. This parameter is configured using the observe-port (local observing port) or observe-port (remote observing port) command.

Vlan

VLAN ID

This parameter is configured using the observe-port (remote observing port) command.

display port-mirroring

Function

The display port-mirroring command displays the mirroring configuration.

Format

display port-mirroring

Parameters

None

Views

All views

Default Level

1: Monitoring level

Usage Guidelines

After observing ports and mirrored ports are configured on the switch, you can run the display port-mirroring command to check detailed mirroring configuration on the switch.

Example

# Display the mirroring configuration.

<HUAWEI> display port-mirroring
  ----------------------------------------------------------------------
  Observe-port 1 : GigabitEthernet4/0/1
  Observe-port 2 : GigabitEthernet4/0/2
  ----------------------------------------------------------------------
  Port-mirror:
  ----------------------------------------------------------------------
       Mirror-port               Direction  Observe-port
  ----------------------------------------------------------------------
  1    GigabitEthernet4/0/10     Inbound    Observe-port 1
  ----------------------------------------------------------------------
  Stream-mirror:
  ----------------------------------------------------------------------
       Behavior                  Direction  Observe-port
  ----------------------------------------------------------------------
  1    b1                        -          Observe-port 2
  ----------------------------------------------------------------------
Table 16-81  Description of the display port-mirroring command output

Item

Description

Port-mirror

Port mirroring configuration.

Mirror-port

Mirrored port. This parameter is configured using the port-mirroring to observe-port command.

Direction

Direction of mirrored packets:
  • Inbound

  • Outbound

This parameter is configured using the port-mirroring to observe-port command.

Observe-port

Observing port to which mirrored packets are sent. This parameter is configured using the observe-port (local observing port) or observe-port (remote observing port) command.

Stream-mirror

Traffic mirroring configuration.

Behavior

Traffic behavior of traffic mirroring.

mirroring to cpu

Function

The mirroring to cpu command copies traffic matching rules to the CPU.

The undo mirroring command cancels copying traffic matching rules to the CPU.

By default, traffic matching rules is not copied to the CPU.

Format

mirroring to cpu

undo mirroring

Parameters

None

Views

Traffic behavior view

Default Level

3: Management level

Usage Guidelines

When configuring MQC-based traffic mirroring, you can run the mirroring to cpu command to copy traffic matching rules to the CPU of an LPU for analysis.

Running this command will affect the CPU of an LPU. Therefore, use this command with caution.

Example

# Copy traffic matching rules to the CPU.

<HUAWEI> system-view
[HUAWEI] traffic behavior tb1
[HUAWEI-behavior-tb1] mirroring to cpu

mirroring to observe-port

Function

The mirroring to observe-port command copies traffic matching rules to observing ports.

The undo mirroring command cancels copying traffic matching rules to observing ports.

By default, traffic matching rules is not copied to observing ports.

Format

mirroring to observe-port observe-port-index

undo mirroring

Parameters

Parameter Description Value
observe-port-index

Specifies the index of observing ports.

The value is an integer that ranges from 1 to 8.

Views

Traffic behavior view

Default Level

3: Management level

Usage Guidelines

Usage Scenario

When configuring MQC-based traffic mirroring, you can run the mirroring to observe-port command to copy traffic matching rules to a specified observing port.

Prerequisites

Observing ports have been configured using the observe-port (local observing port) or observe-port (remote observing port) command in the system view.

Precautions

On the EH1D2G48TBC0 and EH1D2G48SBC0 cards of the S9700 and ES1D2G48TBC0 and ES1D2G48SBC0 cards of the S7700, outbound traffic mirroring does not take effect on Eth-Trunks. On other series cards, outbound traffic mirroring is invalid for inter-card traffic.

Example

# Copy traffic matching rules to observing ports with index 1.

<HUAWEI> system-view
[HUAWEI] observe-port 1 interface gigabitethernet 1/0/1
[HUAWEI] traffic behavior tb1
[HUAWEI-behavior-tb1] mirroring to observe-port 1

observe-port (local observing port)

Function

The observe-port command configures local observing ports.

The undo observe-port command deletes local observing ports.

By default, no local observing ports are configured.

Format

observe-port [ observe-port-index ] interface interface-type interface-number [ untag-packet ] (single configuration)

observe-port [ observe-port-index ] interface-range { interface-type interface-number [ to interface-type interface-number ] } &<1-8> [ untag-packet ] (batch configuration)

observe-port observe-port-index interface-range { add | delete } interface-type interface-number

undo observe-port observe-port-index

Parameters

Parameter Description Value
observe-port-index

Specifies the index of observing ports.

The value is an integer that ranges from 1 to 8.

interface-type interface-number

Specifies the type and number of an interface.

-
add

Adds observing ports to the observing ports configured in a batch.

-
delete

Deletes observing ports from the observing ports configured in a batch.

-
untag-packet

Removes VLAN tags of mirrored packets.

NOTE:

VLAN tags of mirrored packets can be removed only when a mirrored port belongs to X series cards, and each mirrored packet can have at most two VLAN tags removed. That is, during observing port configuration, the untag-packet parameter can be configured on ports of any card. If you configure the port-mirroring to observe-port command to bind a mirrored port to an observing port, the function of removing VLAN tags of mirrored packets takes effect only when the mirrored port belongs to X series cards.

-

Views

System view

Default Level

3: Management level

Usage Guidelines

Usage Scenario

When an observing port is directly connected to a monitoring host, you can run the observe-port command to configure a local observing port. Observing ports can be configured one by one or in a batch. The single configuration and batch configuration modes can be used simultaneously. If multiple observing ports are configured in a batch, these observing ports are bound to the same mirrored port. Therefore, batch configuration is often used to simplify the configuration of 1:N mirroring.

Precautions

  • The management interface cannot be configured as an observing port.
  • If you configure observing ports without specifying observe-port-index, the system selects the smallest unused indexes and assigns the indexes to the observing ports in sequence.
  • If you need to update the observing ports configured in a batch, run the observe-port observe-port-index interface-range { add | delete } interface-type interface-number command to add or delete observing ports to or from the configured observing ports.
  • In 1:N mirroring, if you configure packets (in the inbound or outbound direction) on a mirrored port to be copied to multiple observing ports configured in a batch, the packets cannot be copied to other observing ports.
  • Both Ethernet ports and Eth-Trunks can be configured as observing ports.
  • An observing port in blocked state can still forward mirrored packets.
  • The maximum number of observing ports varies depending on device models. For details, see Observing Port Specifications in "Mirroring Configuration" in the S7700 and S9700 V200R011C10 Configuration Guide - Network Management and Monitoring.
  • An observing port is dedicated to forwarding mirrored traffic. Do not configure other services on an observing port; otherwise, mirrored traffic and other service traffic interfere with each other. Do not configure any member port of an Eth-Trunk as an observing port. If you must do so, ensure that the bandwidth of service traffic on this port and the bandwidth occupied by the mirrored traffic do not exceed the bandwidth limit of the port.

Example

# Configure GigabitEthernet1/0/1 as a local observing port.

<HUAWEI> system-view
[HUAWEI] observe-port 1 interface gigabitethernet 1/0/1
# Configure GigabitEthernet1/0/1 through GigabitEthernet1/0/3 as local observing ports in a batch.
<HUAWEI> system-view
[HUAWEI] observe-port 1 interface-range gigabitethernet 1/0/1 to gigabitethernet 1/0/3

observe-port (remote observing port)

Function

The observe-port command configures remote observing ports.

The undo observe-port command deletes remote observing ports.

By default, no remote observing ports are configured.

Format

observe-port [ observe-port-index ] interface interface-type interface-number vlan vlan-id (Layer 2 remote observing port configured one by one)

observe-port [ observe-port-index ] interface-range { interface-type interface-number [ to interface-type interface-number ] } &<1-8> vlan vlan-id (Layer 2 remote observing ports configured in a batch)

observe-port observe-port-index interface-range { add | delete } interface-type interface-number

undo observe-port observe-port-index

Parameters

Parameter Description Value
observe-port-index

Specifies the index of observing ports.

The value is an integer that ranges from 1 to 8.

interface-type interface-number

Specifies the type and number of an interface.

-
add

Adds observing ports to the observing ports configured in a batch.

-
delete

Deletes observing ports from the observing ports configured in a batch.

-
vlan vlan-id

Specifies the VLAN ID encapsulated into mirrored packets.

The value is an integer that ranges from 1 to 4094.

Views

System view

Default Level

3: Management level

Usage Guidelines

Usage Scenario

In remote mirroring, a monitoring device and monitored device where an observing port resides are connected through a Layer 2 network. The monitored device adds a specified VLAN tag to mirrored packets, and then the observing port broadcasts the mirrored packets in a specified VLAN so that the mirrored packets can be sent to the monitoring device.

Observing ports can be configured one by one or in a batch. The single configuration and batch configuration modes can be used simultaneously. If multiple observing ports are configured in a batch, these observing ports are bound to the same mirrored port. Therefore, batch configuration is often used to simplify the configuration of 1:N mirroring.

Precautions

  • The management interface cannot be configured as an observing port.
  • If you configure observing ports without specifying observe-port-index, the system selects the smallest unused indexes and assigns the indexes to the observing ports in sequence.
  • If you need to update the observing ports configured in a batch, run the observe-port observe-port-index interface-range { add | delete } interface-type interface-number command to add or delete observing ports to or from the configured observing ports.
  • In 1:N mirroring, if you configure packets (in the inbound or outbound direction) on a mirrored port to be copied to multiple observing ports configured in a batch, the packets cannot be copied to other observing ports.
  • Both Ethernet ports and Eth-Trunks can be configured as observing ports.
  • An observing port in blocked state can still forward mirrored packets.
  • The maximum number of observing ports varies depending on device models. For details, see Observing Port Specifications in "Mirroring Configuration" in the S7700 and S9700 V200R011C10 Configuration Guide - Network Management and Monitoring.
  • An observing port is dedicated to forwarding mirrored traffic. Do not configure other services on an observing port; otherwise, mirrored traffic and other service traffic interfere with each other. Do not configure any member port of an Eth-Trunk as an observing port. If you must do so, ensure that the bandwidth of service traffic on this port and the bandwidth occupied by the mirrored traffic do not exceed the bandwidth limit of the port.

Example

# Configure GigabitEthernet1/0/1 as a Layer 2 remote observing port, and bind the port to VLAN 10.

<HUAWEI> system-view
[HUAWEI] observe-port 1 interface gigabitethernet 1/0/1 vlan 10
# Configure GigabitEthernet1/0/1 through GigabitEthernet1/0/3 as Layer 2 remote observing ports in a batch, and bind these ports to VLAN 10.
<HUAWEI> system-view
[HUAWEI] observe-port 2 interface-range gigabitethernet 1/0/1 to gigabitethernet 1/0/3 vlan 10

port-mirroring to observe-port

Function

The port-mirroring to observe-port command copies packets on a mirrored port to observing ports.

The undo port-mirroring command cancels copying packets on a mirrored port to observing ports.

By default, packets on a mirrored port are not copied to observing ports.

Format

port-mirroring to observe-port observe-port-index { both | inbound | outbound }

undo port-mirroring [ to observe-port observe-port-index ] { both | inbound | outbound }

Parameters

Parameter Description Value
observe-port-index

Specifies the index of observing ports.

The value is an integer that ranges from 1 to 8.

both

Copies inbound and outbound packets on a mirrored port to observing ports.

-

inbound

Copies inbound packets on a mirrored port to observing ports.

-

outbound

Copies outbound packets on a mirrored port to observing ports.

-

Views

Ethernet interface view, GE interface view, XGE interface view, 40GE interface view, 100GE interface view, Eth-Trunk interface view, port group view

Default Level

3: Management level

Usage Guidelines

Usage Scenario

In port mirroring, you can run the port-mirroring to observe-port command to copy packets that pass through a mirrored port to specified observing ports.

Prerequisites

Observing ports have been configured using the observe-port (local observing port) or observe-port (remote observing port) command in the system view.

Precautions

To prevent mirrored packets from being lost, ensure that mirrored and monitoring ports have the same port type and bandwidth.

Both physical interfaces and Eth-Trunks can be configured as mirrored ports. If an Eth-Trunk is configured as a mirrored port, its member ports cannot be configured as observing ports.

Example

# Configure port mirroring for inbound packets on GigabitEthernet1/0/1.

<HUAWEI> system-view
[HUAWEI] observe-port 1 interface gigabitethernet 1/0/2
[HUAWEI] interface gigabitethernet 1/0/1
[HUAWEI-GigabitEthernet1/0/1] port-mirroring to observe-port 1 inbound
Translation
Download
Updated: 2019-10-18

Document ID: EDOC1000178288

Views: 26424

Downloads: 109

Average rating:
This Document Applies to these Products
Related Version
Related Documents
Share
Previous Next