No relevant resource is found in the selected language.

This site uses cookies. By continuing to browse the site you are agreeing to our use of cookies. Read our privacy policy>Search

Reminder

To have a better experience, please upgrade your IE browser.

upgrade

Configuration Guide - Network Management and Monitoring

S2720, S5700, and S6720 V200R013C00

This document describes the configurations of Network Management and Monitoring, including SNMP, RMON, RMON2, LLDP, Performance Management, iPCA, NQA, Service Diagnosis, Mirroring, Packet Capture, NetStream, sFlow, TWAMP Light, NETCONF, ECA, Intelligent Video O&M, eMDI, and Network Deception.
Rate and give feedback:
Huawei uses machine translation combined with human proofreading to translate this document to different languages in order to help you better understand the content of this document. Note: Even the most advanced machine translation cannot match the quality of professional translators. Huawei shall not bear any responsibility for translation accuracy and it is recommended that you refer to the English document (a link for which has been provided).
Configuring the Mirroring Mode

Configuring the Mirroring Mode

Procedure

Mirroring Mode Procedure
Port mirroring
  1. Run the system-view command to enter the system view.
  2. Run the interface interface-type interface-number command to enter the interface view.
  3. Run the port-mirroring to observe-port observe-port-index { both | inbound | outbound } command to copy the traffic received or sent by the mirrored port to a specified observing port.
VLAN mirroring
  1. Run the system-view command to enter the system view.
  2. Run the vlan vlan-id command to enter the VLAN view.
  3. Run the mirroring to observe-port observe-port-index inbound command to copy the traffic received by all active ports in the VLAN to a specified observing port.
MAC address mirroring
  1. Run the system-view command to enter the system view.
  2. Run the vlan vlan-id command to enter the VLAN view.
  3. Run the mac-mirroring mac-address to observe-port observe-port-index inbound command to copy the packets with a specified MAC address in the VLAN to a specified observing port.
Traffic mirroring MQC-based traffic mirroring:
  1. Run the system-view command to enter the system view.
  2. Create a traffic classifier and specify the rules that mirrored traffic needs to match.
    1. Run the traffic classifier classifier-name command to create a traffic classifier and enter the traffic classifier view.

    2. Run the if-match command to configure matching rules in the traffic classifier.

      You can configure multiple types of matching rules in a traffic classifier. For details, see "MQC Configuration - Configuring a Traffic Classifier" in the S2720, S5700, and S6720 V200R013C00 Configuration Guide - QoS Configuration.

    3. Run the quit command to exit from the traffic classifier view.

  3. Create a traffic behavior and specify the action as traffic mirroring.
    1. Run the traffic behavior behavior-name command to create a traffic behavior and enter the traffic behavior view.

    2. Run the mirroring to observe-port observe-port-index command to copy the traffic that matches the traffic classifier to the specified observing port.

    3. Run the quit command to exit from the traffic behavior view.
  4. Create a traffic policy.
    1. Run the traffic policy policy-name command to create a traffic policy and enter the traffic policy view.

    2. Run the classifier classifier-name behavior behavior-name command to bind the traffic classifier configured in step 3 and traffic behavior configured in step 4 to the traffic policy.

    3. Run the quit command to exit from the traffic policy view.
  5. Apply the traffic policy.

    A traffic policy can be applied to the system, a VLAN, or an interface. For details, see "MQC Configuration - Applying the Traffic Policy" in the S2720, S5700, and S6720 V200R013C00 Configuration Guide - QoS Configuration. The traffic policy can be performed in multiple VLANs or interfaces to mirror specified traffic in multiple VLANs or interfaces to the same observing port.

    • Apply the traffic policy to the system.

      Run the traffic-policy policy-name global { inbound | outbound } [ slot slot-id ] command to apply the traffic policy globally.

    • Apply the traffic policy in a VLAN.

      1. Run the vlan vlan-id command to enter the VLAN view.

      2. Run the traffic-policy policy-name { inbound | outbound } command to apply the traffic policy to the VLAN.

    • Apply the traffic policy to an interface.

      1. Run the interface interface-type interface-number command to enter the interface view.

      2. Run the traffic-policy policy-name { inbound | outbound } command to apply the traffic policy to the interface.

ACL-based traffic mirroring:
  • In the system or a VLAN:

    • Reference a basic ACL, an advanced ACL, a named ACL, a Layer 2 ACL, or a user-defined ACL (in IPv4).

      traffic-mirror [ vlan vlan-id ] inbound acl { bas-acl | adv-acl | name acl-name | l2-acl | user-acl } [ rule rule-id ] to observe-port observe-port-index

    • Reference a basic ACL, an advanced ACL, or a named ACL (in IPv6).

      traffic-mirror [ vlan vlan-id ] inbound acl ipv6 { bas-acl | adv-acl | name acl-name } [ rule rule-id ] to observe-port observe-port-index

    • Reference a Layer 2 ACL and any one of a basic ACL, an advanced ACL, and a named ACL (in IPv4).

      traffic-mirror [ vlan vlan-id ] inbound acl l2-acl [ rule rule-id ] acl { bas-acl | adv-acl | name acl-name } [ rule rule-id ] to observe-port observe-port-index

    • Reference any one of a basic ACL and an advanced ACL and any one of a Layer 2 ACL and a named ACL (in IPv4).

      traffic-mirror [ vlan vlan-id ] inbound acl { bas-acl | adv-acl } [ rule rule-id ] acl { l2-acl | name acl-name } [ rule rule-id ] to observe-port observe-port-index

    • Reference a named ACL and any one of a basic ACL, an advanced ACL, a Layer 2 ACL, and a named ACL (in IPv4).

      traffic-mirror [ vlan vlan-id ] inbound acl name acl-name [ rule rule-id ] acl { bas-acl | adv-acl | l2-acl | name acl-name } [ rule rule-id ] to observe-port observe-port-index

  • On an interface (First, run the interface interface-type interface-number command to enter the interface view)

    • Reference a basic ACL, an advanced ACL, a named ACL, a Layer 2 ACL, or a user-defined ACL (in IPv4).

      traffic-mirror inbound acl { bas-acl | adv-acl | name acl-name | l2-acl | user-acl } [ rule rule-id ] to observe-port observe-port-index

    • Reference a basic ACL, an advanced ACL, or a named ACL (in IPv6).

      traffic-mirror inbound acl ipv6 { bas-acl | adv-acl | name acl-name } [ rule rule-id ] to observe-port observe-port-index

    • Reference a Layer 2 ACL and any one of a basic ACL, an advanced ACL, and a named ACL (in IPv4).

      traffic-mirror inbound acl l2-acl [ rule rule-id ] acl { bas-acl | adv-acl | name acl-name } [ rule rule-id ] to observe-port observe-port-index

    • Reference any one of a basic ACL and an advanced ACL and any one of a Layer 2 ACL and a named ACL (in IPv4).

      traffic-mirror inbound acl { bas-acl | adv-acl } [ rule rule-id ] acl { l2-acl | name acl-name } [ rule rule-id ] to observe-port observe-port-index

    • Reference a named ACL and any one of a basic ACL, an advanced ACL, a Layer 2 ACL, and a named ACL (in IPv4).

      traffic-mirror inbound acl name acl-name [ rule rule-id ] acl { bas-acl | adv-acl | l2-acl | name acl-name } [ rule rule-id ] to observe-port observe-port-index

Verifying the Configuration

# Run the display port-mirroring command to view the mirroring configuration. The following is a sample command output.

<HUAWEI> display port-mirroring
 ----------------------------------------------------------------------
  Observe-port 1 : GigabitEthernet0/0/1
  Observe-port 2 : GigabitEthernet0/0/2
  Observe-port 3 : GigabitEthernet0/0/3
  Observe-port 4 : GigabitEthernet0/0/4
  ----------------------------------------------------------------------
  Port-mirror:
  ----------------------------------------------------------------------
       Mirror-port               Direction  Observe-port
  ----------------------------------------------------------------------
  1    GigabitEthernet0/0/15     Inbound    Observe-port 1
  ----------------------------------------------------------------------
  Stream-mirror:
  ----------------------------------------------------------------------
  Behavior                 Direction     Observe-port
  ----------------------------------------------------------------------
  b1                       -             Observe-port 2
  ----------------------------------------------------------------------
  Vlan-mirror:
  ----------------------------------------------------------------------
  Mirror-vlan              Direction     Observe-port
  ----------------------------------------------------------------------
  10                       Inbound       Observe-port 3
  ----------------------------------------------------------------------
  Mac-mirror:
  ----------------------------------------------------------------------
  Mirror-mac       Vlan    Direction     Observe-port
  ----------------------------------------------------------------------
  0001-0001-0001   10      Inbound       Observe-port 4
  ----------------------------------------------------------------------
Translation
Download
Updated: 2019-04-20

Document ID: EDOC1100065680

Views: 57073

Downloads: 514

Average rating:
This Document Applies to these Products
Related Version
Related Documents
Share
Previous Next