Huawei uses machine translation combined with human proofreading to translate this document to different languages in order to help you better understand the content of this document.
Note: Even the most advanced machine translation cannot match the quality of professional translators.
Huawei shall not bear any responsibility for translation accuracy and it is recommended that you refer to the English document (a link for which has been provided).
What Can I Do If Observing Ports Are Insufficient?
The numbers of observing ports on a device and in 1:N mirroring are limited. If many devices need to be monitored, but the number of required observing ports exceeds the upper limit, you can solve the problem using either of the following methods:
Configure remote mirroring to broadcast packets copied on a mirrored port in a VLAN through a remote observing port.
- In this method, if multiple internal loopback interfaces are configured, prevent loops by ensuring that these loopback interfaces are each added to a different VLAN.
- Ensure that no other interface is added in trunk mode to the VLAN where internal loopback interfaces reside, so as to prevent traffic from being broadcast within the VLAN.
As shown in Figure 8-17, network administrators need to copy packets on a mirrored port to four monitoring devices, but less than four observing ports can be configured on SwitchB. Perform the following configurations to solve this problem.
Configure remote port mirroring.
<SwitchB> system-view [SwitchB] observe-port 1 interface gigabitethernet1/0/1 vlan 20 //Configure a remote observing port. VLAN 20 is the VLAN in which packets copied from a mirrored port are broadcast. [SwitchB] interface gigabitethernet1/0/6 [SwitchB-GigabitEthernet1/0/6] port-mirroring to observe-port 1 both //Copy inbound and outbound packets on the mirrored port to the remote observing port on which internal loopback is configured. [SwitchB-GigabitEthernet1/0/6] quit
Configure internal loopback.
[SwitchB] vlan batch 20 //VLAN 20 is only used for internal loopback forwarding. Do not configure other services in VLAN 20. [SwitchB] interface gigabitethernet1/0/1 [SwitchB-GigabitEthernet1/0/1] mac-address learning disable //Disable the dynamic MAC address learning function to prevent the internal loopback port from learning the MAC addresses of packets other than mirrored packets, so that such packets will not be looped in the device. In addition, the configuration conserves MAC address entry. [SwitchB-GigabitEthernet1/0/1] stp disable //Disable STP to prevent the internal loopback port from being blocked when it receives packets sent by itself. [SwitchB-GigabitEthernet1/0/1] port link-type access [SwitchB-GigabitEthernet1/0/1] port default vlan 20 //Add GE1/0/1 to VLAN 20. [SwitchB-GigabitEthernet1/0/1] loopback internal //Configure the remote observing port as an internal loopback port. [SwitchB-GigabitEthernet1/0/1] quit [SwitchB] interface gigabitethernet1/0/2 [SwitchB-GigabitEthernet1/0/2] port link-type access [SwitchB-GigabitEthernet1/0/2] port default vlan 20 //Add GE 1/0/2 to VLAN 20. [SwitchB-GigabitEthernet1/0/2] quit [SwitchB] interface gigabitethernet1/0/3 [SwitchB-GigabitEthernet1/0/3] port link-type access [SwitchB-GigabitEthernet1/0/3] port default vlan 20 //Add GE 1/0/3 to VLAN 20. [SwitchB-GigabitEthernet1/0/3] quit [SwitchB] interface gigabitethernet1/0/4 [SwitchB-GigabitEthernet1/0/4] port link-type access [SwitchB-GigabitEthernet1/0/4] port default vlan 20 //Add GE1/0/4 to VLAN 20. [SwitchB-GigabitEthernet1/0/4] quit [SwitchB] interface gigabitethernet1/0/5 [SwitchB-GigabitEthernet1/0/5] port link-type access [SwitchB-GigabitEthernet1/0/5] port default vlan 20 //Add GE1/0/5 to VLAN 20. [SwitchB-GigabitEthernet1/0/5] quit
Configure remote mirroring for VLAN broadcast through an intermediate Layer 2 device.
As shown in Figure 8-18, network administrators need to copy packets on a mirrored port to three monitoring devices, but less than three observing ports can be configured on SwitchB. Perform the following configurations to solve this problem.
Configure remote port mirroring on SwitchB.
<SwitchB> system-view [SwitchB] observe-port 1 interface gigabitethernet1/0/1 vlan 20 //Configure a remote observing port. VLAN 20 is a common VLAN in which mirrored packets are forwarded. [SwitchB] interface gigabitethernet1/0/2 [SwitchB-GigabitEthernet1/0/2] port-mirroring to observe-port 1 both //Copy inbound and outbound packets on the mirrored port to the remote observing port. [SwitchB-GigabitEthernet1/0/2] quit
Add ports on SwitchC to a VLAN.
[SwitchC] interface gigabitethernet1/0/1 [SwitchC-GigabitEthernet1/0/1] port link-type trunk [SwitchC-GigabitEthernet1/0/1] port trunk allow-pass vlan 20 //Add GE1/0/1 to VLAN 20. [SwitchC-GigabitEthernet1/0/1] quit [SwitchC] interface gigabitethernet1/0/2 [SwitchC-GigabitEthernet1/0/2] port link-type access [SwitchC-GigabitEthernet1/0/2] port default-vlan 20 //Add GE1/0/2 to VLAN 20. [SwitchC-GigabitEthernet1/0/2] quit [SwitchC] interface gigabitethernet1/0/3 [SwitchC-GigabitEthernet1/0/3] port link-type access [SwitchC-GigabitEthernet1/0/3] port default-vlan 20 //Add GE1/0/3 to VLAN 20. [SwitchC-GigabitEthernet1/0/3] quit [SwitchC] interface gigabitethernet1/0/4 [SwitchC-GigabitEthernet1/0/4] port link-type access [SwitchC-GigabitEthernet1/0/4] port default-vlan 20 //Add GE1/0/4 to VLAN 20. [SwitchC-GigabitEthernet1/0/4] quit
