Login
- Table of Contents
-
- H3C S7500 Series Command Manual(Release 3100 Series)-(V1.04)
- 00-1Cover
- 01-CLI Commands
- 02-Login Commands
- 03-Configuration File Management Commands
- 04-VLAN Commands
- 05-Extended VLAN Application Commands
- 06-IP Address-IP Performance-IPX Commands
- 07-GVRP Commands
- 08-QinQ Commands
- 09-Port Basic Configuration Commands
- 10-Link Aggregation Commands
- 11-Port Isolation Commands
- 12-Port Binding Commands
- 13-DLDP Commands
- 14-MAC Address Table Commands
- 15-MSTP Commands
- 16-Routing Protocol Commands
- 17-Multicast Commands
- 18-802.1x Commands
- 19-AAA-RADIUS-HWTACACS-EAD Commands
- 20-Traffic Accounting Commands
- 21-VRRP-HA Commands
- 22-ARP Commands
- 23-DHCP Commands
- 24-ACL Commands
- 25-QoS Commands
- 26-Mirroring Commands
- 27-Cluster Commands
- 28-PoE Commands
- 29-UDP-Helper Commands
- 30-SNMP-RMON Commands
- 31-NTP Commands
- 32-SSH Terminal Service Commands
- 33-File System Management Commands
- 34-FTP and TFTP Commands
- 35-Information Center Commands
- 36-DNS Commands
- 37-System Maintenance and Debugging Commands
- 38-HWPing Commands
- 39-RRPP Commands
- 40-NAT-Netstream-Policy Routing Commands
- 41-Telnet Protection Commands
- 42-Hardware-Dependent Software Configuration Commands
- 43-Appendix
- Related Documents
-
| Title | Size | Download |
|---|---|---|
| 26-Mirroring Commands | 77 KB |
Table of Contents
1.1.2 display qos-interface mirrored-to
1.1.5 mirroring-group (only for Recovery)
1.1.6 mirroring-group mirroring-port
1.1.7 mirroring-group monitor-port
1.1.8 mirroring-group reflector-port
1.1.9 mirroring-group remote-probe vlan
Chapter 1 Mirroring Commands
1.1 Mirroring Commands
1.1.1 display mirroring-group
Syntax
display mirroring-group { group-id | all | local | remote-destination | remote-source }
View
Any view
Parameters
group-id: Group number of a port mirroring group, in the range of 1 to 20.
local: Defines the specified mirroring group as a local port mirroring group.
remote-destination: Defines the specified mirroring group as the destination group for remote mirroring.
remote-source: Defines the specified mirroring group as the source group for remote mirroring.
all: Specifies all mirroring groups.
Description
Use the display mirroring-group command to display the parameter settings of a port mirroring group.
Local mirroring group information includes:
l Group number
l Group type: local
l Group status
l Information about the source port of mirroring
l Information about the destination port of mirroring
Information displayed on the destination mirroring group for remote mirroring includes:
l Group number
l Group type: remote-destination
l Group status
l Information of the destination port
l Remote-probe VLAN information
Information displayed on the source mirroring group for remote mirroring includes:
l Group number
l Group type: remote-source
l Group status
l Information of the source port
l Information of the reflector port
l Remote-probe VLAN information
Examples
# Display the parameter settings of the port mirroring group.
<H3C> display mirroring-group all
mirroring-group 2:
type: local
status: active
mirroring port:
GigabitEthernet2/0/1 both
monitor port: GigabitEthernet2/0/4
1.1.2 display qos-interface mirrored-to
Syntax
display qos-interface [ interface-type interface-number ] mirrored-to
View
Any view
Parameters
interface-type interface-number: Port of the switch. If you enter this argument, the switch will display the parameter settings of the specified port. If not, the switch will display the parameters settings of all ports.
Description
Use the display qos-interface mirrored-to command to display the parameter settings of traffic mirroring.
Information displayed includes:
l Port name and action name of traffic mirroring
l Direction of traffic mirroring
l ACL for identifying traffics
l Mirroring group
Related commands: mirrored-to
Examples
# Display the parameter settings of traffic mirroring on GigabitEthernet 2/0/1.
<H3C> display qos-interface GigabitEthernet 2/0/1 mirrored-to
GigabitEthernet2/0/1: mirrored-to
Inbound:
Matches: Acl 2000 rule 0 running
Mirrored to: mirroring-group 3
1.1.3 mirrored-to
Syntax
mirrored-to inbound acl-rule [ system-index ] { interface interface-type interface-number [ reflector ] | mirroring-group group-id }
undo mirrored-to inbound acl-rule
View
QoS view
Parameters
inbound: Mirrors packets received on the port.
acl-rule: Applied ACL rules, which can be the combination of different types of ACL rules. Table 1-1 and Table 1-3 describe the ACL combinations on type A LPUs and the corresponding parameter description. Table 1-2 and Table 1-3 describe the ACL combinations on LPUs other than type A and the corresponding parameter description.
Table 1-1 Combined application of ACLs on type A LPUs
|
Combination mode |
Form of acl-rule |
|
Apply all rules in an IP type ACL |
ip-group { acl-number | acl-name } |
|
Apply one rule in an IP type ACL |
ip-group { acl-number | acl-name } rule rule-id |
|
Apply all rules in a link type ACL |
link-group { acl-number | acl-name } |
|
Apply one rule in a link type |
link-group { acl-number | acl-name } rule rule-id |
Table 1-2 Combined application of ACLs on LPUs other than type A.
|
Combination mode |
Form of acl-rule |
|
Apply all rules in an IP type ACL |
ip-group { acl-number | acl-name } |
|
Apply one rule in an IP type ACL |
ip-group { acl-number | acl-name } rule rule-id |
|
Apply all rules in a link type ACL |
link-group { acl-number | acl-name } |
|
Apply one rule in a link type |
link-group { acl-number | acl-name } rule rule-id |
|
Apply all rules in a user-defined ACL |
user-group { acl-number | acl-name } |
|
Apply one rule in a user-defined ACL |
user-group { acl-number | acl-name } rule rule-id |
|
Apply one rule in an IP type ACL and one rule in a Link type ACL simultaneously |
ip-group { acl-number | acl-name } rule rule-id link-group { acl-number | acl-name } rule rule-id |
Table 1-3 Parameter description of ACL combinations
|
Parameter |
Description |
|
ip-group { acl-number | acl-name } |
Basic and advanced ACL. acl-number: ACL number of basic and advanced ACL, ranging from 2,000 to 3,999. acl-name: ACL name, containing up to 32 characters, beginning with an English letter (a to z or A to Z) without space and quotation mark, case insensitive. |
|
link-group { acl-number | acl-name } |
Layer 2 ACL acl-number: ACL number of the Layer 2 ACL, ranging from 4,000 to 4,999. acl-name: ACL name, containing up to 32 characters, beginning with an English letter (a to z or A to Z) without space and quotation mark, case insensitive. |
|
user-group { acl-number | acl-name } |
User-defined ACL acl-number: ACL number of the user-defined ACL, ranging from 5,000 to 5,999. acl-name: ACL name, containing up to 32 characters, beginning with an English letter (a to z or A to Z) without space and quotation mark, case insensitive. |
|
rule-id |
Number of the ACL rule, ranging from 0 to 127. If this argument is not specified, all rules in the specified ACL will be applied. |
system-index: Specifies an interior index value that is used when an ACL rule is applied to the port. The index value ranges from 0 to 4,294,967,295. This keyword is only available when the ACL rule number is specified in the command. After the specified ACL takes effect, there are three scenarios when you input the index value:
l If you do not input an index value or the index value you input is 0, the system will automatically assign an index greater than 0;
l If the input index value is not 0 and does not conflict with the interior index used by the system, the system will adopt the index value;
l If the input index value is not 0 but conflicts with the interior index used by the system, the system will reassign an index value.
When the specified ACL rule is not effective, the system will adopt the input index value.
interface interface-type interface-number [ reflector ]: Mirrors traffics to the specified port. interface-type interface-number indicates an Ethernet port. With the reflector keyword specified, the parameters represent a reflector port, together with corresponding configuration to realize remote traffic mirroring; without the reflector keyword, the parameters represent a destination port, used to realize the local traffic mirroring.
mirroring-group group-id: Specifies a mirroring group. The traffics classified by the ACL are to be mirrored to the destination port/reflector port of the specified mirroring group.
Description
Use the mirrored-to command to start ACLs to identify traffics and perform traffic mirroring for matched packets.
Use the undo mirrored-to command to remove traffic mirroring configuration.
This command only applies to the rules whose actions are permit in matching the specified ACL, and only mirrors the received traffics. If you want to mirror traffics to a specified port, the port must be a destination port or reflector port of a mirroring group.
When configuring traffic mirroring, note that:
l For a centralized card, all the ports involved must be on the same card.
l For a distributed system, all the ports involved must be within the same distributed system.
Related commands: display qos-interface mirrored-to
Examples
# Mirror packets that match ACL 2000 on port GigabitEthernet 2/0/1 to GigabitEthernet 2/0/4 through traffic mirroring.
<H3C> system-view
[H3C] mirroring-group 3 local
[H3C] mirroring-group 3 monitor-port GigabitEthernet 2/0/4
[H3C] interface GigabitEthernet 2/0/1
[H3C-GigabitEthernet2/0/1] qos
[H3C-qosb-GigabitEthernet2/0/1] mirrored-to inbound ip-group 3000 interface GigabitEthernet 2/0/4
1.1.4 mirroring-group
Syntax
mirroring-group group-id { local | remote-destination | remote-source }
undo mirroring-group { group-id | all | local | remote-destination | remote-source }
View
System view
Parameters
group-id: Group number of a port mirroring group, in the range of 1 to 20.
local: Specifies the mirroring group as a local port mirroring group.
remote-destination: Specifies the mirroring group as the destination mirroring group for remote port mirroring.
remote-source: Specifies the mirroring group as the source mirroring group for remote mirroring.
all: Deletes all mirroring groups.
Description
Use the mirroring-group command to configure a port mirroring group.
Use the undo mirroring-group command to delete a port mirroring group.
Examples
# Configure a port mirroring group on the local switch.
<H3C> system-view
System View: return to User View with Ctrl+Z.
[H3C] mirroring-group 3 local
1.1.5 mirroring-group (only for Recovery)
Syntax
mirroring-group groupid { inbound | outbound } mirroring-port-list mirrored-to monitor-port
View
System view
Parameters
groupId: Group ID of the port mirroring group, in the range of 1 to 20.
inbound: Monitors the received packets only.
outbound: Monitors the transmitted packets only.
mirroring-port-list: Ethernet port list. It means there can be multiple ports. This argument is provided in the form of port-list = { interface-type interface-number [ to interface-type interface-number ] }&<1-8>, where Interface-type interface-number means an Ethernet port, and &<1-8> means you can specify eight Ethernet ports or Ethernet port lists.
mirrored-to monitor-port: Specifies the destination port.
Description
Use the mirroring-group command to recover the port mirroring configuration.
This command is only used to recover configurations. For example, if you have configured the port mirroring function on the earlier software release and saved the configuration to the configuration file, after the software release is upgraded, you can use this command to recover the former configuration to a form supported by the upgraded software release.
Examples
# Recover the configuration of mirroring group 2, where ports Ethernet 2/0/1 through Ethernet 2/0/3 are source ports, Ethernet 2/0/4 is the destination port, and only the received packets are monitored.
<H3C> system-view
System View: return to User View with Ctrl+Z.
[H3C] mirroring-group 2 inbound Ethernet 2/0/1 to Ethernet 2/0/3 mirrored-to Ethernet 2/0/4
1.1.6 mirroring-group mirroring-port
Syntax
mirroring-group group-id mirroring-port mirroring-port-list { both | inbound | outbound }
undo mirroring-group group-id mirroring-port mirroring-port-list
View
System view, Ethernet port view
Parameters
group-id: Group number of a port mirroring group, in the range of 1 to 20.
mirroring-port mirroring-port-list: Specifies a list of source ports, provided in the form of mirroring-port-list={ interface-type interface-number [ to interface-type interface-number ] }&<1-8>, where Interface-type interface-number means an Ethernet port, and &<1-8> means you can specify eight source ports or source port lists. monitor-port-list is available in system view only.
both: Mirrors packets received and sent through the port.
inbound: Mirrors packets received through the port.
outbound: Mirrors packets sent through the port.
Description
Use the mirroring-group mirroring-port command to configure the source port.
Use the undo mirroring-group mirroring-port command to remove the configuration of the source port.
Examples
# Configure GigabitEthernet 2/0/1 as the source port and mirror all packets received through this port.
<H3C> system-view
System View: return to User View with Ctrl+Z.
[H3C] mirroring-group 1 mirroring-port Gigabitethernet2/0/1 inbound
1.1.7 mirroring-group monitor-port
Syntax
mirroring-group group-id monitor-port monitor-port
undo mirroring-group group-id monitor-port monitor-port
View
System view, Ethernet port view
Parameters
group-id: Group number of a port mirroring group, in the range of 1 to 20.
monitor-port monitor-port: Specifies the destination port for port mirroring. monitor-port is available in system view only.
Description
Use the mirroring-group monitor-port command to configure the destination port.
Use the undo mirroring-group monitor-port to remove the configuration of the destination port.
Note the following when you configure the destination port:
l LACP and STP must be disabled on the destination port.
l The destination port for remote mirroring must be an Access port.
l After a port is configured as a reflector port, the switch does not allow you to change the port type and its default VLAN ID.
Examples
# Configure GigabitEthernet 2/0/4 as the source port and monitor all packets received through this port.
<H3C> system-view
System View: return to User View with Ctrl+Z.
[H3C] mirroring-group 1 monitor-port Gigabitethernet2/0/4
1.1.8 mirroring-group reflector-port
Syntax
mirroring-group group-id reflector-port reflector-port
undo mirroring-group group-id reflector-port reflector-port
View
System view, Ethernet port view
Parameters
group-id: Group number of a port mirroring group, in the range of 1 to 20.
reflector-port reflector-port: Specifies the reflector port. reflector-port is available in system view only.
Description
Use the mirroring-group reflector-port command to specify the reflector port.
Use the undo mirroring-group reflector-port command to remove the configuration of the reflector port.
Note the following when you configure the reflector port:
l The reflector port must be an Access port.
l LACP and STP must be disabled on the reflector port.
l After a port is configured as a reflector port, the switch does not allow you to change the port type and its default VLAN ID, or to add it to another VLAN.
l To mirror tagged packets, you need to configure VLAN VPN on the reflector port.
Examples
# Configure GigabitEthernet 2/0/2 as the reflector port.
<H3C> system-view
System View: return to User View with Ctrl+Z.
[H3C] mirroring-group 1 reflector-port GigabitEthernet2/0/2
1.1.9 mirroring-group remote-probe vlan
Syntax
mirroring-group group-id remote-probe vlan remote-probe-vlan-id
undo mirroring-group group-id remote-probe vlan remote-probe-vlan-id
View
System view
Parameters
group-id: Group number of a port mirroring group, in the range of 1 to 20.
remote-probe vlan remote-probe-vlan-id: Specifies the remote-probe VLAN for the mirroring group.
Description
Use the mirroring-group remote-probe vlan command to specify the remote-probe VLAN for a mirroring group.
Use the undo mirroring-group remote-probe vlan command to remove the configuration of remote-probe VLAN for a mirroring group.
Examples
# Configure VLAN 100 as the remote-probe VLAN.
<H3C> system-view
System View: return to User View with Ctrl+Z.
[H3C] mirroring-group 1 remote-probe vlan 100
1.1.10 remote-probe vlan
Syntax
remote-probe vlan enable
undo remote-probe vlan enable
View
VLAN view
Parameters
None
Description
Use the remote-probe vlan enable command to configure the current VLAN as the remote-probe VLAN. After you input the command, the system will check whether the current VLAN is a dynamic VLAN. If it is a dynamic VLAN, the command fails to be executed, and the system prompts that “Can not set dynamic VLAN as remote-probe VLAN!”.
Use the undo remote-probe vlan enable command to configure the remote-probe VLAN as a normal VLAN.
Before configuring the remote-probe VLAN, make sure that no Access or Hybrid port belongs to this VLAN. If any Trunk port exists in this VLAN, the port PVID cannot be the ID of the remote-probe VLAN. After setting a VLAN as remote-probe VLAN, you are not recommended to add an Access or Hybrid port to the VLAN.
Examples
# Configure VLAN 5 as a remote-probe VLAN.
<H3C> system-view
System View: return to User View with Ctrl+Z.
[H3C] vlan 5
[H3C-vlan5] remote-probe vlan enable
