Login
- Table of Contents
-
- H3C S3600 Series Ethernet Switches Command Manual-Release 1510(V1.04)
- 00-1Cover
- 01-CLI Command
- 02-Login Command
- 03-Configuration File Management Command
- 04-VLAN Command
- 05-IP Address and Performance Configuration Command
- 06-Management VLAN Command
- 07-Voice VLAN Command
- 08-GVRP Command
- 09-Port Basic Configuration Command
- 10-Link Aggregation Command
- 11-Port Isolation Command
- 12-Port Security-Port Binding Command
- 13-DLDP Command
- 14-MAC Address Table Command
- 15-Auto Detect Command
- 16-MSTP Command
- 17-Routing Protocol Command
- 18-Multicast Command
- 19-802.1x Command
- 20-AAA-RADIUS-HWTACACS-EAD Command
- 21-VRRP Command
- 22-Centralized MAC Address Authentication Command
- 23-ARP Command
- 24-DHCP Command
- 25-ACL Command
- 26-QoS-QoS Profile Command
- 27-Web Cache Redirection Command
- 28-Mirroring Command
- 29-IRF Fabric Command
- 30-Cluster Command
- 31-PoE-PoE Profile Command
- 32-UDP Helper Command
- 33-SNMP-RMON Command
- 34-NTP Command
- 35-SSH Terminal Service Command
- 36-File System Management Command
- 37-FTP and TFTP Command
- 38-Information Center Command
- 39-System Maintenance and Debugging Command
- 40-VLAN-VPN Command
- 41-HWPing Command
- 42-DNS Command
- 43-Access Management Command
- 44-Appendix
- Related Documents
-
| Title | Size | Download |
|---|---|---|
| 28-Mirroring Command | 89 KB |
Table of Contents
1.1 Mirroring Commands for S3600-EI
1.1.2 display qos-interface mirrored-to
1.1.5 mirroring-group mirroring-port
1.1.6 mirroring-group monitor-port
1.1.7 mirroring-group reflector-port
1.1.8 mirroring-group remote-probe vlan
1.2 Mirroring Commands for S3600-SI
1.2.2 display qos-interface mirrored-to
Chapter 1 Mirroring Commands
1.1 Mirroring Commands for S3600-EI
1.1.1 display mirroring-group
Syntax
display mirroring-group { group-id | all | local | remote-destination | remote-source }
View
Any view
Parameter
group-id: Group number of a port mirroring group, in the range of 1 to 20.
local: Specifies to display the parameter settings of local port mirroring groups.
remote-destination: Specifies to display the parameter settings of the destination groups for remote mirroring.
remote-source: Specifies to display the parameter settings of the source groups for remote mirroring.
all: Specifies to display the parameter settings of all mirroring groups.
Description
Use the display mirroring-group command to display the parameter settings of a port mirroring group.
Local mirroring group information includes:
l Group number
l Group type: local
l Group status
l Information of the source port
l Information of the destination port
Information of the destination mirroring group for remote mirroring includes:
l Group number
l Group type: remote-destination
l Group status
l Information of the destination port
l Remote-probe VLAN information
Information of the source mirroring group for remote mirroring includes:
l Group number
l Group type: remote-source
l Group status
l Information of the source port
l Information of the reflector port
l Remote-probe VLAN information
Example
# Display the parameter settings of a port mirroring group.
<H3C> display mirroring-group all
mirroring-group 2:
type: local
status: active
mirroring port:
GigabitEthernet1/1/1 both
monitor port: GigabitEthernet1/1/4
1.1.2 display qos-interface mirrored-to
Syntax
display qos-interface { interface-type interface-number | unit-id } mirrored-to
View
Any view
Parameter
interface-type interface-number: port of a switch. If you specify this argument, the switch will display the parameter settings of the specified port.
unit-id: Unit ID. If you specify this argument, the switch will display the parameter settings of the specified unit.
Description
Use the display qos-interface mirrored-to command to display the parameter settings of traffic mirroring.
Information displayed includes:
l Port and action name of traffic mirroring
l Direction of traffic mirroring
l ACL for identifying traffics
l Destination port
Related command: mirrored-to
Example
# Display the parameter settings of traffic mirroring on Gigabitethernet1/1/1.
<H3C> display qos-interface GigabitEthernet 1/1/1 mirrored-to
GigabitEthernet1/1/1: mirrored-to
Inbound:
Matches: Acl 2000 rule 0 running
Mirrored to: monitor interface
1.1.3 mirrored-to
Syntax
mirrored-to { inbound | outbound } acl-rule { monitor-interface | cpu }
undo mirrored-to { inbound | outbound } acl-rule
View
Ethernet port view
Parameter
inbound: Specifies to mirror packets received by the port.
outbound: Specifies to mirror packets sent by the port.
acl-rule: Applied ACL rules, which can be the combination of different types of ACL rules. Table 1-1 describes the combined-ACL applications.
Table 1-1 Combined application of ACLs
|
Combination mode |
Form of acl-rule |
|
Apply all sub-rules in an IP type ACL (either a basic or an advanced ACL) separately |
ip-group acl-number |
|
Apply one sub-rule in an IP type ACL separately |
ip-group acl-number rule rule-id |
|
Apply all sub-rules in a Layer 2 ACL separately |
link-group acl-number |
|
Apply one sub-rule in a Layer 2 ACL separately |
link-group acl-number rule rule-id |
|
Apply one sub-rule in a user-defined ACL separately |
user-group acl-number |
|
Apply all sub-rules in a user-defined ACL separately |
user-group acl-number rule rule-id |
|
Apply one sub-rule in an IP type ACL and one rule in a Layer 2 ACL simultaneously |
ip-group acl-number rule rule-id link-group acl-number rule rule-id |
ip-group acl-number: Sequence number of a basic or advanced ACL, in the range 2000 to 3999.
link-group acl-number: Sequence number of a Layer 2 ACL, in the range 4000 to 4999.
user-group acl-number: Sequence number of a user-defined ACL, in the range 5000 to 5999.
rule rule-id: Sequence number of an ACL sub-rule, in the range 0 to 65534. If this argument is not specified, all sub-rules in the specified ACL will be applied.
monitor-interface: Specifies to mirror traffics to the destination port.
cpu: Specifies to mirror the data traffics to the CPU.
Description
Use the mirrored-to command to invoke ACLs for identifying traffics and perform traffic mirroring for the packets matching the ACLs.
Use the undo mirrored-to command to remove traffic mirroring configuration.
This command applies to matching the sub-rules whose actions are permit in the specified ACL.
LACP and STP must be disabled on the destination port. Traffic mirroring does not support aggregated synchronization and configuration copy.
Mirroring configuration takes effect only after a source port and a destination port are specified.
Related command: display qos-interface mirrored-to, monitor-port
Example
# Mirror packets that match ACL 2000 on port GigabitEthernet1/1/1 to GigabitEthernet1/1/4 through traffic mirroring.
System View: return to User View with Ctrl+Z.
[H3C] interface GigabitEthernet1/1/4
[H3C-GigabitEthernet1/1/4] monitor-port
[H3C-GigabitEthernet1/1/4] quit
[H3C] interface GigabitEthernet1/1/1
[H3C-GigabitEthernet1/1/1] mirrored-to inbound ip-group 2000 monitor-interface
1.1.4 mirroring-group
Syntax
mirroring-group group-id { local | remote-destination | remote-source }
undo mirroring-group { group-id | all | local | remote-destination | remote-source }
View
System view
Parameter
group-id: The number of a port mirroring group, in the range 1 to 20.
local: Specifies the mirroring group as a local port mirroring group.
remote-destination: Specifies the mirroring group as the destination mirroring group for remote port mirroring.
remote-source: Specifies the mirroring group as the source mirroring group for remote mirroring.
all: Specifies to remove all mirroring groups.
Description
Use the mirroring-group command to configure a port mirroring group.
Use the undo mirroring-group command to remove a port mirroring group.
Example
# Configure a port mirroring group on the local switch.
System View: return to User View with Ctrl+Z.
[H3C] mirroring-group 1 local
1.1.5 mirroring-group mirroring-port
Syntax
mirroring-group group-id mirroring-port mirroring-port-list { both | inbound | outbound }
undo mirroring-group group-id mirroring-port mirroring-port-list
View
System view/Ethernet port view
Parameter
group-id: The number of a port mirroring group, in the range 1 to 20.
mirroring-port mirroring-port-list: Specifies a list of source ports. mirroring-port-list is available in system view only, instead of in Ethernet port view.
both: Specifies to mirror the packets received and sent by the port.
inbound: Specifies to mirror the packets received by the port.
outbound: Specifies to mirror the packets sent by the port.
Description
Use the mirroring-group mirroring-port command to configure the source port.
Use the undo mirroring-group mirroring-port command to remove the configuration of the source port.
Example
# Configure GigabitEthernet1/1/1 as the source port and mirror all packets received by this port.
System View: return to User View with Ctrl+Z.
[H3C] mirroring-group 1 mirroring-port Gigabitethernet1/1/1 inbound
1.1.6 mirroring-group monitor-port
Syntax
mirroring-group group-id monitor-port monitor-port
undo mirroring-group group-id monitor-port monitor-port
View
System view/Ethernet port view
Parameter
group-id: The number of a port mirroring group, in the range 1 to 20.
monitor-port monitor-port: Specifies the destination port for port mirroring. monitor-port is available in system view only, instead of in Ethernet port view.
Description
Use the mirroring-group monitor-port command to configure the destination port.
Use the undo mirroring-group monitor-port to remove the configuration of the destination port.
Note the following when you configure the destination port:
l LACP and STP must be disabled on the destination port.
l The destination port for remote mirroring must be an Access port.
l After a port is configured as a reflector port, the switch does not allow you to change the port type or its default VLAN ID.
Example
# Configure GigabitEthernet1/1/4 as the source port
System View: return to User View with Ctrl+Z.
[H3C] mirroring-group 1 monitor-port Gigabitethernet1/1/4
1.1.7 mirroring-group reflector-port
Syntax
mirroring-group group-id reflector-port reflector-port
undo mirroring-group group-id reflector-port reflector-port
View
System view/Ethernet port view
Parameter
group-id: The number of a port mirroring group, in the range 1 to 20.
reflector-port reflector-port: Specifies the reflector port. reflector-port is available in system view only, instead of in Ethernet port view.
Description
Use the mirroring-group reflector-port command to specify the reflector port.
Use the undo mirroring-group reflector-port command to remove the configuration of the reflector port..
Note the following when you configure the reflector port:
l The reflector port must be an Access port.
l LACP and STP must be disabled on the reflector port.
l After a port is configured as a reflector port, the switch does not allow you to change the port type or its default VLAN ID, or to add it to another VLAN.
Example
# Configure GigabitEthernet1/1/2 as the reflector port.
System View: return to User View with Ctrl+Z.
[H3C] mirroring-group 1 reflector-port GigabitEthernet1/1/2
1.1.8 mirroring-group remote-probe vlan
Syntax
mirroring-group group-id remote-probe vlan remote-probe-vlan-id
undo mirroring-group group-id remote-probe vlan remote-probe-vlan-id
View
System view
Parameter
group-id: The number of a port mirroring group, in the range 1 to 20.
remote-probe vlan remote-probe-vlan-id: Specifies the remote-probe VLAN for the mirroring group.
Description
Use the mirroring-group remote-probe vlan command to specify the remote-probe VLAN for a mirroring group.
Use the undo mirroring-group remote-probe vlan command to remove the configuration of remote-probe VLAN for a mirroring group.
Example
# Configure VLAN 100 as the remote-probe VLAN.
System View: return to User View with Ctrl+Z.
[H3C] mirroring-group 1 remote-probe vlan 100
1.1.9 mirroring-port
Syntax
mirroring-port { inbound | outbound | both }
undo mirroring-port
View
Ethernet port view
Parameter
inbound | outbound | both: Direction of mirrored packets. inbound means only to mirror the packets received by the port; outbound means only to mirror the packets sent by the port; both means only to mirror all packets received and sent by the port.
Description
Use the mirroring-port command to configure the source port.
Use the undo mirroring-port command to remove the configuration of the source port.
Related command: display mirroring-group
Example
# Configure GigabitEthernet1/1/1 as the source port and mirror all packets received and sent by this port.
System View: return to User View with Ctrl+Z.
[H3C] interface GigabitEthernet1/1/1
[H3C-GigabitEthernet1/1/1] mirroring-port both
1.1.10 monitor-port
Syntax
monitor-port
undo monitor-port
View
Ethernet port view
Parameter
None
Description
Use the monitor-port command to configure the destination port.
Use the undo monitor-port command to remove the configuration of the destination port.
You can only configure one destination port on a switch, and all mirrored packets will be sent to the destination port.
Related command: display mirroring-group
Example
# Configure GigabitEthernet1/1/4 as the destination port.
System View: return to User View with Ctrl+Z.
[H3C] interface GigabitEthernet1/1/4
[H3C-GigabitEthernet1/1/4] monitor-port
1.1.11 remote-probe vlan
Syntax
remote-probe vlan enable
undo remote-probe vlan enable
View
VLAN view
Parameter
None
Description
Use the remote-probe vlan enable command to configure the current VLAN as the remote-probe VLAN.
After this command is executed, the system first checks whether the current VLAN is a dynamic VLAN. If yes, the command will fail, and the system prompts “Can not set dynamic VLAN as remote-probe VLAN!”.
Use the undo remote-probe vlan enable command to configure the remote-probe VLAN as a normal VLAN.
Before defining the remote-probe VLAN, make sure that no Access or Hybrid port belongs to this VLAN. If any Trunk port exists in this VLAN, the port PVID cannot be the ID of remote-probe VLAN. After setting a VLAN as remote-probe VLAN, it is recommended not to add Access or Hybrid port to the VLAN.
Example
# Configure VLAN 5 as remote-probe vlan.
System View: return to User View with Ctrl+Z.
[H3C] vlan 5
[H3C-vlan5] remote-probe vlan enable
1.2 Mirroring Commands for S3600-SI
1.2.1 display mirror
Syntax
display mirror
View
Any view
Parameter
None
Description
Use the display mirror to display the port mirroring settings, including the destination port, source port and mirroring direction.
Example
# Display the port mirroring settings.
Monitor-port:
Ethernet1/0/1
Mirroring-port:
Ethernet1/0/2 both
1.2.2 display qos-interface mirrored-to
Syntax
display qos-interface { interface-type interface-number | unit-id } mirrored-to
View
Any view
Parameter
interface-type interface-number: Port of the switch. If you specify this argument, the switch will display the parameter settings of the specified port.
unit-id: Unit ID. If you specify this argument, the switch will display the parameter settings on the specified unit.
Description
Use the display qos-interface mirrored-to command to display the parameter settings of traffic mirroring.
Information displayed includes:
l Port and action name of traffic mirroring
l Direction of traffic mirroring
l ACL for identifying traffics
l Destination port
Related command: mirrored-to
Example
# Display the parameter settings of traffic mirroring on Gigabitethernet1/1/1.
<H3C> display qos-interface GigabitEthernet 1/1/1 mirrored-to
GigabitEthernet1/1/1: mirrored-to
Inbound:
Matches: Acl 2000 rule 0 running
Mirrored to: monitor interface
1.2.3 mirrored-to
Syntax
mirrored-to { inbound | outbound } acl-rule { monitor-interface | cpu }
undo mirrored-to inbound acl-rule
View
Ethernet port view
Parameter
inbound: Specifies to mirror the packets received by the port.
outbound: Specifies to mirror the packets sent by the port.
acl-rule: Applied ACL rules, which can be the combination of different types of ACL sub-rules. Table 1-2 describes the combined-ACL applications.
Table 1-2 Combined application of ACLs
|
Combination mode |
Form of acl-rule |
|
Apply all sub-rules in an IP type ACL (either a basic or an advanced ACL) separately |
ip-group acl-number |
|
Apply one sub-rule in an IP type ACL separately |
ip-group acl-number rule rule-id |
|
Apply all sub-rules in a Layer 2 ACL separately |
link-group acl-number |
|
Apply one sub-rule in a Layer 2 ACL separately |
link-group acl-number rule rule-id |
|
Apply one sub-rule in a user-defined ACL separately |
user-group acl-number |
|
Apply all sub-rules in a user-defined ACL separately |
user-group acl-number rule rule-id |
|
Apply one sub-rule in an IP type ACL and one sub-rule in a Layer 2 ACL simultaneously |
ip-group acl-number rule rule-id link-group acl-number rule rule-id |
ip-group acl-number: Sequence number of a basic or advanced ACL, in the range 2000 to 3999.
link-group acl-numberr: Sequence number of a Layer 2 ACL, in the range 4000 to 4999.
user-group acl-number: Sequence number of a user-defined ACL, in the range 5000 to 5999.
rule rule-id: Sequence number of an ACL sub-rule, in the range 0 to 65534. If this argument is not specified, all sub-rules in the specified ACL will be applied.
monitor-interface: Specifies to mirror traffics to the destination port.
cpu: Specifies to mirror the data traffics to the CPU.
Description
Use the mirrored-to command to invoke ACLs for identifying traffics and perform traffic mirroring for the packets matching the ACLs.
Use the undo mirrored-to command to remove traffic mirroring configuration.
This command applies to matching the sub-rules whose actions are permit in the specified ACL.
LACP and STP must be disabled on the destination port. Traffic mirroring does not support aggregated synchronization and configuration copy.
Mirroring configuration takes effect only after a source port and a destination port are specified.
Related command: display qos-interface mirrored-to, monitor-port
Example
# Mirror packets that match ACL 2000 on port GigabitEthernet1/1/1 to GigabitEthernet1/1/4 through traffic mirroring.
System View: return to User View with Ctrl+Z.
[H3C] interface GigabitEthernet1/1/4
[H3C-GigabitEthernet1/1/4] monitor-port
[H3C-GigabitEthernet1/1/4] quit
[H3C] interface GigabitEthernet1/1/1
[H3C-GigabitEthernet1/1/1] mirrored-to inbound ip-group 2000 monitor-interface
1.2.4 mirroring-port
Syntax
mirroring-port { inbound | outbound | both }
undo mirroring-port
View
Ethernet port view
Parameter
inbound | outbound | both: Direction of mirrored packets. inbound means only to mirror the packets received by the port; outbound means only to mirror the packets sent by the port; both means to mirror all packets received and sent by the port.
Description
Use the mirroring-port command to configure the source port.
Use the undo mirroring-port command to remove the configuration of the source port.
Related command: display mirror
Example
# Configure GigabitEthernet1/1/1 as the source port and mirror all packets received and sent by this port.
System View: return to User View with Ctrl+Z.
[H3C] interface GigabitEthernet1/1/1
[H3C-GigabitEthernet1/1/1] mirroring-port both
1.2.5 monitor-port
Syntax
monitor-port
undo monitor-port
View
Ethernet port view
Parameter
None
Description
Use the monitor-port command to configure the destination port.
Use the undo monitor-port command to remove the configuration of the destination port.
You can only configure one destination port on a switch, and all mirrored packets will be sent to the destination port.
Related command: display mirror
Example
# Configure GigabitEthernet1/1/4 as the destination port.
<H3C> system-view
System View: return to User View with Ctrl+Z.
[H3C] interface GigabitEthernet1/1/4
[H3C-GigabitEthernet1/1/4] monitor-port
