11-Network Management and Monitoring Command Reference

HomeSupportResource CenterSwitchesS12500X-AF SeriesS12500X-AF SeriesTechnical DocumentsReference GuidesCommand ReferencesH3C S12500X-AF Switch Series Command References(R28xx)-6W10011-Network Management and Monitoring Command Reference
13-Mirroring commands
Title Size Download
13-Mirroring commands 123.91 KB

Port mirroring commands

display mirroring-group

Use display mirroring-group to display mirroring group information.

Syntax

display mirroring-group { group-id | all | local | remote-destination | remote-source }

Views

Any view

Predefined user roles

network-admin

network-operator

mdc-admin

mdc-operator

Parameters

group-id: Specifies a mirroring group by its ID. The value range for this argument is 1 to 15.

all: Specifies all mirroring groups.

local: Specifies local mirroring groups.

remote-destination: Specifies remote destination groups.

remote-source: Specifies remote source groups.

Usage guidelines

Mirroring group information includes the type, status, and content of a mirroring group. It is sorted by mirroring group number.

Examples

# Display information about all mirroring groups.

<Sysname> display mirroring-group all

Mirroring group 1:

    Type: Local

    Status: Active

    Mirroring port:

        FortyGigE1/0/1  Inbound

    Monitor port: FortyGigE1/0/2

Mirroring group 2:

    Type: Local

    Status: Active

    Mirroring port:

        FortyGigE1/0/5  Inbound

    Monitor port: FortyGigE1/0/6

                  Encapsulation: Destination IP address 1.1.1.1

                                 Source IP address 2.2.2.2

                                 DSCP 1

                                 VLAN 2

                                 VRF Instance 3

                                 Destination MAC address 0011-0200-0211

Table 1 Command output

Field

Description

Mirroring group

Number of the mirroring group.

Type

Type of the mirroring group:

·     Local.

·     Remote source.

·     Remote destination.

Status

Status of the mirroring group:

·     Active—The mirroring group has taken effect.

·     Incomplete—The mirroring group configuration is not complete and does not take effect.

Sampler

Sampler name.

·     If the mirroring group failed to use the sampler, this field displays sampler-name (failed).

·     If no sampler is configured, this field is not displayed.

Mirroring port

Source port.

Encapsulation

Encapsulation parameters of the mirrored packets.

Mirroring CPU

Source CPU.

Monitor port

Destination port.

Destination IP address

Destination IP address in the outer header of the GRE-encapsulated mirrored packets.

Source IP address

Source IP address in the outer header of the GRE-encapsulated mirrored packets.

DSCP

DSCP value in the outer header of the GRE-encapsulated mirrored packets.

VLAN

VLAN in the outer header of the GRE-encapsulated mirrored packets.

VRF Instance

VPN instance whose routing table is used to direct forwarding of the mirrored packets.

Destination MAC address

Destination MAC address in the outer header of the GRE-encapsulated mirrored packets.

mirroring-group

Use mirroring-group to create a mirroring group.

Use undo mirroring-group to delete mirroring groups.

Syntax

mirroring-group group-id { local [ sampler sampler-name ]  | remote-destination | remote-source }

undo mirroring-group { group-id | all | local | remote-destination | remote-source }

Default

No mirroring groups exist.

Views

System view

Predefined user roles

network-admin

mdc-admin

Parameters

group-id: Specifies a mirroring group ID. The value range for this argument is 1 to 15.

local: Specifies local mirroring groups.

remote-destination: Specifies remote destination groups.

remote-source: Specifies remote source groups.

all: Specifies all mirroring groups.

sampler sampler-name: Specifies a sampler to be used by its name. The sampler-name argument is a case-insensitive string of 1 to 31 characters.

Usage guidelines

A sampler selects a packet from sequential packets. Port mirroring uses the sampler to limit the volume of traffic to be mirrored. You can specify a sampler that has not been created for a mirroring group. If you configure multiple samplers for a mirroring group, the most recent configuration takes effect. For more information about samplers, see Network Management and Monitoring Configuration Guide.

Examples

# Create local mirroring group 1.

<Sysname> system-view

[Sysname] mirroring-group 1 local

mirroring-group mirroring-cpu

Use mirroring-group mirroring-cpu to configure source CPUs for a mirroring group.

Use undo mirroring-group mirroring-cpu to remove source CPUs from a mirroring group.

Syntax

In standalone mode:

mirroring-group group-id mirroring-cpu slot slot-number-list { both | inbound | outbound }

undo mirroring-group group-id mirroring-cpu slot slot-number-list

In IRF mode:

mirroring-group group-id mirroring-cpu chassis chassis-number slot slot-number-list { both | inbound | outbound }

undo mirroring-group group-id mirroring-cpu chassis chassis-number slot slot-number-list

Default

No source CPU is configured for a mirroring group.

Views

System view

Predefined user roles

network-admin

mdc-admin

Parameters

group-id: Specifies a mirroring group by its number. The specified mirroring group must already exist. The value range for this argument is 1 to 15.

slot slot-number-list: Specifies a space-separated list of up to eight slot number items. An item specifies a card by its slot number or specifies a range of cards in the form of start-slot-number to end-slot-number. The end slot number must be equal to or greater than the start slot number. (In standalone mode.)

chassis chassis-number slot slot-number-list: Specifies cards on an IRF member device. The chassis-number argument represents the member ID of the IRF member device. The slot-number-list argument specifies a space-separated list of up to eight slot number items. An item specifies a card by its slot number or specifies a range of cards in the form of start-slot-number to end-slot-number. The end slot number must be equal to or greater than the start slot number. (In IRF mode.)

both: Mirrors both received and sent packets.

inbound: Mirrors only received packets.

outbound: Mirrors only sent packets.

Usage guidelines

You can configure source CPUs only for local mirroring groups and remote source groups.

Examples

# (In standalone mode.) Create local mirroring group 1 to monitor the inbound traffic of the CPU on the specified slot.

<Sysname> system-view

[Sysname] mirroring-group 1 local

[Sysname] mirroring-group 1 mirroring-cpu slot 1 inbound

Related commands

mirroring-group

mirroring-group mirroring-port (interface view)

Use mirroring-group mirroring-port to configure a port as a source port for a mirroring group.

Use undo mirroring-group mirroring-port to restore the default.

Syntax

mirroring-group group-id mirroring-port { both | inbound | outbound }

undo mirroring-group group-id mirroring-port

Default

A port does not act as a source port for any mirroring groups.

Views

Interface view

Predefined user roles

network-admin

mdc-admin

Parameters

group-id: Specifies a mirroring group by its ID. The value range for this argument is 1 to 15.

both: Mirrors both received and sent packets.

inbound: Mirrors only received packets.

outbound: Mirrors only sent packets.

Usage guidelines

You can configure source ports only for local mirroring groups and remote source groups.

A Layer 2 or Layer 3 aggregate interface cannot be configured as a source port for a mirroring group.

Do not assign a source port of a mirroring group to the remote probe VLAN of the mirroring group.

A port can act as a source port for only one mirroring group.

A source port cannot be used as a reflector port, monitor port, or egress port.

Examples

# Create local mirroring group 1 to monitor the bidirectional traffic of the port FortyGigE 1/0/1.

<Sysname> system-view

[Sysname] mirroring-group 1 local

[Sysname] interface fortygige 1/0/1

[Sysname-FortyGigE1/0/1] mirroring-group 1 mirroring-port both

# Create remote source group 2 to monitor the bidirectional traffic of the port FortyGigE 1/0/2.

<Sysname> system-view

[Sysname] mirroring-group 2 remote-source

[Sysname] interface fortygige 1/0/2

[Sysname-FortyGigE1/0/2] mirroring-group 2 mirroring-port both

Related commands

mirroring-group

mirroring-group mirroring-port (system view)

Use mirroring-group mirroring-port to configure source ports for a mirroring group.

Use undo mirroring-group mirroring-port to remove source ports from a mirroring group.

Syntax

mirroring-group group-id mirroring-port interface-list { both | inbound | outbound }

undo mirroring-group group-id mirroring-port interface-list

Default

No source port is configured for a mirroring group.

Views

System view

Predefined user roles

network-admin

mdc-admin

Parameters

group-id: Specifies a mirroring group by its ID. The value range for this argument is 1 to 15.

interface-list: Specifies a space-separated list of up to eight interface items. Each item specifies an interface by its type and number or specifies a range of interfaces in the form of interface-type interface-number1 to interface-type interface-number2. When you specify a range of interfaces, the interfaces must be of the same type and on the same slot. The start interface number must be identical to or lower than the end interface number.

both: Mirrors both received and sent packets.

inbound: Mirrors only received packets.

outbound: Mirrors only sent packets.

Usage guidelines

You can configure source ports only for local mirroring groups and remote source groups.

Do not assign a source port of a mirroring group to the remote probe VLAN of the mirroring group.

A port can act as a source port for only one mirroring group.

A source port cannot be used as a reflector port, monitor port, or egress port.

Examples

# Create local mirroring group 1 to monitor the bidirectional traffic of FortyGigE 1/0/1.

<Sysname> system-view

[Sysname] mirroring-group 1 local

[Sysname] mirroring-group 1 mirroring-port fortygige 1/0/1 both

# Create remote source group 2 to monitor the bidirectional traffic of FortyGigE 1/0/2.

<Sysname> system-view

[Sysname] mirroring-group 2 remote-source

[Sysname] mirroring-group 2 mirroring-port fortygige 1/0/2 both

Related commands

mirroring-group

mirroring-group monitor-egress

Use mirroring-group monitor-egress to configure the egress port for a remote source group.

Use undo mirroring-group monitor-egress to restore the default.

Syntax

In system view:

mirroring-group group-id monitor-egress interface-type interface-number

undo mirroring-group group-id monitor-egress interface-type interface-number

In interface view:

mirroring-group group-id monitor-egress

undo mirroring-group group-id monitor-egress

Default

No egress port is configured for a remote source group.

Views

System view

Interface view

Predefined user roles

network-admin

mdc-admin

Parameters

group-id: Specifies a mirroring group by its ID. The value range for this argument is 1 to 15.

interface-type interface-number: Specifies a port by its type and number.

Usage guidelines

You can configure egress ports only for remote source groups.

For port mirroring to work correctly, disable the following features on the egress port of a mirroring group:

·     Spanning tree.

·     IGMP snooping.

·     Static ARP.

·     MAC address learning.

The member port of an existing mirroring group cannot be configured as an egress port.

Examples

# Create remote source group 1. Configure FortyGigE 1/0/1 as its egress port in system view.

<Sysname> system-view

[Sysname] mirroring-group 1 remote-source

[Sysname] mirroring-group 1 monitor-egress fortygige 1/0/1

# Create remote source group 2. Configure FortyGigE 1/0/2 as its egress port in interface view.

<Sysname> system-view

[Sysname] mirroring-group 2 remote-source

[Sysname] interface fortygige 1/0/2

[Sysname-FortyGigE1/0/2] mirroring-group 2 monitor-egress

Related commands

mirroring-group

mirroring-group monitor-port (interface view)

Use mirroring-group monitor-port to configure a port as the monitor port for a mirroring group.

Use undo mirroring-group monitor-port to restore the default.

Syntax

mirroring-group group-id monitor-port

undo mirroring-group group-id monitor-port

Default

A port does not act as the monitor port for any mirroring groups.

Views

Interface view

Predefined user roles

network-admin

mdc-admin

Parameters

group-id: Specifies a mirroring group by its ID. The value range for this argument is 1 to 15.

Usage guidelines

You can configure monitor ports only for local mirroring groups and remote destination groups.

Do not enable the spanning tree feature on the monitor port of a mirroring group.

For a Layer 2 aggregate interface configured as the monitor port of a mirroring group, do not configure its member ports as source ports of the mirroring group.

Use a monitor port only for port mirroring, so the data monitoring device receives and analyzes only the mirrored traffic.

The member port of an existing mirroring group cannot be configured as a monitor port.

The member port of an aggregate interface cannot be configured as a monitor port.

When Layer 3 remote port mirroring is configured on H series cards of an IRF fabric, the mirrored packets are rate-limited when the following conditions exist:

·     The mirroring source ports and monitor ports are not on the same IRF member device.

·     The monitor ports are unreachable or the destination of the original packets is the local IRF fabric.

Examples

# Create local mirroring group 1 and configure FortyGigE 1/0/1 as its monitor port.

<Sysname> system-view

[Sysname] mirroring-group 1 local

[Sysname] interface fortygige 1/0/1

[Sysname-FortyGigE1/0/1] mirroring-group 1 monitor-port

# Create remote destination group 2 and configure FortyGigE 1/0/2 as its monitor port.

<Sysname> system-view

[Sysname] mirroring-group 2 remote-destination

[Sysname] interface fortygige 1/0/2

[Sysname-FortyGigE1/0/2] mirroring-group 2 monitor-port

# Create local mirroring group 3. Specify FortyGigE 1/0/1 as its monitor port and configure the encapsulation parameters including the source and destination IP addresses, DSCP value, VLAN, and VPN instance for the mirrored packets.

<Sysname> system-view

[Sysname] mirroring-group 3 local

[Sysname] interface fortygige 1/0/1

[Sysname-FortyGigE1/0/1] mirroring-group 3 monitor-port destination-ip 1.1.1.1 source-ip 3.3.3.3 dscp 1 vlan 1 vrf-instance 122

Related commands

mirroring-group

mirroring-group monitor-port (system view)

Use mirroring-group monitor-port to configure the monitor ports for a mirroring group.

Use undo mirroring-group monitor-port to remove the monitor ports from a mirroring group.

Syntax

mirroring-group group-id monitor-port interface-list

undo mirroring-group group-id monitor-port interface-list

Default

No monitor port is configured for a mirroring group.

Views

System view

Predefined user roles

network-admin

mdc-admin

Parameters

group-id: Specifies a mirroring group by its ID. The value range for this argument is 1 to 15.

interface-list: Specifies a space-separated list of up to eight interface items. Each item specifies an interface by its type and number or specifies a range of interfaces in the form of interface-type interface-number1 to interface-type interface-number2. When you specify a range of interfaces, the interfaces must be of the same type and on the same slot. The start interface number must be identical to or lower than the end interface number.

Usage guidelines

You can configure monitor ports only for local mirroring groups and remote destination groups.

Do not enable the spanning tree feature on the monitor port of a mirroring group.

For a Layer 2 aggregate interface configured as the monitor port of a mirroring group, do not configure its member ports as source ports of the mirroring group.

Use a monitor port only for port mirroring, so the data monitoring device receives only the mirrored traffic.

The member port of an existing mirroring group cannot be configured as a monitor port.

The member port of an aggregate interface cannot be configured as a monitor port.

When Layer 3 remote port mirroring is configured on H series cards of an IRF fabric, the mirrored packets are rate-limited when the following conditions exist:

·     The mirroring source ports and monitor ports are not on the same IRF member device.

·     The monitor ports are unreachable or the destination of the original packets is the local IRF fabric.

Examples

# Create local mirroring group 1 and configure FortyGigE 1/0/1 as its monitor port.

<Sysname> system-view

[Sysname] mirroring-group 1 local

[Sysname] mirroring-group 1 monitor-port fortygige 1/0/1

# Create remote destination group 2 and configure FortyGigE 1/0/2 as its monitor port.

<Sysname> system-view

[Sysname] mirroring-group 2 remote-destination

[Sysname] mirroring-group 2 monitor-port fortygige 1/0/2

# Create local mirroring group 3 and configure ports FortyGigE 1/0/1 through FortyGigE 1/0/3 and FortyGigE 1/0/5 as its monitor ports.

<Sysname> system-view

[Sysname] mirroring-group 3 local

[Sysname] mirroring-group 3 monitor-port fortygige 1/0/1 to fortygige 1/0/3 fortygige 1/0/5

# Create local mirroring group 4. Specify FortyGigE 1/0/1 as its monitor port and configure the encapsulation parameters including the source and destination IP addresses, DSCP value, VLAN, and VPN instance for the mirrored packets.

<Sysname> system-view

[Sysname] mirroring-group 4 local

[Sysname] mirroring-group 4 monitor-port fortygige 1/0/1 destination-ip 1.1.1.1 source-ip 3.3.3.3 dscp 1 vlan 1 vrf-instance 122

Related commands

mirroring-group

mirroring-group reflector-port

Use mirroring-group reflector-port to configure the reflector port for a remote source group.

Use undo mirroring-group reflector-port to restore the default.

Syntax

In system view:

mirroring-group group-id reflector-port interface-type interface-number

undo mirroring-group group-id reflector-port interface-type interface-number

In interface view:

mirroring-group group-id reflector-port

undo mirroring-group group-id reflector-port

Default

No reflector port is configured for a mirroring group.

Views

System view

Interface view

Predefined user roles

network-admin

mdc-admin

Parameters

group-id: Specifies a mirroring group by its ID. The value range for this argument is 1 to 15.

interface-type interface-number: Specifies a port by its type and number.

Usage guidelines

CAUTION

CAUTION:

·     The port to be configured as a reflector port must be a port not in use. Do not connect a network cable to a reflector port.

·     When a port is configured as a reflector port, the port restores to the factory default settings. You cannot configure other features on a reflector port.

·     If an IRF port is bound to only one physical interface, do not configure the physical interface as a reflector port. Otherwise, the IRF might split.

 

You can configure reflector ports only for remote source groups.

You cannot change the duplex mode, MDI settings, or speed for a reflector port.

The member port of an aggregate interface cannot be configured as a reflector port.

Examples

# Create remote source group 1. Configure FortyGigE 1/0/1 as its reflector port in system view.

<Sysname> system-view

[Sysname] mirroring-group 1 remote-source

[Sysname] mirroring-group 1 reflector-port fortygige 1/0/1

This operation may delete all settings made on the interface. Continue? [Y/N]: y

# Create remote source group 2. Configure FortyGigE 1/0/2 as its reflector port in interface view.

<Sysname> system-view

[Sysname] mirroring-group 2 remote-source

[Sysname] interface fortygige 1/0/2

[Sysname-FortyGigE1/0/2] mirroring-group 2 reflector-port

This operation may delete all settings made on the interface. Continue? [Y/N]: y

Related commands

mirroring-group

mirroring-group remote-probe vlan

Use mirroring-group remote-probe vlan to specify a VLAN as the remote probe VLAN for a mirroring group.

Use undo mirroring-group remote-probe vlan to restore the default.

Syntax

mirroring-group group-id remote-probe vlan vlan-id

undo mirroring-group group-id remote-probe vlan vlan-id

Default

No remote probe VLAN is configured for a mirroring group.

Views

System view

Predefined user roles

network-admin

mdc-admin

Parameters

group-id: Specifies a mirroring group by its ID. The value range for this argument is 1 to 15.

vlan-id: Specifies a VLAN by its ID.

Usage guidelines

You can configure remote probe VLANs only for remote source groups and remote destination groups.

When a VLAN is configured as a remote probe VLAN, use the VLAN for port mirroring exclusively.

The remote mirroring groups on the source device and destination device must use the same remote probe VLAN.

Only a static VLAN that already exists can be configured as a remote probe VLAN. A VLAN can be configured as the remote probe VLAN for only one mirroring group.

To delete a VLAN that is configured as a remote probe VLAN, remove the remote probe VLAN configuration first.

Examples

# Create remote source group 1 and configure VLAN 10 as its remote probe VLAN.

<Sysname> system-view

[Sysname] mirroring-group 1 remote-source

[Sysname] mirroring-group 1 remote-probe vlan 10

# Create remote destination group 2 and configure VLAN 20 as its remote probe VLAN.

<Sysname> system-view

[Sysname] mirroring-group 2 remote-destination

[Sysname] mirroring-group 2 remote-probe vlan 20

Related commands

mirroring-group


Flow mirroring commands

display monitoring-group

Use display monitoring-group to display monitoring group information.

Syntax

display monitoring-group { group-id | all }

Views

Any view

Predefined user roles

network-admin

network-operator

mdc-admin

mdc-operator

Parameters

group-id: Specifies a monitoring group by its number. The value range for this argument is 1 to 15.

all: Specifies all monitoring groups.

Examples

# Display information about all monitoring groups.

<Sysname> display monitoring-group all

Monitoring group 1:

  Truncation      : Enabled

  Monitoring ports:

    GigabitEthernet1/0/2

  Monitoring ports:

    GigabitEthernet1/0/3

  Monitoring ports:

    GigabitEthernet1/0/4

Table 2 Command output

Field

Description

Monitoring group

ID of the monitoring group.

Truncation

Mirrored packet truncation status:

·     Enabled.

·     Disabled.

Monitoring ports

Monitoring ports in the monitoring group.

# Display information about all monitoring groups. (Devices that support encapsulation parameter configuration.)

<Sysname> display monitoring-group all

Monitoring group 1:

  Truncation      : Enabled

  Monitoring ports:

    FortyGigE1/0/4

    FortyGigE1/0/5

  Monitoring ports:

    FortyGigE1/0/6

      Encapsulation: Destination IP address 1.1.1.1

                     Source IP address 2.2.2.2

                     DSCP 1

                     VLAN 2

                     VRF Instance 3

                     Destination MAC address 0011-0200-0211

  Monitoring ports:

    Dynamic Interface

      Encapsulation: Destination IP address 3.3.3.3

                     Source IP address 4.4.4.4

                     DSCP 11

                     VLAN 21

                     VRF Instance 31

                     Destination MAC address 0022-0301-2211

Table 3 Command output

Field

Description

Monitoring group

ID of the monitoring group.

Truncation

Mirrored packet truncation status:

·     Enabled.

·     Disabled.

Sampler

Sampler referenced by the monitoring group.

Monitoring ports

Monitoring ports in the monitoring group.

Encapsulation

Encapsulation parameters of the mirrored packets.

Destination IP address

Destination IP address in the outer header of the GRE-encapsulated mirrored packets.

Source IP address

Source IP address in the outer header of the GRE-encapsulated mirrored packets.

DSCP

DSCP value in the outer header of the GRE-encapsulated mirrored packets.

VLAN

VLAN in the outer header of the GRE-encapsulated mirrored packets.

VRF Instance

VPN instance whose routing table is used to direct forwarding of the mirrored packets.

Destination MAC address

Destination MAC address in the outer header of the GRE-encapsulated mirrored packets.

mirror-to cpu

Use mirror-to cpu to configure a mirroring action that mirrors traffic to the CPU.

Use undo mirror-to cpu to delete the mirroring action that mirrors traffic to the CPU.

Syntax

mirror-to cpu

undo mirror-to cpu

Default

No mirroring action exists to mirror traffic to the CPU.

Views

Traffic behavior view

Predefined user roles

network-admin

mdc-admin

Examples

# Create traffic behavior 1 and configure the action of mirroring traffic to the CPU for the traffic behavior.

<Sysname> system-view

[Sysname] traffic behavior 1

[Sysname-behavior-1] mirror-to cpu

mirror-to interface

Use mirror-to interface to configure a mirroring action that mirrors traffic to an interface.

Use undo mirror-to interface to delete a mirroring action that mirrors traffic to an interface.

Syntax

mirror-to interface interface-type interface-number

undo mirror-to interface interface-type interface-number

Default

No mirroring actions exist to mirror traffic to interfaces.

Views

Traffic behavior view

Predefined user roles

network-admin

mdc-admin

Parameters

interface-type interface-number: Specifies an interface by its type and number.

Usage guidelines

You can use the mirror-to interface interface-type interface-number command to mirror traffic to only one Ethernet interface.

The device does not support multicard mirroring. The mirroring source and destination must reside on the same card.

Examples

# Create traffic behavior 1 and configure the action of mirroring traffic to FortyGigE 1/0/1 for the traffic behavior.

<Sysname> system-view

[Sysname] traffic behavior 1

[Sysname-behavior-1] mirror-to interface fortygige 1/0/1

mirror-to monitoring-group

Use mirror-to monitoring-group to configure a mirroring action that mirrors traffic to a monitoring group.

Use undo mirror-to monitoring-group to delete a mirroring action that mirrors traffic to a monitoring group.

Syntax

mirror-to monitoring-group group-id

undo mirror-to monitoring-group group-id

Default

No mirroring actions exist to mirror traffic to a monitoring group.

Views

Traffic behavior view

Predefined user roles

network-admin

mdc-admin

Parameters

group-id: Specifies a monitoring group by its number. The value range for this argument is 1 to 15.

Examples

# Create traffic behavior b1 and configure the action of mirroring traffic to monitoring group 1.

<Sysname> system-view

[Sysname] traffic behavior b1

[Sysname-behavior-b1] mirror-to monitoring-group 1

monitoring-group

Use monitoring-group to create a monitoring group and enter its view, or enter the view of an existing monitoring group.

Use undo monitoring-group to delete monitoring groups.

Syntax

monitoring-group group-id [ sampler sampler-name ]

undo monitoring-group { group-id | all }

Default

No monitoring groups exist.

Views

System view

Predefined user roles

network-admin

mdc-admin

Parameters

group-id: Specifies a number for the monitoring group. The value range for this argument is 1 to 15.

sampler sampler-name: Specifies a sampler by its name, a case-insensitive string of 1 to 31 characters.

all: Specifies all monitoring groups.

Examples

# Create monitoring group 1

<Sysname> system-view

[Sysname] monitoring-group 1

# Create monitoring group 2 and reference sampler a.

<Sysname> system-view

[Sysname] monitoring-group 2 sampler a

monitoring-port

Use monitoring-port to assign ports to a monitoring group.

Use undo monitoring-port to remove ports from a monitoring group.

Syntax

Syntax 1:

monitoring-port interface-list [ destination-ip destination-ip-address source-ip source-ip-address [ dscp dscp-value | vlan vlan-id | vrf-instance vrf-name ] * [ destination-mac mac-address ] ]

undo monitoring-port interface-list [ destination-ip destination-ip-address source-ip source-ip-address ]

Syntax 2:

monitoring-port destination-ip destination-ip-address source-ip source-ip-address [ dscp dscp-value | vlan vlan-id | vrf-instance vrf-name ] * [ destination-mac mac-address ]

undo monitoring-port destination-ip destination-ip-address source-ip source-ip-address

Default

A monitoring group does not contain any ports.

Views

Monitoring group view

Predefined user roles

network-admin

mdc-admin

Parameters

interface-list: Specifies a space-separated list of up to eight interface items. Each item specifies an interface by its type and number or specifies a range of interfaces in the form of interface-type interface-number1 to interface-type interface-number2. When you specify a range of interfaces, the start interface number must be identical to or lower than the end interface number.

destination-ip destination-ip-address: Specifies the destination IP address for the mirrored packets.

source-ip source-ip-address: Specifies the source IP address for the mirrored packets.

dscp dscp-value: Specifies the DSCP value for the mirrored packets. The dscp-value argument can be a number in the range of 0 to 63 or a keyword in Table 4.

Table 4 DSCP keywords and values

Keyword

DSCP value in binary

DSCP value in decimal

af11

001010

10

af12

001100

12

af13

001110

14

af21

010010

18

af22

010100

20

af23

010110

22

af31

011010

26

af32

011100

28

af33

011110

30

af41

100010

34

af42

100100

36

af43

100110

38

cs1

001000

8

cs2

010000

16

cs3

011000

24

cs4

100000

32

cs5

101000

40

cs6

110000

48

cs7

111000

56

default

000000

0

ef

101110

46

 

vlan vlan-id: Specifies a VLAN by its VLAN ID in the range of 1 to 4094 for the mirrored packets.

vrf-instance vrf-instance-name: Specifies a VPN instance by its name, a case-sensitive string of 1 to 31 characters. The mirrored packets will be forwarded based on the routing table of the specified VPN instance.

destination-mac mac-address: Specifies the destination MAC address for mirrored packets. The mac-address argument is in the format of H-H-H. If you do not specify this option, the device uses the destination IP address to obtain the destination MAC address. If the destination MAC address cannot be obtained, the default MAC address 000f-e241-5e5b is used.

Usage guidelines

Use the ports in a monitoring group only for flow mirroring, so the data monitoring device receives and analyzes only the mirrored traffic.

If you use syntax 1 to assign multiple ports to a monitoring group, the device encapsulates a mirrored packet with the specified encapsulation parameters in a GRE packet with a protocol number of 0x88BE. Then, a copy of the packet is sent of each port in the monitoring group.

If you use syntax 2, the device encapsulates a mirrored packet with the specified encapsulation parameters in a GRE packet with a protocol number of 0x88BE. Then, the device looks up the source IP address and destination IP address of the packet in the routing table and forwards the packet based on the matching route. The outgoing interface of the route is the destination interface of the mirrored packet.

Through configuring load sharing in the routing protocols, you can specify multiple destination interfaces for the mirrored traffic. When the current mirroring destination interface fails, the mirrored traffic is forwarded to the outgoing interface re-calculated by the routing protocols.

Examples

# Create monitoring group 1 and assign FortyGigE 1/0/1 and FortyGigE 1/0/2 to it.

<Sysname> system-view

[Sysname] monitoring-group 1

[Sysname-monitoring-group-1] monitoring-port fortygige 1/0/1 to fortygige 1/0/2

# Create monitoring group 2 and encapsulate the mirrored packets with destination IP address 1.1.1.1, source IP address 2.2.2.2, DSCP value 20, and VLAN ID 100. Forward the mirrored packets based on the routing table of the VPN instance named vrf1.

<Sysname> system-view

[Sysname] monitoring-group 2

[Sysname-monitoring-group-2] monitoring-port destination-ip 1.1.1.1 source-ip 2.2.2.2 dscp 20 vlan 100 vrf-instance vrf1

# Create monitoring group 3 and assign FortyGigE 1/0/1 to the monitoring group. Encapsulate the mirrored packets with destination IP address 1.1.1.1, source IP address 2.2.2.2, DSCP value 20, and VLAN ID 100. Forward the mirrored packets based on the routing table of the VPN instance named vrf2.

<Sysname> system-view

[Sysname] monitoring-group 3

[Sysname-monitoring-group-3] monitoring-port fortygige 1/0/1 destination-ip 1.1.1.1 source-ip 2.2.2.2 dscp 20 vlan 100 vrf-instance vrf2

Related commands

monitoring-group

truncation enable

Use truncation enable to enable mirrored packet truncation for a monitoring group.

Use undo truncation enable to disable mirrored packet truncation for a monitoring group.

Syntax

truncation enable

undo truncation enable

Default

Mirrored packet truncation is enabled for a monitoring group.

Views

Monitoring group view

Predefined user roles

network-admin

mdc-admin

Usage guidelines

This feature truncates the specified length of a mirrored packet from the specified start position and sends the truncated part to the monitor port. For inbound mirroring, 220 bytes are truncated from the start of a packet. For outbound mirroring, n bytes are truncated from the start of a packet, where n is in the range of 128 to 256 and depends on the system header length.

This feature reduces the packet processing pressure on the data monitoring device or prevents the device from sending packet payloads to the server.

 

Examples

# Enable packet truncation for monitoring group 1.

<Sysname> system-view

[Sysname] monitoring-group 1

[Sysname-monitoring-group-1] truncation enable

Related commands

monitoring-group

 

  • Cloud & AI
  • InterConnect
  • Intelligent Computing
  • Security
  • SMB Products
  • Intelligent Terminal Products
  • Product Support Services
  • Technical Service Solutions
All Services
  • Resource Center
  • Policy
  • Online Help
All Support
  • Become a Partner
  • Partner Resources
  • Partner Business Management
All Partners
  • Profile
  • News & Events
  • Online Exhibition Center
  • Contact Us
All About Us
新华三官网