Example for Configuring Local 1:N Port Mirroring (Observing Ports Are Configured One by One)
1:N Mirroring Overview
In 1:N mirroring, packets on one mirrored port are copied to N observing ports so that the packets can be copied to different monitoring devices for analysis and processing.
In 1:N mirroring, multiple observing ports need to be configured and connected to different monitoring devices. There are two modes for configuring observing ports: configure a single observing port and configure an observing port group. Observing port group is often used in 1:N mirroring to simplify the configuration and save observing port indexes. This is because an observing port group occupies only one observing port index regardless of how many ports are configured in the group.
Configuration Notes
You must dedicate observing ports for mirroring use and do not configure other services on them to prevent mirrored traffic and other service traffic from affecting each other. Do not configure any member port of an Eth-Trunk as an observing port. If you must do so, ensure that the bandwidth of service traffic on this port and the bandwidth occupied by the mirrored traffic do not exceed the bandwidth limit of the port.
If the mirroring function is deployed on many ports of a device, a great deal of internal forwarding bandwidth will be occupied, which affects the forwarding of other services. Additionally, if the mirrored port bandwidth is higher than the observing port bandwidth, for example, 1000 Mbit/s on a mirrored port and 100 Mbit/s on an observing port, the observing port will fail to forward all mirrored packets in a timely manner because of insufficient bandwidth, leading to packet loss.
Both physical interfaces and Eth-Trunks can be configured as mirrored ports. If an Eth-Trunk is configured as a mirrored port, its member ports cannot be configured as observing ports.
For the applicable products and versions of this configuration example, see Applicable product models and versions.
Networking Requirements
As shown in Figure 1, the R&D department of a company accesses the Internet through the Switch, and monitoring devices Server1, Server2, and Server3 are directly connected to the Switch.
Configuration Roadmap
- Configure GE1/0/2 through GE1/0/4 of the Switch as local observing ports to forward mirrored packets to different servers.
- Configure GE1/0/1 of the Switch as a mirrored port to copy the traffic passing through it to different local observing ports.
Procedure
- Configure observing ports.
# Configure GE1/0/2 through GE1/0/4 of the Switch as local observing ports one by one.
<HUAWEI> system-view [HUAWEI] sysname Switch [Switch] observe-port 1 interface gigabitethernet 1/0/2 //Configure GE1/0/2 as a local observing port with the index 1. [Switch] observe-port 2 interface gigabitethernet 1/0/3 //Configure GE1/0/3 as a local observing port with the index 2. [Switch] observe-port 3 interface gigabitethernet 1/0/4 //Configure GE1/0/4 as a local observing port 3.
- Configure a mirrored port.
# Configure GE1/0/1 of the Switch as a mirrored port to copy the packets received by the mirrored port to local observing ports.
[Switch] interface gigabitethernet 1/0/1 [Switch-GigabitEthernet1/0/1] port-mirroring to observe-port 1 inbound //Mirror incoming traffic on GE1/0/1 to observing port 1. [Switch-GigabitEthernet1/0/1] port-mirroring to observe-port 2 inbound //Mirror incoming traffic on GE1/0/1 to observing port 2. [Switch-GigabitEthernet1/0/1] port-mirroring to observe-port 3 inbound [Switch-GigabitEthernet1/0/1] return //Mirror incoming traffic on GE1/0/1 to observing port 3.
- Verify the configuration.
# Check the observing port configuration.
<Switch> display observe-port ---------------------------------------------------------------------- Index : 1 Untag-packet : No Interface : GigabitEthernet1/0/2 ---------------------------------------------------------------------- Index : 2 Untag-packet : No Interface : GigabitEthernet1/0/3 ---------------------------------------------------------------------- Index : 3 Untag-packet : No Interface : GigabitEthernet1/0/4 ----------------------------------------------------------------------
# Check the mirrored port configuration.
<Switch> display port-mirroring ---------------------------------------------------------------------- Observe-port 1 : GigabitEthernet1/0/2 Observe-port 2 : GigabitEthernet1/0/3 Observe-port 3 : GigabitEthernet1/0/4 ---------------------------------------------------------------------- Port-mirror: ---------------------------------------------------------------------- Mirror-port Direction Observe-port ---------------------------------------------------------------------- 1 GigabitEthernet1/0/1 Inbound Observe-port 1 2 GigabitEthernet1/0/1 Inbound Observe-port 2 3 GigabitEthernet1/0/1 Inbound Observe-port 3 ----------------------------------------------------------------------
Configuration Files
Configuration file of the Switch
# sysname Switch # observe-port 1 interface GigabitEthernet1/0/2 observe-port 2 interface GigabitEthernet1/0/3 observe-port 3 interface GigabitEthernet1/0/4 # interface GigabitEthernet1/0/1 port-mirroring to observe-port 1 inbound port-mirroring to observe-port 2 inbound port-mirroring to observe-port 3 inbound # return
Applicable product models and versions
Product |
Product Model |
Software Version |
|---|---|---|
S5700 |
S5700-HI |
V200R005(C00SPC500&C01&C02) |
S5710-EI |
V200R005(C00&C02) |
|
S5710-HI |
V200R005(C00&C02&C03) |
|
S5720-EI |
V200R007C00, V200R008C00, V200R009C00, V200R010C00, V200R011C00, V200R011C10, V200R012C00, V200R013C00, V200R019C00, V200R019C10 |
|
S5735-L, S5735S-L |
V200R019C00, V200R019C10 |
|
S5735S-L-M |
V200R019C00, V200R019C10 |
|
S5735-S, S5735S-S |
V200R019C00, V200R019C10 |
|
S5700 |
S5735-S-I |
V200R019C10 |
S6700 |
S6700-EI |
V200R005(C00&C01) |
S6720-EI |
V200R008C00, V200R009C00, V200R010C00, V200R011C00, V200R011C10, V200R012C00, V200R013C00, V200R019C00, V200R019C10 |
|
S6720S-EI |
V200R009C00, V200R010C00, V200R011C00, V200R011C10, V200R012C00, V200R013C00, V200R019C00, V200R019C10 |
|
S7700 |
S7703, S7706, S7712 |
V200R001(C00&C01), V200R002C00, V200R003C00, V200R005C00, V200R006C00, V200R007C00, V200R008C00, V200R009C00, V200R010C00, V200R011C10, V200R012C00, V200R013C00, V200R013C02, V200R019C00, V200R019C10 Versions earlier than V200R005 support 1:N mirroring in the inbound direction; however, the system supports a maximum of 1:2 mirroring and FC and SA series cards do not support 1:N mirroring. In V200R005 and later versions, SA series cards (except the ES0D0X12SA00 and ES0D0X12SA01 cards) do not support 1:N mirroring, X series cards do not support 1:N mirroring in which observing ports are configured one by one, and other cards support 1:N mirroring in the inbound and outbound directions. |
S7703 PoE |
V200R013C00, V200R019C00, V200R019C10 SA series cards (except the ES0D0X12SA00 and ES0D0X12SA01 cards) do not support 1:N mirroring, X series cards do not support 1:N mirroring in which observing ports are configured one by one, and other cards support 1:N mirroring in the inbound and outbound directions. |
|
S7706 PoE |
V200R013C00, V200R019C00, V200R019C10 SA series cards (except the ES0D0X12SA00 and ES0D0X12SA01 cards) do not support 1:N mirroring, X series cards do not support 1:N mirroring in which observing ports are configured one by one, and other cards support 1:N mirroring in the inbound and outbound directions. |
|
S9700 |
S9703, S9706, S9712 |
V200R001(C00&C01), V200R002C00, V200R003C00, V200R005C00, V200R006C00, V200R007(C00&C10), V200R008C00, V200R009C00, V200R010C00, V200R011C10, V200R012C00, V200R013C00 Versions earlier than V200R005 support 1:N mirroring in the inbound direction; however, the system supports a maximum of 1:2 mirroring and FC and SA series cards do not support 1:N mirroring. In V200R005 and later versions, SA series cards (except EH1D2X12SSA0 card and ET1D2X12SSA0 card) do not support 1:N mirroring, X series cards do not support 1:N mirroring in which observing ports are configured one by one, and other cards support 1:N mirroring in the inbound and outbound directions. |
For details about software mappings, visit Hardware Query Tool and search for the desired product model.