mirror rule service-policy
Function
The mirror rule service-policy command configures the mapping between a traffic policy and the Option 82 attribute.
The undo mirror rule command deletes the mapping between a traffic policy and the Option 82 attribute.
By default, no between a traffic policy and the Option 82 attribute is configured.
This command is supported only on the NetEngine 8000 F1A.
Parameters
| Parameter | Description | Value |
|---|---|---|
| service-policy service-policy-name |
Specifies the name of a value-added service policy. |
The value is a string of 1 to 64 case-insensitive characters, which can be uppercase letters A to Z, lowercase letters a to z, digits 0 to 9, periods (.), hyphens (-), underscores (_), or their combinations. |
| partial-match |
Indicates fuzzy matching. Matching succeeds as long as the character string specified by the circuit-id description-text or remote-id description-text parameter is carried in the Option 82 attribute of a user packet. |
- |
| circuit-id description-text |
Specifies the circuit ID carried in a DHCP Request or Discover message. During user login process, circuit ID which records a user's physical information is carried in a login request sent to the device. |
The value is a string of 1 to 198 case-sensitive characters, with spaces supported. |
| remote-id description-text |
Specifies the remote ID carried in a DHCP Request or Discover message. During user login process, remote ID which records a user's physical location is carried in a login request sent to the device. |
The value is a string of 1 to 198 case-sensitive characters, with spaces supported. |
| rule rule-number-name |
Specifies a rule ID. If rule-number-name is not specified, the ID of a new rule is the current largest ID plus 5 which cannot exceed the maximum value allowed. If the ID of the first rule is not specified, its ID is 5. |
The value is an integer ranging from 0 to 65535. |
Usage Guidelines
Usage Scenario
In a scenario where local flow mirroring is performed based on the Option 82 attribute, you need to run the mirror service-policy command to configure the mapping between a traffic policy and the Option 82 attribute, so that user packets whose Option 82 information matches the configured value are mirrored.
Prerequisites
A traffic policy has been configured using the traffic-policy command in the system view, and the service policy type has been configured as mirroring using the service-policy name mirror command.
Precautions
- The same or cannot be specified for different rules.
- If the mirror rule command is run more than once, the latest configuration overrides the previous one.
- If a service policy template has been configured using the service-policy name command, the service policy template cannot be deleted, and the service group bound to the service template cannot be deleted or changed.
- If the circuit ID or remote ID information carried in a user login request matches multiple rules, the rule with the smallest ID is selected.
Example
<HUAWEI> system-view [~HUAWEI] traffic policy test1 [*HUAWEI-trafficpolicy-test1] commit [~HUAWEI-trafficpolicy-test1] quit [~HUAWEI] service-group huawei [~HUAWEI] service-policy name test1 mirror [~HUAWEI-service-policy-test1] service-group huawei [~HUAWEI-service-policy-test1] quit [~HUAWEI] mirror rule 6 service-policy test1 circuit-id 12344