beautypg.com

Network diagram, Configuration procedure – H3C Technologies H3C WX6000 Series Access Controllers User Manual

Page 464

background image

50-8

The administrator wants to monitor the packets sent from Department 1 and 2 through the data
monitoring device.

Use the remote port mirroring function to meet the requirement. Perform the following configurations:

z

Use AC as the source device, Switch A as the intermediate device, and Switch B as the destination
device.

z

On AC, create a remote source mirroring group; create VLAN 2 and configure it as the remote port
mirroring VLAN; add port GigabitEthernet 0/0/1 and GigabitEthernet 0/0/2 to the port mirroring
group as two source ports. Configure port GigabitEthernet 0/0/3 as the outbound mirroring port.

z

Configure port GigabitEthernet 0/0/3 of AC, port GigabitEthernet 0/0/1 and GigabitEthernet 0/0/2 of
Switch A, and port GigabitEthernet 0/0/1 of Switch B as trunk ports and configure them to permit
packets of VLAN 2.

z

Create a remote destination mirroring group on Switch B. Configure VLAN 2 as the remote port
mirroring VLAN and port GigabitEthernet 0/0/2, to which the data monitoring device is connected,
as the destination port.

Network diagram

Figure 50-4

Network diagram for remote port mirroring configuration

Configuration procedure

1) Configure AC (the source device).

# Create a remote source port mirroring group.

system-view

[AC] mirroring-group 1 remote-source

# Create VLAN 2.

[AC] vlan 2

[AC-vlan2] quit

# Configure VLAN 2 as the remote port mirroring VLAN of the remote port mirroring group. Add port
GigabitEthernet 0/0/1 and GigabitEthernet 0/0/2 to the remote port mirroring group as source ports.
Configure port GigabitEthernet 0/0/3 as the outbound mirroring port.

[AC] mirroring-group 1 remote-probe vlan 2

[AC] mirroring-group 1 mirroring-port GigabitEthernet 0/0/1 GigabitEthernet 0/0/2 inbound

[AC] mirroring-group 1 monitor-egress GigabitEthernet 0/0/3

# Configure port GigabitEthernet 0/0/3 as a trunk port and configure the port to permit the packets of
VLAN 2.

[AC] interface GigabitEthernet 0/0/3