Configuration procedure – H3C Technologies H3C SecBlade NetStream Cards User Manual

Page 181

166

Configuration procedure

Configure the Device

# Create VLAN 10 and VLAN 20, and assign GigabitEthernet 3/0/1 and GigabitEthernet 3/0/2 to
VLAN 10 and VLAN 20, respectively.

system-view
[Device] vlan 10
[Device-vlan10] port gigabitethernet 3/0/1
[Device-vlan10] vlan 20
[Device-vlan20] port gigabitethernet 3/0/2
[Device-vlan20] quit

# Create VLAN-interface, and assign an IP address to the VLAN-interface.

[Device] interface Vlan-interface 10
[Device-Vlan-interface10] ip address 10.1.1.1 255.255.0.0
[Device-Vlan-interface10] quit
[Device] interface Vlan-interface 20
[Device-Vlan-interface20] ip address 20.1.1.1 255.255.0.0
[Device-Vlan-interface20] quit

# Configure Ten-GigabitEthernet 4/0/1 as a trunk port, and configure the port to allow packets from

VLAN 10 and VLAN 20 to pass through.

[SecBlade] interface ten-gigabitethernet 4/0/1
[SecBlade-Ten-GigabitEthernet4/0/1] port link-type trunk
[SecBlade-Ten-GigabitEthernet4/0/1] port trunk permit vlan 10 20
[SecBlade-Ten-GigabitEthernet4/0/1] quit

# Enable ACSEI server for the NS card to synchronize the clock on the Device.

[Device] acsei server enable

# Create sampler 256 in fixed sampling mode and set the sampling rate to 8. The first packet of 256 (2
to the power of 8) packets is selected.

[Device] sampler 256 mode fixed packet-interval 8

# Create a mirroring group and reference the sampler 256.

[Device] mirroring-group 1 local sampler 256
[Device] interface gigabitethernet 3/0/1
[Device-GigabitEthernet3/0/1] mirroring-group 1 mirroring-port inbound
[Device-GigabitEthernet3/0/1] quit
[Device] interface ten-gigabitethernet 4/0/1
[Device-Ten-GigabitEthernet4/0/1] mirroring-group 1 monitor-port
[Device-Ten-GigabitEthernet4/0/1] quit

Configure the SecBlade NS card

# Configure Ten-GigabitEthernet 0/0 as a trunk port, and configure the port to allow packets from

VLAN 10 and VLAN 20 to pass through.

system-view
[SecBlade] interface ten-gigabitethernet 0/0
[SecBlade-Ten-GigabitEthernet0/0] port link-type trunk
[SecBlade-Ten-GigabitEthernet0/0] port trunk permit vlan 10 20
[SecBlade-Ten-GigabitEthernet0/0] quit

# Create a blackhole-type inline forwarding entry 1.

This manual is related to the following products:

H3C S10500 Series Switches H3C S7500E Series Switches H3C S6800 Series Switches H3C S6300 Series Switches H3C S5800 Series Switches H3C S5820X Series Switches H3C S5820V2 Series Switches H3C S5830 Series Switches H3C S5830V2 Series Switches H3C S3600V2 Series Switches H3C S3100V2 Series Switches