Remote flow mirroring configuration method on AR router series?

Only the version before V200R005C32 supports remote flow mirroring

By configuring the remote traffic mirroring, specific packets flows through the port can be replicated to the remote monitoring device for analysis and monitoring.

Before you configure remote flow mirroring, you need to configure the route protocol and GRE tunnel.

1.Configure remote viewing server
Operation steps
Run the following command system-view, access the system view.
Run the command observe-server destination-ip destination-ip-address source-ip source-ip-address [ dscp dscp-value ], configure the remote mirroring observation of server.
Note:
Destination-ip-address is monitor the device IP address, source-ip-address as a mirrored port IP address.

If the monitoring equipment and mirroring port IP address is the private address, in order to ensure communication between private network address in the public network, you need to configure the GRE tunnel.

2 configuration flow mirroring

Background information
In the traffic mirroring ,mirroring port application contains flow mirroring flow strategy. If the packets passing through a mirrored port matching traffic classification rules, the packet will be copied to the observing port.

Operation steps
a.Configure a traffic classifier.
Run the following command system-view, access the system view.
Run the command traffic classifier classifier-name [ operator { and | or } ], create a flow classification, into the traffic classifier view.
Run the following command if-match configuration according to the actual situation flow classifications of matching rules.
Run the following command quit, quit the traffic classifier view.


b. configuration flow behavior
Run the following command traffic behavior behavior-name, create a flow behavior to display the traffic behavior view.
Run the following command mirror to observe-port, will meet the rules of the traffic mirroring to the specified observing port.
Run the following command quit, exit the flow behavior view.
Run the following command quit, exit the system view.

c configuration flow strategy
Run the following command system-view, access the system view.
Run the following command traffic policy policy-name, create a flow policy and access the policy view, or by entering the name of an existing traffic policy view.
Run the following command classifier classifier-name behavior behavior-name, in the flow policy for the specified flow classification configuration flow behavior, which is required to bind the traffic classifier and traffic behavior.
Run the following command quit, exit the flow policy view.
Run the following command quit, exit the system view.

d application flow policy
Run the following command system-view, access the system view.
Run the command interface interface-type interface-number [.subinterface-number ], to enter the interface view.
Run the command traffic-policy policy-name { inbound | outbound }, at the outbound or inbound direction application flow policy.

Scroll to top