Configuring non-multicast traffic mirroring on S series switches

3

Traffic mirroring can be configured to filter out multicast traffic and only mirror unicast traffic. Assume that GE1/0/1 is a mirrored port on an S series switch (except the S1700), and GE2/0/1 is an observing port. To mirror only incoming non-multicast packets (received packets) on GE1/0/1, perform the following configurations:
[HUAWEI] observe-port 1 interface gigabitethernet 2/0/1 //Create an observing port.
[HUAWEI] traffic classifier Unicast //Configure a traffic classifier to match only unicast packets. Only unicast packets (that is, the eighth bit of the first byte in the MAC addresses is 0) are allowed to pass through. The eighth bit of the first byte in MAC addresses of multicast packets is 1.
[HUAWEI-classifier-Unicast] if-match destination-mac 0000-0000-0000 0100-0000-0000
[HUAWEI-classifier-Unicast] quit
[HUAWEI] traffic behavior Unicast //Configure traffic mirroring as the traffic behavior.
[HUAWEI-behavior-Unicast] mirroring to observe-port 1
[HUAWEI-behavior-Unicast] quit
[HUAWEI] traffic policy Unicast //Configure a traffic policy, and bind the traffic classifier and traffic behavior to the traffic policy.
[HUAWEI-trafficpolicy-Unicast] classifier Unicast behavior Unicast
[HUAWEI-trafficpolicy-Unicast] quit
[HUAWEI] interface gigabitethernet 1/0/1
[HUAWEI-GigabitEthernet1/0/1] traffic-policy p1 inbound //Apply the traffic policy to the inbound direction of GE1/0/1.

Other related questions:
Configuring HTTP traffic mirroring on S series switches
For S series switches (except S1700 switches), traffic mirroring can be configured to only mirror HTTP traffic with TCP destination port 80. For example, to mirror incoming HTTP traffic (received traffic) with TCP destination port 80 on GE1/0/1 to observing port GE2/0/1, perform the following configurations: 1. Configure GE2/0/1 as an observing port. [HUAWEI] observe-port 1 interface gigabitethernet 2/0/1 2. Create a traffic classifier to match traffic with TCP destination port 80. [HUAWEI] acl number 3000 [HUAWEI-acl-adv-3000] rule permit tcp destination-port eq www [HUAWEI-acl-adv-3000] quit [HUAWEI] traffic classifier c1 [HUAWEI-classifier-c1] if-match acl 3000 [HUAWEI-classifier-c1] quit 3. Create a traffic behavior and set the action to traffic mirroring. [HUAWEI] traffic behavior b1 [HUAWEI-behavior-b1] mirroring to observe-port 1 [HUAWEI-behavior-b1] quit 4. Create a traffic policy, and bind the traffic classifier and traffic behavior to the traffic policy. [HUAWEI] traffic policy p1 [HUAWEI-trafficpolicy-p1] classifier c1 behavior b1 [HUAWEI-trafficpolicy-p1] quit 5. Apply the traffic policy to the inbound direction of GE1/0/1. [HUAWEI] interface gigabitethernet 1/0/1 [HUAWEI-GigabitEthernet1/0/1] traffic-policy p1 inbound

Configure local traffic mirroring on S series switch
For S series switches (except S1700 switches), traffic mirroring can be configured based on ACLs and Modular Quality of Service Command-Line Interface (MQC) (complex traffic classification). ACL-based traffic mirroring is easy to configure but supports fewer packet types than MQC-based traffic mirroring and supports only inbound traffic mirroring. MQC-based traffic mirroring is complex to configure but supports more packet types and supports mirroring of both inbound and outbound (packets that are sent) traffic. Depending on whether the mirrored device is directly connected to the monitoring device, traffic mirroring is classified into local and remote traffic mirroring. For example, copy inbound packets with the source IP address of 192.168.10.1 on GE2/0/1 to the observing port GE1/0/1 directly connected to the monitoring device. The configuration procedure is as follows: 1. ACL-based configuration [HUAWEI] observe-port 1 interface gigabitethernet 1/0/1 //Configure the local observing port. [HUAWEI] acl 2001 [HUAWEI-basic-acl-2001] rule permit source 192.168.10.1 0 //Permit packets with the source IP address of 192.168.10.1. [HUAWEI-basic-acl-2001] quit [HUAWEI] interface gigabitethernet 2/0/1 [HUAWEI-GigabitEthernet2/0/1] traffic-mirror inbound acl 2001 to observe-port 1 //Mirror specified packets on GE2/0/1 to the local observing port. 2. MQC-based configuration [HUAWEI] observe-port 1 interface gigabitethernet 1/0/1 //Configure the local observing port. [HUAWEI] acl 2001 [HUAWEI-basic-acl-2001] rule permit source 192.168.10.1 0 [HUAWEI-basic-acl-2001] quit [HUAWEI] traffic classifier c1 //Configure a traffic classifier to match packets with the sources IP address of 192.168.10.1. [HUAWEI-classifier-c1] if-match acl 2001 [HUAWEI-classifier-c1] quit [HUAWEI] traffic behavior b1 //Define traffic mirroring in a traffic behavior. [HUAWEI-behavior-b1] mirroring to observe-port 1 [HUAWEI-behavior-b1] quit [HUAWEI] traffic policy p1 //Configure a traffic policy and bind the traffic classifier and traffic behavior to the traffic policy. [HUAWEI-trafficpolicy-p1] classifier c1 behavior b1 [HUAWEI-trafficpolicy-p1] quit [HUAWEI] interface gigabitethernet 2/0/1 [HUAWEI-GigabitEthernet2/0/1] traffic-policy p1 inbound //Apply the traffic policy to the mirrored port.

If you have more questions, you can seek help from following ways:
To iKnow To Live Chat
Scroll to top