Got it
Enterprise
Community Forums Switches
Using Port Mirroring on t...

Using Port Mirroring on the Quidway Switch to Capture Packets

Created: Aug 6, 2018 04:47:36Latest reply: Aug 6, 2018 11:44:19 929 7 0 0
  Rewarded HiCoins: 0 (problem resolved)
display all floors #1
How can we use port mirroring on switch for packets capturing ?
  • x
  • convention:

I have this problem too (0) Favorite(0) Share Report
Previous: Radius attribute mismatch
Next: [Revelations of Troublesolving] Waiting for your feedback
Featured Answers

Best answer

(0) (0)
faysalji
Created Aug 6, 2018 05:29:54 Helpful(0) Helpful(0)

Here are the detailed steps:

1) Access the switch by running the following command:
[Quidway]system

2)To set the monitoring port, run the following command:

[Quidway]observe-port 1 interface ethernet 0/0/20

*Note that only one monitoring port is allowed.

3) To set the mirror port, run the following commands:

[Quidway]interface ethernet 0/0/12
[Quidway-Ethernet0/0/1]port-mirroring to observer-port 1 both

*Note that multiple mirror ports are allowed. Three mirroring modes are available: BOTH, INBOUND, and
OUTBOUND.

both: Data can be transmitted from the computer to the switch and vice versa.
inbound: Data can only be transmitted from the computer to the switch.
outbound: Data can only be transmitted from the switch to the computer.

The mirror port's mode must be consistent with that of the monitoring port.
To check the monitoring port's mode, run the following command:
[Quidway]display port-mirroring

4) To cancel port mirroring, run the following commands:

[Quidway]interface ethernet 0/0/1
[Quidway-Ethernet0/0/1]undo port-mirroring both
[Quidway-Ethernet0/0/1]quit
[Quidway]undo observe-port 1

***And to cancel port mirroring, disable the monitoring port then the mirror port.

View more
  • x
  • convention:

ZubiZubiDoo
ZubiZubiDoo Created Aug 6, 2018 11:44:36
Thanks  
If you think my post/reply is useful, please click the Helpful button and flag my post as a BEST ANSWER. Thanks
All Answers
faysalji
faysalji Created Aug 6, 2018 04:58:19 Helpful(0) Helpful(0)

First set the monitoring port then set the mirror port
View more
  • x
  • convention:
If you think my post/reply is useful, please click the Helpful button and flag my post as a BEST ANSWER. Thanks
WheatGrass
WheatGrass Created Aug 6, 2018 05:22:13 Helpful(0) Helpful(0)

This post was last edited by WheatGrass at 2018-08-06 06:10. Configuring 1:1 Port Mirroring

You can copy packets on a mirrored port to an observing port.
For example, copy incoming packets (received packets) on mirrored port GE0/0/2 to observing port GE0/0/1. GE0/0/1 is directly connected to a monitoring device.

system-view
[HUAWEI] observe-port 1 interface gigabitethernet 0/0/1
[HUAWEI] interface gigabitethernet 0/0/2
[HUAWEI-GigabitEthernet0/0/2] port-mirroring to observe-port 1 inbound

Configuring 1:N Port Mirroring

You can copy packets on one mirrored port to N observing ports. For example, copy incoming packets (received packets) on mirrored port GE2/0/1 to observing ports GE1/0/1 through GE1/0/3. These observing ports are directly connected to monitoring devices.•Configure observing ports one by one.

system-view
[HUAWEI] observe-port 1 interface gigabitethernet 1/0/1
[HUAWEI] observe-port 2 interface gigabitethernet 1/0/2
[HUAWEI] observe-port 3 interface gigabitethernet 1/0/3
[HUAWEI] interface gigabitethernet 2/0/1
[HUAWEI-GigabitEthernet2/0/1] port-mirroring to observe-port 1 inbound
[HUAWEI-GigabitEthernet2/0/1] port-mirroring to observe-port 2 inbound
[HUAWEI-GigabitEthernet2/0/1] port-mirroring to observe-port 3 inbound

Configure observing ports in a batch (only in V200R005 and later versions).

system-view
[HUAWEI] observe-port 1 interface-range gigabitethernet 1/0/1 to gigabitEthernet 1/0/3
[HUAWEI] interface gigabitethernet 2/0/1
[HUAWEI-GigabitEthernet2/0/1] port-mirroring to observe-port 1 inbound

Configuring N:1 Port Mirroring

You can copy packets on N mirrored ports to one observing port. For example, copy incoming packets (received packets) on mirrored ports GE0/0/1 through GE0/0/3 to observing port GE0/0/10. GE0/0/10 is directly connected to a monitoring device.

system-view
[HUAWEI] observe-port 1 interface gigabitethernet 0/0/10
[HUAWEI] interface gigabitethernet 0/0/1
[HUAWEI-GigabitEthernet0/0/1] port-mirroring to observe-port 1 inbound
[HUAWEI-GigabitEthernet0/0/1] quit
[HUAWEI] interface gigabitethernet 0/0/2
[HUAWEI-GigabitEthernet0/0/2] port-mirroring to observe-port 1 inbound
[HUAWEI-GigabitEthernet0/0/2] quit[HUAWEI] interface gigabitethernet 0/0/3
[HUAWEI-GigabitEthernet0/0/3] port-mirroring to observe-port 1 inbound
[HUAWEI-GigabitEthernet0/0/3] quit

You may also refer to this link: https://forum.huawei.com/enterprise/en/thread-253499.html
View more
  • x
  • convention:
faysalji
faysalji Created Aug 6, 2018 05:29:54 Helpful(0) Helpful(0)

Here are the detailed steps:

1) Access the switch by running the following command:
[Quidway]system

2)To set the monitoring port, run the following command:

[Quidway]observe-port 1 interface ethernet 0/0/20

*Note that only one monitoring port is allowed.

3) To set the mirror port, run the following commands:

[Quidway]interface ethernet 0/0/12
[Quidway-Ethernet0/0/1]port-mirroring to observer-port 1 both

*Note that multiple mirror ports are allowed. Three mirroring modes are available: BOTH, INBOUND, and
OUTBOUND.

both: Data can be transmitted from the computer to the switch and vice versa.
inbound: Data can only be transmitted from the computer to the switch.
outbound: Data can only be transmitted from the switch to the computer.

The mirror port's mode must be consistent with that of the monitoring port.
To check the monitoring port's mode, run the following command:
[Quidway]display port-mirroring

4) To cancel port mirroring, run the following commands:

[Quidway]interface ethernet 0/0/1
[Quidway-Ethernet0/0/1]undo port-mirroring both
[Quidway-Ethernet0/0/1]quit
[Quidway]undo observe-port 1

***And to cancel port mirroring, disable the monitoring port then the mirror port.

View more
  • x
  • convention:

ZubiZubiDoo
ZubiZubiDoo Created Aug 6, 2018 11:44:36
Thanks  
If you think my post/reply is useful, please click the Helpful button and flag my post as a BEST ANSWER. Thanks
andsta
andsta Created Aug 6, 2018 05:38:22 Helpful(0) Helpful(0)

Hi,
The port mirroring function can duplicate the packets of the designated service interface to the non-service interfaces. When the session is abnormal, the problem can be located by checking the protocol analyzer connected to the non-service interface, without affecting normal services. The service interface is called "mirroring port". The non-service interface is called "observing port."
In order to configure port mirroring on your device please refer to the following link:
http://support.huawei.com/hedex/hdx.do?docid=EDOC1000000870&id=sec_vsp_cfg_sysdebug_0017&text=Configuring%252520Port%252520Mirroring&lang=en
View more
  • x
  • convention:
ZubiZubiDoo
ZubiZubiDoo Created Aug 6, 2018 11:44:06 Helpful(0) Helpful(0)

Posted by WheatGrass at 2018-08-06 05:22 Configuring 1:1 Port MirroringYou can copy packets on a mirrored port to an observing port. For exam ...
Great Thanks
View more
  • x
  • convention:
ZubiZubiDoo
ZubiZubiDoo Created Aug 6, 2018 11:44:19 Helpful(0) Helpful(0)

Posted by andsta at 2018-08-06 05:38 Hi,The port mirroring function can duplicate the packets of the designated service interface to the ...
Thanks
View more
  • x
  • convention:
Back to list

Comment

Advanced
B Color Image Link Quote Code Smilies
You need to log in to comment to the post Login | Register
Comment

Notice: To protect the legitimate rights and interests of you, the community, and third parties, do not release content that may bring legal risks to all parties, including but are not limited to the following:
  • Politically sensitive content
  • Content concerning pornography, gambling, and drug abuse
  • Content that may disclose or infringe upon others ' commercial secrets, intellectual properties, including trade marks, copyrights, and patents, and personal privacy
Do not share your account and password with others. All operations performed using your account will be regarded as your own actions and all consequences arising therefrom will be borne by you. For details, see " Privacy."

My Followers

Login and enjoy all the member benefits

Login
Huawei Website Support About Huawei Privacy User Agreement Terms of Use Cookie Settings
Huawei Enterprise Huawei Carrier Forum Training & Certification

Copyright © 2021 Huawei Technologies Co., Ltd. All rights reserved.

APP

Block
Are you sure to block this user?
Users on your blacklist cannot comment on your post,cannot mention you, cannot send you private messages.
Reminder
Please bind your phone number to obtain invitation bonus.