交换机端⼝镜像配置⼤全【汇集22个各种品牌交换机】
1、思科(CISCO)交换机
1.1配置镜像(SPAN)端⼝
Switch(config)# monitor session 1 source interface fastethernet 4/10
Switch(config)# monitor session 1 filter vlan 57
Switch(config)# monitor session 1 destination interface fastethernet 4/15
如果想释放该SPAN 任务,输⼊如下命令:
Switch(config)# no monitor session 1
以下语句显⽰如何检验SPAN 任务的配置结果:
Switch# show monitor session 2
在配置镜像端⼝(SPAN)过程中,还应考虑到数据流量过⼤时,设备的处理速度及端⼝数
据缓存的⼤⼩,要尽量减少被监控数据包的丢失。
1.2 Catalyst 2550/2950/3550/3560/3560-E/3570-E
旧交换机系统命令:
Switch(config)# int fa0/1
Switch(config-if)# port monitor fastEthernet0/2
新交换机系统命令:
Switch> show interfaces
Switch> enable
Password: cisco
Switch# configure terminal
Switch(config)# monitor session 1 source interface fastethernet 0/17
Switch(config)# monitor session 1 destination interface fastethernet 0/2
Switch(config)# end
Switch# show monitor session 1 --查看镜像
Switch# no monitor session 1 --清空镜像
Switch# show running-config --查看运⾏配置
Switch# copy running-config startup-config --保存到配置⽂件
如果⽤ display mirror 命令看到ingress:disabled,说明划分了VLAN,源数据中包含了⽬
的端⼝所在的VLAN。假设⽬的端⼝在VLAN1:
Switch(config)# monitor session 1 filter vlan 1
或者
Switch(config)# monitor session 1 destination interface fasternet 0/20 ingress vlan 1
1.3 Catalyst 4000/4500/4900
进⼊配置模式:
Switch# enable
Switch# password cisco --默认为cisco
Switch# configure terminal
举例配置: FastEthernet2/3为源端⼝,FastEthernet5/48为⽬的端⼝
Switch(config)# monitor session 1 source interface fa 2/3 (rx|tx|both)
Switch(config)# monitor session 1 destination interface fa 5/48
当源端⼝是trunk interface 时,监控VLAN 1-5 和VLAN 9
Switch(config)# monitor session 2 fiter vlan 1-5,9
当监控FastEthernet 4/10是trunk interface 带着VLAN 1-1005,如果只想监控VLAN57的数
据,fastethernet 4/15为⽬的端⼝
Switch(config)# monitor session 1 source interface fastethernet 4/10
Switch(config)# monitor session 1 filter vlan 57
Switch(Config)# monitor session 1 destination interface fastethernet 4/15
1.4 Cisco catylist2820
有2 个菜单选项
先进⼊menu 选项,enable port monitor
进⼊cli 模式,
en
conf term
conf term
Interface fast 0/x --镜像⼝
port monitor fast 0/x --被镜像⼝
exit
wr
2、华为交换机
2.1 华为NE80
3/0/2的数据镜像到3/0/0 和3/0/1中
NE80-C(config)#observing-port ethernet3/0/0
NE80-C(config)#observing-port Ethernet3/0/1
NE80-C(config)#port-mirroring ethernet3/0/2 both ethernet3/0/0 ethernet3/0/1
注:如果只想镜像出⼝或⼊⼝可以将both改为egress或ingress
2.2 华为3900
[Quidway] interface Ethernet 1/0/4
[Quidway-Ethernet1/0/1] monitor-port
[Quidway-Ethernet1/0/1] quit
[Quidway] interface Ethernet1/0/1
[Quidway-Ethernet1/0/1] mirroring-port both
[Quidway-Ethernet1/0/1] quit
2.3 华为S6500/S7500
将1/0/1~1/0/3端⼝镜像到1/0/4
[Quidway]system-view
[Quidway]mirroring-group 1 inbound Ethernet 1/0/1 to Ethernet1/0/3 mirrored-to Ethernet 1/0/4
[Quidway]mirroring-group 1 outbound ethernet1/0/1 to Ethernet1/0/3 mirrored-to Ethernet 1/0/4
取消镜像
[Quidway]undo mirroring-group 1
2.4 Quidway 2008/2016/3026/2403H
Quidway(config)# monitor-port e 0/18 --镜像⼝
Quidway(config)# monitor e 0/3 --被镜像⼝
上述两条命令与下⾯⼀条等效
Quidway(config)# monitor e 0/3 observing-port e0/18
查看镜像端⼝信息
Quidway(config)# show monitor
2.5 Quidway 3526
Quidway(config)#monitor-port Ethernet 0/24 --监控⼝
将从 Ethernet0/1输出的业务流镜像到监控⼝
Quidway(config)#rule-map 12 rule1 ingress Ethernet 0/1 egress any
将从 Ethernet0/1输⼊的业务流镜像到监控⼝
Quidway(config)#rule-map 12 rule2 ingress any egress Ethernet 0/1
注:(rule1/rule2)为rule 名称,两个规则名称不能相同,否则后配置规则覆盖先配置的规
则,any定义对端⼝Ethernet0/1的所有(出/⼊)的业务流进⾏监控。
3、H3C 交换机
3.1 H3C S2008/S2016/S2026/S2403H/S3026
⽅法⼀:
[SwitchA]system-view
[SwitchA]monitor-port 0/8 --(观测)端⼝
[SwitchA]port mirror Ethernet 0/1 to Ethernet 0/2 --被镜像端⼝
⽅法⼆:
[SwitchA]system-view
[SwitchA]port mirror Ethernet 0/1 to Ethernet 0/2 observing-port Ethernet 0/8
3.2 H3C S3100
system-view
[H3C]mirroring-group 1 local
[H3C]mirroring-group 1 monitor-port Ethernet 1/0/4 --镜像⼝
[H3C]mirroring-group 1 monitor-port Ethernet 1/0/4 --镜像⼝
[H3C]mirroring-group 1 mirroring-port Ethernet 1/0/1 both --被镜像⼝
3.3 H3C S3500
system-view
[H3C]mirroring-group 1 local
[H3C]mirroring-group 1 mirroring-port Ethernet 1/0/1 to Ethernet 1/0/5 both 3.4 H3C S3600
⽅法⼀:
system-view
[H3C]mirroring-group 1 local
[H3C]interface Ethernet 1/0/4
[H3C-Ethernet1/0/4]monitor-port --设置为镜像⼝
[H3C-GigabitEthernet1/0/4]quit
[H3C]interface Ethernet 1/0/1
[H3C-GigabitEthernet1/0/1]mirroring-port both --设置为被镜像⼝
[H3C-GigabitEthernet1/0/1]quit
[H3C]save --(Y/N)保存名称
⽅法⼆:
system-view
[H3C]mirroring-group 1 local
[H3C]mirroring-group 1 monitor-port GigabitEthernet 1/0/4
[H3C]mirroring-group 1 mirroring-port GigabitEthernet 1/0/1 both
4、3COM 交换机
4.1 3com 4400
24端⼝监控9端⼝
Select menu option(feature/rovingAnalysis):add
Select analyzer port(unit:port,?): 1:24
Select menu option(feature/rovingAalysis):start
Select port to monitor(unit:port,?): 1:9
Select menu option(feature/rovingAnalysis):summary
注:命令(add、start、remove、summary)
4.2 3com 3500/3026E/3026F/3050/S3526
system-view
[switch]ac1 num 4000 --定义⼀条扩展访问控制列表
定义对 e0/2⼝出/⼊进⾏监控
[switch-ac1-4000]rule 0 permit ingress interface Ethernet 0/2 egress any [switch-ac1-4000]rule 1 permit ingress any egress interface Ethernet 0/2 [switch-ac1-4000]quit
定义 e0/1监控⼝
[switch]mirrored-to link-group 4000 rule 0 interface Ethernet 0/1
[switch]mirrored-to link-group 4000 rule 1 interface Ethernet 0/1
[switch]mirrored-to link-group 4000 interface Ethernet 0/1
4.3 3com 4900 family
配置分析端⼝
Feature rovingAlysis add
The following prompt is displayed:
Select analyzer port(unit:port,?): 1:10
配置被监控端⼝
Feature rovingAlysis start
The following prompt is displayed:
Select unit to monitor(unit:port,?): 1:12
检查配置
Feature rovingAnalysis summaryconsole命令大全
5、D-Link 交换机
5.1 D-Link 3226
5.1 D-Link 3226
DES-3226S:4#config mirror port 1 add source ports 2 both
DES-3226S:4#show mirror
DES-3226S:4#enable mirror
DES-3226S:4#config port mirroring source port b target port 1
6、Tp-Link交换机
7、北电交换机
7.1 Nortel 1100/2000
⽀持⼀组镜像、2个source 、1个destination 默认⽤户名/密码12/12
Config
Mirror
Input1(mod/port)enable
Input2(mod/port)enable
Output(mod/port)enable
Save configure ture
7.2 Nortel 8000 series
默认⽤户名/密码rwa/rwa
Config diag mirror-by-port 1 create in-port 2/4 out-port 2/1
Config diag mirror-by-port 1 enable ture
Config diag mirror-by-port 1 mode both | tx | rx
Save config
Diag mirror-by-port 1 info --查看第1号镜像
注:Nortel 镜像功能通常是rx,不⽀持both(看CPU⽽定)
8、锐捷交换机
Switch#configure terminal
Switch(config)#monitor session 1 source interface fastEthernet 0/10 both
Switch(config)#monitor session 1 destination interface fastEthernet 0/2
Switch(config)show monitor session 1
Switch#show running-config --显⽰当前所有配置
Switch#no monitor session 1 --取消镜像session 1
9、Intel交换机
Navigation菜单-> Statistics -> Mirror Ports -> Mirror Ports对话框
Configure Source -> Mirror Ports Configuration -> Apply(确定)
三种监听模式:
1、连续(Always):镜像全部流量
2、周期(Periodic):在⼀定周期内镜像全部流量。周期在Sampling interval configuration
中设置
3、禁⽌(Disabled):关闭流量镜像
10、Avaya交换机
设置端⼝监听:set port mirror source-port mirror-port sampling{always | disable | periodic} [max-packets-sec < max-packets-sec-value>] [piggyback-port]
Mod-port-range:指定端⼝范围
Mod-port-spec:指定特定端⼝
Piggyback-port:指定双向镜像的端⼝
Sampling:指定镜像周期
Max-packets-sec:指定监听⼝每秒最多的数据报数量(仅在sampling设置为periodic时)
禁⽌端⼝监听:clear port mirror
11、港湾交换机
11.1 flax24
Harbour(config)#
Harbour(config)# config mirroring 1
Harbour(config)#config mirroring 1 add port 5 (or 5-10) --被镜像⼝
Harbour(config)#config mirroring 1 to 13 --镜像⼝
Harbour(config)#show mirroring
Harbour(config)#save configuration
11.2 港湾6802
11.2 港湾6802
Interface Ethernet 1/11
Mirror ingress 1/10 egress 1/10
Exit
Extreme alpine 3802
Alpine3804:#enable mirroring to port 2:10
Alpine3804:#configure mirror add port 2:32
Alpine3804:#configure mirror add port 2:1
注:如果监控端⼝与被监控端⼝不在⼀个控制器(⼀组端⼝)中的话,只能抓到进⼝包, 出⼝包抓不到
11.3 BigHammer 6808
设置镜像(板槽1,1端⼝监控2⼝接收、3⼝接收和发送、4⼝发送的数据)
Harbour(config)#interface Ethernet 1/1
Harbour(config-if-eth1/1)#mirror ingress 1/2,1/3 egress 1/3-4
取消镜像
Harbour(config)#interface Ethernet 1/1
Harbour(config)#no mirror
11.4 NetHammerM128(8⼝)
将端⼝2、3接收到⽬的地址为00:11:22:33:44:55的报⽂镜像到1号⼝:
Router(config-if-swi)#config mirror to 1
Router(config-if-swi)#config mirror monitor all add 2-3
Router(config-if-swi)#config mirror mode all dest 00:11:22:33:44:55
Router(config-if-swi)#
11.5 港湾5210
Harbour5210(config)#interface Ethernet 1/4
Harbour5210(config-if-eth1/4)#mirro ingress 1/24 egress 1/24
11.6 港湾FLEX HAMMER 5010
Harbour>enable
Password:harbour --默认为harbour
Harbour(config)#config mirroring 1 to 5
Harbour(config)#config mirroring 1 add port 6 (or 6-10) egress
Harbour(config)#config mirroring 1 add port 6 (or 6-10) ingress
Harbour(config)#show mirror
12、DELL 交换机
12.1 DELL 5224
Console#conf
Console(config)#interface Ethernet 1/19 --镜像⼝
Console(config-if)#port monitor Ethernet 1/7 tx --被镜像⼝{tx、rx、both} Console#show port moni --查看镜像
Console(config)#interface Ethernet 1/19 --删除镜像
Console(config-if)#no port monitor Ethernet 1/7 --删除镜像
13、NetCore交换机
进⼊NetCore超级终端->主菜单中输⼊5进⼊端⼝镜像设置->输⼊1设置镜像端⼝状态
配置命令如下:
1、选择配置的选项(1.off,2.Rx,3.Tx,4.Both): 4
2、选择捕获端⼝:1
3、选择被镜像端⼝:8
注:NETGEAR 增强型智能交换机有Web设置界⾯(在Monitoring选项卡中)
14、中兴交换机
14.1 2826/2826E/2618
Zte(cfg)#set mirror add port 1,16 --添加被镜像端⼝
Zte(cfg)#set mirror monitorport 24 --设置监听端⼝
Zte(cfg)#set mirror type ingress --设置监听类型{ingress | egress | all}
Zte(cfg)#set mirror enable --开启镜像
Zte(cfg)#show mirror --查看镜像
Zte(cfg)#set mirror delete port 1,16 --删除被镜像⼝

版权声明:本站内容均来自互联网,仅供演示用,请勿用于商业和其他非法用途。如果侵犯了您的权益请与我们联系QQ:729038198,我们将在24小时内删除。