Net Optics none manual Copy Traffic From Any Network Port to Any Monitor Port

Page 30

Director

When you define a filter, you specify and action to be taken when the filter conditions are met. The action can be either drop or redir (meaning redirect). If the action is drop, then packets which meet the filter criteria are dropped, that is, they are not copied to any Monitor port. If the action is redir, then packets which meet the filter criteria are copied to all Monitor ports listed in the redir_ports=<portlist> parameter.

Copy Traffic From Any Network Port to Any Monitor Port

Director can be used like a Matrix Switch to direct traffic from any Network port to any Monitor port. To create a simple switch connection, use a filter add command without specifying any filters.

The filter add command creates pending filters (including switch settings); they are not activated until a filter commit command is executed. Any number of filter add commands may be issued prior to executing the filter commit command. Other CLI commands may be executed between the filter add commands as well.

To monitor Network Port 1 on Monitor Port 2, and Network Port 3 on Monitor Port 1:

1.Enter filter add in_ports=n1.1 action=redir redir_ports=m.2. The switch connection is pending.

2.Enter filter add in_ports=n1.3 action=redir redir_ports=m.1. The switch connection is pending.

3.Enter filter commit. The switch connection is activated.

Network Port 1 Monitor Port 2

Network Port 3 Monitor Port 1

￿lter add in_ports=n1.1 action=redir redir_ports=m.2 ￿lter add in_ports=n1.3 action=redir redir_ports=m.1

Figure 22: Matrix switch connections

Aggregate Traffic From Any Set of Network Ports to Any Monitor Port

Director can be used like a Port Aggregator or a Link Aggregator, copying traffic from multiple Network ports to any Monitor port. The filter add command is again used to do this. The only difference from using the command to connect a single Network port to a single Monitor port is that a list of Network ports is specified.

To copy aggregated traffic from Network Port 1 and Network Port 2 to Monitor Port 3:

1.Enter filter add in_ports=n1.1,n1.2 action=redir redir_ports=m.3. The aggregation connection is pending.

2.Enter filter commit. The aggregation connection activated.

Note that in this example, Network Port 1 and Network Port 2 may be Span ports, or they can be a paired in-line network link. The Network port list in the filter add command always applies to the traffic received at the port, not the traffic transmitted out the port. Therefore, if Network Port 1 and Network Port 2 are an in-line link, then Director has been configured to act as a Port Aggregator, combining the traffic from both directions on the in-line link and copying it to the Monitor port.

26

*** Confidential - DO NOT Distribute ***

Page 29 Page 31
Image 30
Page 29 Page 31
Contents Smart Filtering Appliance Trademarks and Copyrights Contents Appendix C Appendix aAppendix B Filter parametersChapter Introduction Monitor port Filtering Key FeaturesEase of Use Passive, Secure TechnologyAbout this Guide DescriptionDirector Architecture Director internal architectureUSB port Director ManagementTypical Application Network LinksMonitoring Tools IBypass Switch Method In-line Monitoring of 10 Gigabit LinksExternal Network Tap method Monitor Port LEDs Power LEDsDirector Front Panel DNM / Network Port LEDsDirector Rear Panel XFPChapter Installing Director Plan the Installation Unpack and Inspect the Director deviceInstall Director Network Modules Install SFP and XFP Monitor port ModulesRack Mount the Director device Connect Power to Director Connect the local CLI InterfaceTip Connect the remote CLI InterfaceBaud Data bits No parity 1 stop bit No flow control To connect the CLI for remote use over the Management portLog into the CLI To log into the CLIConfigure Director using the CLI Change Director User Name and PasswordTo change the user name and password To assign a new Manager IP address to Director To change the port modeAssign a New Manager IP Address Change Port ModesSave and Load Director Configurations Set the Current Date and TimeUsing the CLI Help Command To view CLI help informationUsing the CLI Command History Buffer Current config fileConnect Span Ports to Director To connect a Span portConnect Director With In-line Network Links To connect an in-line network linkConfigure a Matrix Switch connection in Director Check the InstallationConnect Monitoring Tools to Director Chapter Configuring Filters Using the CLI SyntaxEnter filter commit. The switch connection is activated Copy Traffic From Any Network Port to Any Monitor PortRegenerate Traffic to Any Set of Monitor Ports Lter add inports=n1.1 action=redir redirports=m.3-m.5Create Filters To create a filter that selects IPv4 packets by protocolCreate Complex Filters Logical and filter connectionView filters UDPWork with configurable 10 Gigabit ports Configurable 10 Gigabit XFP ports used as Network portsNetwork Port 11 XFP Port Understand filter interactions CAMFlow diagram now looks as follows Exclusive filters N1.1 ipproto=UDP action=drop N1.1 m.1To change the Director filter configuration Understand pending and active filtersEnter filter list to view the pending filter list User interactions Filter capacityDaisy-chaining Multiple Director Chassis Appendix a Director Specifications Specifications, chassisCertifications Specifications, DNMEnvironmental Available ModelsAppendix B Command Line Interface Command Sub-Command Parameters Example and descriptionFilter add ipv6=n inports=n1.1-n1.3 ip Command may includeFilter add and filter ins commands Src=10.1.1.1 action=dropFilter running Load myconfiguration-1Filter list Filter syncPasswd Save myconfiguration-1Show myconfiguration-1 PingSysip show Sysip commitSysip ipaddr=192.168.1.2 netmask=255.255.0.0 TimeUser add name=bob pw=bob-pw priv=3 This This command is only available at root level CommandUser show Is onlyFilter parameters Director Filter Parameters Qual Value Example DescriptionAppendix C Protocol Numbers Num Keyword ProtocolMobile L2TP Limitations on Warranty and Liability By Net Optics, Inc. All Rights Reserved
Top Page Image Contents