Net Optics none manual Flow diagram now looks as follows

Page 38

Director

Have we achieved our goal of sending all the TCP traffic to Monitor Port 2? Not quite. What happens when an TCP packet arrives from 192.186.10.0? It matches the filter at CAM address 1, so it is copied to Monitor Port 1. But that is all that happens; it does not go to Monitor Port 2. The flow is correctly shown in the following diagram.

Network Port 5

 

 

Source IP =

match

Monitor Port 1

192.186.10.0

 

 

 

 

 

 

 

 

no match

 

 

 

 

 

 

 

 

 

Protocol =

 

Monitor Port 2

 

 

 

TCP

 

 

 

 

 

 

CAM

Address Filter

1n1.5 ip_src=192.186.10.0 m.1

2n1.5 ip_proto=TCP m.2

￿lter add in_ports=n1.5 ip_src=192.186.10.0 action=redir redir_ports=m.1 ￿lter add in_ports=n1.5 ip_proto=6 action=redir redir_ports=m.2

Figure 36: Correct flow diagram for two interacting filters

To achieve the desired result of sending all TCP traffic to Monitor Port 2, clear the existing filters (filter discard command) and create three new filters by entering:

filter add in_ports=n1.5 ip_src=192.186.10.0 ip_proto=6 action=redir redir_ports=m.1,m.2 filter add in_ports=n1.5 ip_src=192.186.10.0 action=redir redir_ports=m.1

filter add in_ports=n1.5 ip_proto=6 action=redir redir_ports=m.2 filter commit

The flow diagram now looks as follows.

 

 

 

Source IP =

 

 

 

+

 

 

 

 

Monitor Port 1

Network Port 5

192.186.10.0

 

 

 

 

 

 

 

 

 

 

 

 

&

 

 

 

 

 

 

 

 

 

 

 

 

 

 

Protocol=

 

 

 

 

 

+

 

 

Monitor Port 2

 

 

 

TCP

 

 

 

 

 

 

 

 

 

 

 

 

 

 

no match

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

Source IP =

match

 

 

 

 

 

192.186.10.0

 

 

 

 

 

 

 

 

 

 

 

 

 

 

no match

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

Protocol =

 

 

 

 

 

 

 

 

 

 

 

 

 

TCP

 

 

 

 

 

 

 

 

 

 

CAM

Address Filter

1n1.5 ip_src=192.186.10.0 ip_proto=TCP m.1,m.2

2n1.5 ip_src=192.186.10.0

3n1.5 ip_proto=TCP m.2

￿lter add in_ports=n1.5 ip_src=192.186.10.0 ip_proto=6 action=redir redir_ports=m.1,m.2 ￿lter add in_ports=n1.5 ip_src=192.186.10.0 action=redir redir_ports=m.1

￿lter add in_ports=n1.5 ip_proto=6 action=redir redir_ports=m.2

Figure 37: Correct way to send all TCP traffic to Monitor Port 2

Now, packets that match both the IP address and protocol conditions will be copied to both Monitor ports, while packets that match only one of the conditions will be directed to the desired Monitor port.

34

*** Confidential - DO NOT Distribute ***

Page 37 Page 39
Image 38
Page 37 Page 39
Contents Smart Filtering Appliance Trademarks and Copyrights Contents Appendix C Appendix aAppendix B Filter parametersChapter Introduction Monitor port Filtering Key FeaturesEase of Use Passive, Secure TechnologyAbout this Guide DescriptionDirector Architecture Director internal architectureUSB port Director ManagementTypical Application Network LinksMonitoring Tools External Network Tap method IBypass Switch MethodIn-line Monitoring of 10 Gigabit Links Monitor Port LEDs Power LEDsDirector Front Panel DNM / Network Port LEDsDirector Rear Panel XFPChapter Installing Director Plan the Installation Unpack and Inspect the Director deviceRack Mount the Director device Install Director Network ModulesInstall SFP and XFP Monitor port Modules Connect Power to Director Connect the local CLI InterfaceTip Connect the remote CLI InterfaceBaud Data bits No parity 1 stop bit No flow control To connect the CLI for remote use over the Management portLog into the CLI To log into the CLITo change the user name and password Configure Director using the CLIChange Director User Name and Password To assign a new Manager IP address to Director To change the port modeAssign a New Manager IP Address Change Port ModesSave and Load Director Configurations Set the Current Date and TimeUsing the CLI Help Command To view CLI help informationUsing the CLI Command History Buffer Current config fileConnect Span Ports to Director To connect a Span portConnect Director With In-line Network Links To connect an in-line network linkConnect Monitoring Tools to Director Configure a Matrix Switch connection in DirectorCheck the Installation Chapter Configuring Filters Using the CLI SyntaxEnter filter commit. The switch connection is activated Copy Traffic From Any Network Port to Any Monitor PortRegenerate Traffic to Any Set of Monitor Ports Lter add inports=n1.1 action=redir redirports=m.3-m.5Create Filters To create a filter that selects IPv4 packets by protocolCreate Complex Filters Logical and filter connectionView filters UDPWork with configurable 10 Gigabit ports Configurable 10 Gigabit XFP ports used as Network portsNetwork Port 11 XFP Port Understand filter interactions CAMFlow diagram now looks as follows Exclusive filters N1.1 ipproto=UDP action=drop N1.1 m.1To change the Director filter configuration Understand pending and active filtersEnter filter list to view the pending filter list User interactions Filter capacityDaisy-chaining Multiple Director Chassis Appendix a Director Specifications Specifications, chassisCertifications Specifications, DNMEnvironmental Available ModelsAppendix B Command Line Interface Command Sub-Command Parameters Example and descriptionFilter add ipv6=n inports=n1.1-n1.3 ip Command may includeFilter add and filter ins commands Src=10.1.1.1 action=dropFilter running Load myconfiguration-1Filter list Filter syncPasswd Save myconfiguration-1Show myconfiguration-1 PingSysip show Sysip commitSysip ipaddr=192.168.1.2 netmask=255.255.0.0 TimeUser add name=bob pw=bob-pw priv=3 This This command is only available at root level CommandUser show Is onlyFilter parameters Director Filter Parameters Qual Value Example DescriptionAppendix C Protocol Numbers Num Keyword ProtocolMobile L2TP Limitations on Warranty and Liability By Net Optics, Inc. All Rights Reserved
Top Page Image Contents