Net Optics Director manual Chapter Configuring Filters Using the CLI, Syntax

Page 29

Director

Chapter 3

Configuring Filters Using the CLI

This chapter describes how to use the CLI to determine which monitoring tools are connected to which Network ports. It also explains how to create filters to limit the amount of traffic copied to Monitor ports, so the monitoring tools receive only the traffic that is of interest to them.

In this chapter, you will learn to:

•Copy traffic from any Network port to any Monitor port

•Aggregate traffic from any set of Network ports to any Monitor port

•Regenerate traffic from any aggregated set of Network ports to any set of Monitor ports

•Create filters

•Create complex filters

•View filters

•Work with configurable 10 Gigabit ports

•Understand filter interactions

For a complete listing of filter commands in the CLI, see Appendix B.

Syntax

In the CLI, Director ports are specified by alpha-numeric names as follows:

•n1.1, n1.2, n1.3 .. n1.12 – Network ports in the first DNM (the slot on the left); for in-line DNM models, port n1.1, n1.2 are an in-line link pair; so are n1.3, n1.4, and so on.

•n2.1, n2.2, n2.3 .. n2.12 – Network ports in the second DNM (the slot on the right); for in-line DNM models, port n2.1, n2.2 are an in-line link pair; so are n2.3, n2.4, and so on.

•m.1, m.2, m.3 .. m.10 – Monitor ports

•t1.1, t1.2 – Configurable 10 Gigabit ports (on the front panel)

•t2.1, t2.2 – Configurable 10 Gigabit ports (on the rear panel)

Most commands accept lists of ports. In port lists, port names are separated by commas and a dash (-) desig- nates a range. Do not include any space characters in the list (do not put a space after the comma). For example, n1.1,n1.2,n1.3,n1.4,n1.5-n1.10is a list that includes Network Ports 1 through 10 on DNM 1.

When you define a filter, you specify an action to be taken when the filter conditions are met. The action can be either drop or redir (meaning redirect). If the action is drop, then packets which meet the filter criteria are dropped, that is, they are not copied to any Monitor port. If the action is redir, then packets which meet the filter criteria are copied to all Monitor ports listed in the redir_ports=<portlist> argument.

25

Image 29

Contents Data Monitoring Switch Trademarks and Copyrights Contents Chapter Chapter Configuring Filters Using the CLIAppendix a Appendix BChapter Introduction Ease of Use Key FeaturesMonitor port Filtering Passive, Secure TechnologyDescription About this GuideDirector internal architecture Director ArchitectureDirector Management USB portNetwork Links Typical ApplicationMonitoring Tools In-line Monitoring of 10 Gigabit Links 10 Gigabit in-line network connection using a network TapDirector Front Panel Power LEDsMonitor Port LEDs DNM / Network Port LEDsXFP Director Rear PanelChapter Installing Director Unpack and Inspect the Director device Plan the InstallationRack Mount the Director device Install Director Network ModulesInstall SFP and XFP Monitor port Modules Connect the local CLI Interface Connect Power to DirectorBaud Data bits No parity 1 stop bit No flow control Connect the remote CLI InterfaceTip To connect the CLI for remote use over the Management portTo log into the CLI Log into the CLITo change the login password Configure Director using the CLIChange Director Password Assign a New Manager IP Address To change the port modeTo assign a new Manager IP address to Director Change Port ModesSet the Current Date and Time Save and Load Director ConfigurationsTo view CLI help information Using the CLI Help CommandShow name show running, factory, default, or file name Using the CLI Command History BufferTo connect a Span port Connect Span Ports to DirectorTo connect an in-line network link Connect Director With In-line Network LinksConnect Monitoring Tools to Director Configure a Matrix Switch connection in DirectorCheck the Installation Syntax Chapter Configuring Filters Using the CLICopy Traffic From Any Network Port to Any Monitor Port Enter filter commit. The switch connection is activatedLter add inports=n1.1 action=redir redirports=m.3-m.5 Regenerate Traffic to Any Set of Monitor PortsTo create a filter that selects IPv4 packets by protocol Create FiltersLogical and filter connection Create Complex FiltersUDP View filtersConfigurable 10 Gigabit XFP ports used as Network ports Work with configurable 10 Gigabit portsXFP Port Protocol = Monitor Port CAM Understand filter interactionsFlow diagram now looks as follows N1.1 ipproto=UDP action=drop N1.1 m.1 Exclusive filtersUnderstand pending and active filters To change the Director filter configurationFilter running command Enter filter list to view the pending filter list Inports=n1.1-n1.7 Ipproto=6 Vlan=100 Redirports=m.1-m.5,m.10 Filter capacityDaisy-chaining Multiple Director Chassis Specifications, chassis Appendix a Director SpecificationsEnvironmental Specifications, DNMCertifications Available ModelsAppendix B Command Line Interface Commit Command Sub-Command Arguments Example and descriptionFilter discard Image Quit User add name=bob pw=bob-pw priv=3 Filter parameters Vlan=128 Director Filter Parameters Qual Value Example DescriptionNum Keyword Protocol Appendix C Protocol NumbersMobile L2TP Limitations on Warranty and Liability By Net Optics, Inc. All Rights Reserved