Net Optics Director Create Filters, To create a filter that selects IPv4 packets by protocol

Page 32

Director

Create Filters

Filters process a traffic stream by selecting packets based on criteria in the packet header. A filter is defined using a filter add command, which also specifies the Network ports and Monitor ports the filters apply to. The filter add command specifies the following behavior:

•Traffic is aggregated from all the listed Network ports

•Then the filter parameters are applied

•Packets which match all of the specified filter parameters are copied to all of the listed Monitor ports, assuming the action=redir.

•If the action=drop, the matching packets are not copied to any Monitor port; this mechanism is used to create exclusive filters.

To send Monitor Port 1 all traffic received at Network Port 5 from IP addresses 192.168.10.0 to 192.168.10.15:

1.Enter filter add in_ports=n1.5 ip_src=192.168.10.0 ip_src_mask= 255.255.255.240 action=redir redir_ ports=m.1. A filter has been defined to select all IPv4 packets from Network Port 5 with a source IP addresses of 192.168.10.0 and the lowest four address bits masked out (ignored); packets matching the filter are copied to

Monitor Port 1.

2.Enter filter commit. The filter is activated.

Source IP =

Network Port 5 192.168.10.0 - Monitor Port 1

192.168.10.15

lter add in_ports=n1.5 ip_src=192.168.10.0 ip_src_mask=255.255.255.240 action=redir redir_ports=m.1

Figure 26: Simple IP address filter

To create a filter that selects IPv4 packets by protocol:

1.Enter filter add in_ports=n1.3 ip4_prot=3 action=redir redir_ports=m.6,m.8. A filter has been defined to select all IPv4 packets that use the TCP protocol received at Network Port 3 and copy them to Monitor Port 6 and Monitor

Port 8. (Protocols are designated by an industry-standard numbering system. See Appendix C for details.)

2.Enter filter commit. The filter is activated.

Network Port 3		Protocol =
Network Port 3		TCP
		TCP

Monitor Port 6

Monitor Port 8

lter add in_ports=n1.3 ip4_prot=3 action=redir redir_ports=m.6,m.8

Figure 27: Simple IPv4 protocol filter (with regeneration)

Available filter parameters are listed in Appendix B and include:

• ip_proto

IP protocol

28

Image 32

Contents Data Monitoring Switch Trademarks and Copyrights Contents Chapter Configuring Filters Using the CLI ChapterAppendix a Appendix BChapter Introduction Key Features Ease of UseMonitor port Filtering Passive, Secure TechnologyAbout this Guide DescriptionDirector Architecture Director internal architectureUSB port Director ManagementTypical Application Network LinksMonitoring Tools 10 Gigabit in-line network connection using a network Tap In-line Monitoring of 10 Gigabit LinksPower LEDs Director Front PanelMonitor Port LEDs DNM / Network Port LEDsDirector Rear Panel XFPChapter Installing Director Plan the Installation Unpack and Inspect the Director deviceRack Mount the Director device Install Director Network ModulesInstall SFP and XFP Monitor port Modules Connect Power to Director Connect the local CLI InterfaceConnect the remote CLI Interface Baud Data bits No parity 1 stop bit No flow controlTip To connect the CLI for remote use over the Management portLog into the CLI To log into the CLITo change the login password Configure Director using the CLIChange Director Password To change the port mode Assign a New Manager IP AddressTo assign a new Manager IP address to Director Change Port ModesSave and Load Director Configurations Set the Current Date and TimeUsing the CLI Help Command To view CLI help informationUsing the CLI Command History Buffer Show name show running, factory, default, or file nameConnect Span Ports to Director To connect a Span portConnect Director With In-line Network Links To connect an in-line network linkConnect Monitoring Tools to Director Configure a Matrix Switch connection in DirectorCheck the Installation Chapter Configuring Filters Using the CLI SyntaxEnter filter commit. The switch connection is activated Copy Traffic From Any Network Port to Any Monitor PortRegenerate Traffic to Any Set of Monitor Ports Lter add inports=n1.1 action=redir redirports=m.3-m.5Create Filters To create a filter that selects IPv4 packets by protocolCreate Complex Filters Logical and filter connectionView filters UDPWork with configurable 10 Gigabit ports Configurable 10 Gigabit XFP ports used as Network portsXFP Port Protocol = Monitor Port Understand filter interactions CAMFlow diagram now looks as follows Exclusive filters N1.1 ipproto=UDP action=drop N1.1 m.1To change the Director filter configuration Understand pending and active filtersFilter running command Enter filter list to view the pending filter list Filter capacity Inports=n1.1-n1.7 Ipproto=6 Vlan=100 Redirports=m.1-m.5,m.10Daisy-chaining Multiple Director Chassis Appendix a Director Specifications Specifications, chassisSpecifications, DNM EnvironmentalCertifications Available ModelsAppendix B Command Line Interface Command Sub-Command Arguments Example and description CommitFilter discard Image Quit User add name=bob pw=bob-pw priv=3 Filter parameters Director Filter Parameters Qual Value Example Description Vlan=128Appendix C Protocol Numbers Num Keyword ProtocolMobile L2TP Limitations on Warranty and Liability By Net Optics, Inc. All Rights Reserved