Port Mirror

• In some scenes , We need to monitor the inbound or outbound messages of the specific port of the switch .

summary

Application of image ：

• Flow observation

• Fault location

Classification of images ：

• Port based mirroring
  Port mirroring will be Monitor the data on the port Copy to the specified monitoring port , Analyze and monitor data .

• Stream based mirroring
  Stream mirroring is to Business flow matching access control list rules Copy to the specified monitoring port , Used for message analysis and monitoring .

Port based mirroring

• Port mirroring means that the switch copies a message flowing through the mirrored port （ You can specify inbound or outbound ）, And send this message to the designated observation port for analysis and monitoring . Port mirroring , All messages flowing through the image port will be copied to the observation port .
• Ethernet switches support many to one mirroring , Copy messages from multiple ports to one monitoring port .

• Port mirroring is divided into local port mirror and remote port image

Local port mirroring and remote port mirroring

Local port mirroring ：

​ In the local port image , The monitoring host is directly connected to the observation port .

Remote port mirroring ：

​ Remote port image , The monitoring host and the device where the observation port is located are connected through a two-layer network or a three-layer network .

• Layer 2 Port mirroring （RSPAN：Remote Switched Port Analyzer）： If it is interconnected through a two-layer network ,S9300 Encapsulate the message of the image port VLAN, Then, the message is remotely mirrored through the observation port VLAN Broadcast in . After the remote device receives the message , Compare the message VLAN ID, If the same , Then forward the message to the remote observation port .

• Layer 3 port mirroring （ERSPAN：Encapsulated Remote SPAN）： If it is interconnected through a three-layer network ,S9300 Use GRE Packet header encapsulation and de encapsulation of image message , So that the image message can penetrate the three-layer network , So as to realize the port mirroring when the device where the image port is located and the device where the observation port is located are connected through the three-layer network .

Stream based mirroring

• Stream mirroring is to copy the specific data on the stream mirroring port to the specified observation port or CPU Analysis and monitoring . A stream mirroring port is an interface that applies a stream policy that includes the stream mirroring behavior , Messages flowing through the stream image port , If the flow classification in the flow policy on this interface is matched , Will be copied and transferred to the observation port or CPU.

• There are two types of stream mirroring , That is, the stream is mirrored to the interface and the stream is mirrored to CPU：

  • Stream mirrored to Interface , It is to copy a message that meets the requirements on the interface configured with stream image , Then it is sent to the observation port for analysis and diagnosis .

  • Stream mirrored to CPU, It is to copy a message that meets the requirements on the interface configured with stream image , Then send it to CPU For analysis and diagnosis . there CPU It refers to the interface on the interface board where the stream image is configured CPU.

Configure local port mirroring

• Switch GE0/0/2 Port in 、 Export message is mirrored to GE0/0/3.

To configure ：

[SW] observe-port 1 interface gigabitethernet0/0/3  #  Configure the monitoring port as the observation port 
[SW] interfae gigabitethernet0/0/2
[SW-gigabitethernet0/0/2] port-mirroring to observe-port 1 both # Interface traffic is mirrored to the observation port 

display observe-port # View the configuration information of the observation port 
diaplay port-mirroring # View the configuration information of the mirroring function 

both Is the mirror direction , It means that bidirectional data should be copied to the observation port , Besides, there are inbound and outbound.

Link aggregation

• Link aggregation （Link Aggregation） Yes, it will — Group physical interfaces are bundled together as a way to increase bandwidth as a logical interface , It is also called multi interface load balancing group （Load Sharing Group） Or link aggregation group （Link Aggregation Group）, For relevant protocol standards, please refer to IEEE802.3ad.
• By establishing a link aggregation group between two devices , Can provide Higher communication bandwidth and Higher reliability . Link aggregation not only provides for communication between devices Redundancy protection , And there is no need to upgrade the hardware .

stay SW1 Admiral GE0/0/1 And GE0/0/2 Interface to aggregate , So as to form a logical interface Eth-trunk, SW2 Empathy . In this way ,SW1 And SW2 The link between them becomes a logical link . such , The bandwidth of the link is increased , Redundancy is also enhanced .

• Huawei's network equipment supports two types Eth-trunk Working mode ：

  • Manual load sharing mode

  • LACP Pattern

Manual load sharing

• Manual load sharing （Manual load-balance） In mode ,Eth-Trunk The establishment of the 、 The member interface is added by Manual configuration , No, LACP（link Aggregation Control Protocol） Participation in protocol messages .

• In this mode, all active links are involved in data forwarding , Average shared flow , Therefore, it is called load sharing mode .

• If an active link fails , The link aggregation group automatically shares the traffic among the remaining active links .

• When it is necessary to provide a large link bandwidth between two directly connected devices, and the device does not support LACP When the agreement , Manual load sharing mode can be used .

static state LACP

• static state LACP（Static LACP） Pattern is a kind of utilization LACP The protocol performs aggregation parameter negotiation 、 Determine the link aggregation mode of active and inactive interfaces .

• In this mode , It needs to be created manually Eth-Trunk, Hand in Eth-Trunk Member interface , from LACP Protocol negotiation determines active and inactive interfaces .

• static state LACP Patterns are also called M∶N Pattern . In this way, the dual functions of link load sharing and link redundant backup can be realized at the same time . In the link aggregation group M Links are active , These links are responsible for forwarding data and load sharing , in addition N Links are inactive as backup links , Don't forward data . When M When one of the links fails , The system will N Select the link with the highest priority from the backup links to replace the failed link , At the same time, the backup link that replaces the failed link becomes active and starts forwarding data .

static state LACP The main difference between mode and manual load sharing mode is ： static state LACP Mode has a backup link , In the manual load sharing mode, all member interfaces are in forwarding status , Share load traffic .

And static LACP Patterns also correspond to dynamic LACP Pattern . dynamic LACP Link aggregation mode , from Eth-Trunk There is no need for human intervention from the creation of the member interface to the joining of the member interface , from LACP Automatic agreement negotiation is completed . Although this method is very simple for users , But because this method is too flexible , Not easy to manage , therefore S9300 Dynamic... Is not supported on LACP Mode link aggregation .

LACP Pattern （ Add ）

LACP: be based on IEEE802.3ad The standard LACP（ Link aggregation control protocol ） It is a protocol to realize dynamic link aggregation .LACP Agreement passed LACPDU（ Link aggregation control protocol data unit ） Interact with the opposite end . Enable... For a port LACP After the agreement , The port will send through LACPDU Announce your system priority to the opposite end 、 System MAC Address 、 Port priority 、 Port number and operation Key. After receiving the information from the opposite end , Compare this information with the information saved by other ports to select the ports that can be converged , In this way, both parties can reach an agreement on whether to join or exit a dynamic aggregation group .

• System LACP priority

  System LACP Priority is a parameter configured to distinguish the priority of devices at both ends .LACP In mode , The active interfaces selected by devices at both ends must be consistent , Otherwise, the link aggregation group cannot be established . At this point, one end can have a higher priority , The other end selects the active interface according to the high priority end . System LACP The smaller the priority value, the higher the priority .

• Interface LACP priority

  Interface LACP Priority is to distinguish the same Eth-Trunk The different interfaces in are selected as the priority of the active interface , The interface with higher priority will be selected as the active interface first . Interface LACP The lower the priority value , The higher the priority .

• Between member interfaces M:N Backup

  LACP Mode link aggregation consists of LACP Determine the active and inactive links in the aggregation group , Also known as M:N Pattern , namely M Active link and N Mode of backup link . This mode provides higher link reliability , And you can M Different ways of load balancing are realized in each link .

  There are... Between the two equipment M+N Links , When forwarding traffic on an aggregated link, the traffic is transmitted at M The load is shared on the chain , Active link , Not in another N Link forwarding traffic , this N Links provide backup functions , Backup link . At this time, the actual bandwidth of the link is M The sum of links , But the maximum bandwidth that can be provided is M+N The sum of links .

  When M When one of the links fails ,LACP From N Find a high priority available link among the backup links to replace the failed link . At this time, the actual bandwidth of the link is still M The sum of links , But the maximum bandwidth available becomes M+N-1 The sum of links .

M：N Backup diagram

• This scenario is mainly used to provide users with M Bandwidth of links , At the same time, it is hoped to provide certain fault protection capability . When a link fails , The system can automatically select an available backup link with the highest priority to become an active link .

  If an available link cannot be found in the backup link , And the number of currently active links is lower than the configured lower threshold of the number of active interfaces , Then the system will close the aggregation interface .

• LACP preemption ：

  • LACP Preemption is not enabled , After an interface failure that was originally an active interface , Recovery will act as a backup interface ;
  • LACP Preemption enable , After an interface failure that was originally an active interface , The resumption will renegotiate , As an active interface .

Specific configuration

Manual load sharing mode link aggregation

Divide vlan And enter the interface

SW1 To configure 
[SW1]vlan batch 10 20
[SW1]interface GigabitEthernet 0/0/1
[SW1-GigabitEthernet0/0/1]port link-type access
[SW1-GigabitEthernet0/0/1]port default vlan 10	
[SW1]interface GigabitEthernet 0/0/2
[SW1-GigabitEthernet0/0/2]port link-type access
[SW1-GigabitEthernet0/0/2]port default vlan 20

SW2 To configure 
[SW2]vlan batch 10 20
[SW2]interface GigabitEthernet 0/0/1
[SW2-GigabitEthernet0/0/1]port link-type access
[SW2-GigabitEthernet0/0/1]port default vlan 10
[SW2]interface GigabitEthernet 0/0/2
[SW2-GigabitEthernet0/0/2]port link-type access
[SW2-GigabitEthernet0/0/2]port default vlan 20

Create interfaces Eth-trunk1, And will GE0/0/23 And 24 Ports are added to the aggregation link

SW1:
[SW1]interface Eth-Trunk 1
[SW1-Eth-Trunk1]mode manual load-balance  #  The default is manual loading 
[SW1-Eth-Trunk1]trunkport GigabitEthernet 0/0/23
[SW1-Eth-Trunk1]trunkport GigabitEthernet 0/0/24
# because Eth-trun1 The interface needs to carry more VLAN, Therefore, it needs to be configured as trunk Pattern ：
[SW1-Eth-Trunk1]PORT link-type trunk 
[SW1-Eth-Trunk1]PORT trunk allow-pass vlan 10 20
SW2：
[SW2]interface Eth-Trunk 1
[SW2-Eth-Trunk1]mode manual load-balance 
[SW2-Eth-Trunk1]trunkport GigabitEthernet 0/0/23
[SW2-Eth-Trunk1]trunkport GigabitEthernet 0/0/24
[SW2-Eth-Trunk1]port link-type trunk 
[SW2-Eth-Trunk1]port trunk allow-pass vlan 10 20

View interface information ：

In manual load sharing mode , All interfaces are up

Add ： After creating Eth-trunk After the interface , Member interface （ Physical interface ） Add to the Eth-trunk in , There are two configuration methods , These two configurations have the same effect ：

[SW1]interface Eth-Trunk 1
[SW1-Eth-Trunk1]trunkport GigabitEthernet 0/0/23
[SW1-Eth-Trunk1]trunkport GigabitEthernet 0/0/24
 perhaps 
[SW1]interface Eth-Trunk 1
[SW1-Eth-Trunk1]quit
[SW1]interface GigabitEthernet 0/0/23
[SW1-GigabitEthernet0/0/23]eth-trunk 1
[SW1]interface GigabitEthernet 0/0/24
[SW1-GigabitEthernet0/0/24]eth-trunk 1

static state LACP Mode link aggregation

• SW1、SW2 Of GE0/0/22、23 And 24 Mouth to mouth , Bound into Eth-Trunk, Use static LACP Pattern , also 2 Links are active , The other one is the backup link .SW1 by LACP Active end .

SW1 To configure ：

[SW1]interface Eth-Trunk 1
[SW1-Eth-Trunk1]mode lacp-static 
[SW1-Eth-Trunk1]max active-linknumber 2   # Maximum number of active chain paths , Default is 8
[SW1-Eth-Trunk1]trunkport GigabitEthernet 0/0/22
[SW1-Eth-Trunk1]trunkport GigabitEthernet 0/0/23
[SW1-Eth-Trunk1]trunkport GigabitEthernet 0/0/24
[SW1]lacp priority 1            # The system of the equipment LACP The priority is set to 1 
			                # System LACP The smaller the priority value, the higher the priority , Default is 32768.

SW2 To configure ：

[SW2]interface Eth-Trunk 1
[SW2-Eth-Trunk1]mode lacp-static 
[SW2-Eth-Trunk1]max active-linknumber 2
[SW2-Eth-Trunk1]trunkport GigabitEthernet 0/0/22
[SW2-Eth-Trunk1]trunkport GigabitEthernet 0/0/23
[SW2-Eth-Trunk1]trunkport GigabitEthernet 0/0/24

View interface information ：

Turn off the SW2 Of G0/0/22 Interface

[SW2]interface GigabitEthernet 0/0/22
[SW2-GigabitEthernet0/0/22]shutdown 

Backup interface to active interface