OS10 Enterprise Edition User Guide Release 10.4.0E(R3)

PDF

Enable flow-based monitoring

Flow-based monitoring conserves bandwidth by mirroring only specified traffic, rather than all traffic on an interface. It is available for L2 and L3 ingress and egress traffic. Configure traffic to be monitored using ACL filters.

  1. Create a monitor session in MONITOR-SESSION mode.
    monitor session 
                                           session-number type  
                                           {
                                              local | rspan-source}
                                           
                                        
  2. Enable flow-based monitoring for the mirroring session in MONITOR-SESSION mode.
    flow-based enable
  3. Define ACL rules that include the keywords capture session session-id in CONFIGURATION mode. The system only considers port monitoring traffic that matches rules with the keywords capture session.
    ip access-list
  4. Apply the ACL to the monitored port in INTERFACE mode.
    ip access-group access-list

Enable flow-based monitoring

OS10(config)# monitor session 1 type local
                                 OS10(conf-mon-local-1)# flow-based enable
                                 OS10(config)# ip access-list testflow
                                 OS10(conf-ipv4-acl)# seq 5 permit icmp any any capture session 1
                                 OS10(conf-ipv4-acl)# seq 10 permit ip 102.1.1.0/24 any capture session 1 
                                 count byte
                                 OS10(conf-ipv4-acl)# seq 15 deny udp any any capture session 2 
                                 count byte
                                 OS10(conf-ipv4-acl)# seq 20 deny tcp any any capture session 3 
                                 count byte
                                 OS10(conf-ipv4-acl)# exit
                                 OS10(config)# interface ethernet 1/1/1
                                 OS10(conf-if-eth1/1/1)# ip access-group testflow in
                                 OS10(conf-if-eth1/1/1)# no shutdown
                              

View access-list configuration

OS10# show ip access-lists in
                                 Ingress IP access-list testflow
                                 Active on interfaces :
                                 ethernet1/1/1
                                 seq 5 permit icmp any any capture session 1 
                                 count (0 packets)
                                 seq 10 permit ip 102.1.1.0/24 any capture session 1 
                                 count bytes (0 bytes)
                                 seq 15 deny udp any any capture session 2 
                                 count bytes (0 bytes)
                                 seq 20 deny tcp any any capture session 3 
                                 count bytes (0 bytes)
                              

View monitor sessions

OS10(conf-if-eth1/1/1)# show monitor session all
                                 S.Id  Source       Destination    Dir  SrcIP  DstIP  DSCP TTL  State  Reason
                                 ----------------------------------------------------------------------------
                                 1   ethernet1/1/1  ethernet1/1/4  both  N/A   N/A    N/A  N/A  true   Is UP
                              

Rate this content

Accurate
Useful
Easy to understand
Was this article helpful?
0/3000 characters
  Please provide ratings (1-5 stars).
  Please provide ratings (1-5 stars).
  Please provide ratings (1-5 stars).
  Please select whether the article was helpful or not.
  Comments cannot contain these special characters: <>()\