Command Line Interface Guide
Page 79
...a particular GC direction. PCM C service-policy Attaches a policy to the specified class definition a match condition based on the source layer 4 port of a packet using a single keyword notation or a numeric value notation. Command Description Mode* match ip tos Adds to the specified class ... match condition based on the source IP address of a C packet. CMC mirror Mirrors all the data that all incoming packets for the specified class. match srcip Adds to the destination port specified PCM C police-simple Establishes the traffic policing style for the associated traffic ...
...a particular GC direction. PCM C service-policy Attaches a policy to the specified class definition a match condition based on the source layer 4 port of a packet using a single keyword notation or a numeric value notation. Command Description Mode* match ip tos Adds to the specified class ... match condition based on the source IP address of a C packet. CMC mirror Mirrors all the data that all incoming packets for the specified class. match srcip Adds to the destination port specified PCM C police-simple Establishes the traffic policing style for the associated traffic ...
Command Line Interface Guide
Page 206
...command in length. • deny | permit - Syntax access-list std-list-num {deny | permit} {srcip srcmask | every} [log] [assign-queue queue-id] [redirect interface | mirror interface] access-list ext-list-num {deny | permit} {every | {[icmp | igmp | ip | tcp | udp | number] {srcip srcmask | any} [eq [portkey | ...| tos tos tosmask | dscp dscp] [log] [assign-queue queue-id] [redirect interface | mirror interface]}} no access-list list-name • list-name - Access-list name up to the Layer 4 port number being used as match criteria. Or you can specify the portkey, which can be logged. 206...
...command in length. • deny | permit - Syntax access-list std-list-num {deny | permit} {srcip srcmask | every} [log] [assign-queue queue-id] [redirect interface | mirror interface] access-list ext-list-num {deny | permit} {every | {[icmp | igmp | ip | tcp | udp | number] {srcip srcmask | any} [eq [portkey | ...| tos tos tosmask | dscp dscp] [log] [assign-queue queue-id] [redirect interface | mirror interface]}} no access-list list-name • list-name - Access-list name up to the Layer 4 port number being used as match criteria. Or you can specify the portkey, which can be logged. 206...
Command Line Interface Guide
Page 207
...-Access-List Configuration mode to the specified interface. • redirect interface - ACL Commands 207 Examples The following examples create an ACL to the specified unit/port. This parameter allows the traffic matching this rule to be forwarded to discard any userspecified rules, the packet is dropped by the implicit "deny all...
...-Access-List Configuration mode to the specified interface. • redirect interface - ACL Commands 207 Examples The following examples create an ACL to the specified unit/port. This parameter allows the traffic matching this rule to be forwarded to discard any userspecified rules, the packet is dropped by the implicit "deny all...
Command Line Interface Guide
Page 208
...mplsmcast, mplsucast, Netbios, novell, pppoe, rarp.) • 0x0600-0xFFFF - Valid MAC address bitmask for the destination MAC address in unit/port format, for example 1/g12. 208 ACL Commands Specifies particular hardware queue for handling traffic that matches the rule. • queue-id -... 0-6, where n is to the specified physical interface. • interface - Specifies that hardware platform. • mirror - Forwards traffic matching this rule is number of service. (Range 0-7) • log - Valid physical interface in format xxxx.xxxx.xxxx. •...
...mplsmcast, mplsucast, Netbios, novell, pppoe, rarp.) • 0x0600-0xFFFF - Valid MAC address bitmask for the destination MAC address in unit/port format, for example 1/g12. 208 ACL Commands Specifies particular hardware queue for handling traffic that matches the rule. • queue-id -... 0-6, where n is to the specified physical interface. • interface - Specifies that hardware platform. • mirror - Forwards traffic matching this rule is number of service. (Range 0-7) • log - Valid physical interface in format xxxx.xxxx.xxxx. •...
Command Line Interface Guide
Page 370
...match on any | destination ipv6 prefix/prefix length} [eq {portkey | portvalue}] [flow-label value] [dscp dscp]}} [log] [assign-queue queue-id] [{mirror | redirect} interface] • deny | permit - The assign-queue parameter allows specification of the following keywords: domain, echo, efts, ftpdata, http, smtp,... IPv6 prefix length value. • eq - The first reference is source match criteria, the second is appended to the Layer 4 port number being used parameters appear in that matches this rule. A rule may be one of a particular hardware queue for the list. ...
...match on any | destination ipv6 prefix/prefix length} [eq {portkey | portvalue}] [flow-label value] [dscp dscp]}} [log] [assign-queue queue-id] [{mirror | redirect} interface] • deny | permit - The assign-queue parameter allows specification of the following keywords: domain, echo, efts, ftpdata, http, smtp,... IPv6 prefix length value. • eq - The first reference is source match criteria, the second is appended to the Layer 4 port number being used parameters appear in that matches this rule. A rule may be one of a particular hardware queue for the list. ...
Command Line Interface Guide
Page 371
Specifies the TOS for handling traffic that matches the rule. (Range: 0-6) • mirror interface - Specifies that network: console(config)#ipv6 access-list STOP_HTTP IPv6 Access List Commands 371 Specifies particular hardware queue for an IPv6... be deleted individually. Allows the traffic matching this command is to be forwarded to the specified interface. The source layer 4 port match condition for the ACL rule is dropped by the port value parameter. (Range: 0-65535). • destination ipv6 prefix - The 'no default configuration. Rather, the entire IPv6 ...
Specifies the TOS for handling traffic that matches the rule. (Range: 0-6) • mirror interface - Specifies that network: console(config)#ipv6 access-list STOP_HTTP IPv6 Access List Commands 371 Specifies particular hardware queue for an IPv6... be deleted individually. Allows the traffic matching this command is to be forwarded to the specified interface. The source layer 4 port match condition for the ACL rule is dropped by the port value parameter. (Range: 0-65535). • destination ipv6 prefix - The 'no default configuration. Rather, the entire IPv6 ...
Command Line Interface Guide
Page 377
Log Displays when you enable logging for this rule are forwarded. Mirror Interface Displays the interface to which packets matching this rule. Destination L4 Port Keyword This field displays the destination port for the rule. IPv6 Access List Commands 377 Redirect Interface Displays the interface to which packets matching this rule are assigned. Flow...
Log Displays when you enable logging for this rule are forwarded. Mirror Interface Displays the interface to which packets matching this rule. Destination L4 Port Keyword This field displays the destination port for the rule. IPv6 Access List Commands 377 Redirect Interface Displays the interface to which packets matching this rule are assigned. Flow...
Command Line Interface Guide
Page 445
...(config)#monitor session 1 destination interface 1/g10 console(config)#monitor session 1 mode show monitor session Use the show monitor session 1 Session ID Admin Mode Probe Port Mirrored Port Type Port Monitor Commands 445 Syntax show monitor session session-id • session id - Default Configuration This command has no user guidelines. Example The following examples shows...
...(config)#monitor session 1 destination interface 1/g10 console(config)#monitor session 1 mode show monitor session Use the show monitor session 1 Session ID Admin Mode Probe Port Mirrored Port Type Port Monitor Commands 445 Syntax show monitor session session-id • session id - Default Configuration This command has no user guidelines. Example The following examples shows...
Command Line Interface Guide
Page 448
...8226; match protocol • match source-address mac • match srcip • match srcip6 • match srcl4port • match vlan • mirror • police-simple • policy-map • redirect • service-policy • show class-map • show classofservice dot1p-mapping •...dscp-mapping • show classofservice trust • show diffserv • show diffserv service interface ethernet in • show diffserv service interface port-channel in • show diffserv service brief • show interfaces cos-queue • show policy-map • show policy-map ...
...8226; match protocol • match source-address mac • match srcip • match srcip6 • match srcl4port • match vlan • mirror • police-simple • policy-map • redirect • service-policy • show class-map • show classofservice dot1p-mapping •...dscp-mapping • show classofservice trust • show diffserv • show diffserv service interface ethernet in • show diffserv service interface port-channel in • show diffserv service brief • show interfaces cos-queue • show policy-map • show policy-map ...
Command Line Interface Guide
Page 475
... the monitor command. Default Configuration This command has no default configuration. Specifies the Ethernet port to which data needs to the destination port specified. Syntax mirror interface • interface - QoS Commands 475 Example The following example displays adding a match condition for the ...VLAN ID "2." Command Mode Policy-Class-Map Configuration mode User Guidelines The port identified in Policy-Class-Map Configuration mode to mirror all the data that matches the class defined to be copied. Default Configuration This command has no ...
... the monitor command. Default Configuration This command has no default configuration. Specifies the Ethernet port to which data needs to the destination port specified. Syntax mirror interface • interface - QoS Commands 475 Example The following example displays adding a match condition for the ...VLAN ID "2." Command Mode Policy-Class-Map Configuration mode User Guidelines The port identified in Policy-Class-Map Configuration mode to mirror all the data that matches the class defined to be copied. Default Configuration This command has no ...
User's Guide
Page 10
...Storm Control 327 Configuring Traffic Mirroring 330 Port Mirroring 330 Flow Based Mirroring 332 Configuring Address Tables 334 Static Address Table 334 Dynamic Address Table 336 Configuring GARP 339 GARP Timers 339 Configuring the Spanning Tree Protocol 342 STP Global Settings 342 STP Port Settings 346 STP LAG Settings...348 Rapid Spanning Tree 351 MSTP Settings 352 MSTP Interface Settings 355 Configuring VLANs 358 VLAN Membership 358 Double VLAN 362 VLAN Port Settings 366 VLAN LAG Settings 368 Bind MAC to VLAN 370 Bind IP Subnet to VLAN 373 Protocol Group 375 GVRP ...
...Storm Control 327 Configuring Traffic Mirroring 330 Port Mirroring 330 Flow Based Mirroring 332 Configuring Address Tables 334 Static Address Table 334 Dynamic Address Table 336 Configuring GARP 339 GARP Timers 339 Configuring the Spanning Tree Protocol 342 STP Global Settings 342 STP Port Settings 346 STP LAG Settings...348 Rapid Spanning Tree 351 MSTP Settings 352 MSTP Interface Settings 355 Configuring VLANs 358 VLAN Membership 358 Double VLAN 362 VLAN Port Settings 366 VLAN LAG Settings 368 Bind MAC to VLAN 370 Bind IP Subnet to VLAN 373 Protocol Group 375 GVRP ...
User's Guide
Page 24
...request the multicast traffic. Port Mirroring Port mirroring monitors and mirrors network traffic by the switch. 24 Introduction This prevents the switch from broadcasting the traffic to all ports. Host groups are flooded to all ports on the switch. Based on all ports and possibly affecting network performance..., unknown unicast, and multicast frames are identified by class D IP addresses, which range from up to four source ports to a monitoring port. The flooding occupies bandwidth, and loads all nodes connected on the IGMP query and report messages, the switch forwards ...
...request the multicast traffic. Port Mirroring Port mirroring monitors and mirrors network traffic by the switch. 24 Introduction This prevents the switch from broadcasting the traffic to all ports. Host groups are flooded to all ports on the switch. Based on all ports and possibly affecting network performance..., unknown unicast, and multicast frames are identified by class D IP addresses, which range from up to four source ports to a monitoring port. The flooding occupies bandwidth, and loads all nodes connected on the IGMP query and report messages, the switch forwards ...
User's Guide
Page 317
... view. To display the Global Parameters page, click Switching →Ports →Global Parameters in the stack. Select enabled or disabled from one switch to auto negotiate may not be added as storm control and port mirroring, and for a specified period of line blocking prevention. Disable -... Enable - The default value is incompatible with head of operation. To display the page, click Switching →Ports in either mode, but not at the same...
... view. To display the Global Parameters page, click Switching →Ports →Global Parameters in the stack. Select enabled or disabled from one switch to auto negotiate may not be added as storm control and port mirroring, and for a specified period of line blocking prevention. Disable -... Enable - The default value is incompatible with head of operation. To display the page, click Switching →Ports in either mode, but not at the same...
User's Guide
Page 330
... the following features: • Port Mirroring • Flow Based Mirroring Port Mirroring Port mirroring selects the network traffic for specific ports of packets on a port that are transmitted on a port, or are both received and transmitted, can be mirrored to define port mirroring sessions and configure flow-based mirroring. You have the ability to configure how traffic is mirrored on the source port. Figure 7-29. Use...
... the following features: • Port Mirroring • Flow Based Mirroring Port Mirroring Port mirroring selects the network traffic for specific ports of packets on a port that are transmitted on a port, or are both received and transmitted, can be mirrored to define port mirroring sessions and configure flow-based mirroring. You have the ability to configure how traffic is mirrored on the source port. Figure 7-29. Use...
User's Guide
Page 331
... only. Monitors received packets only. Source Port -Select the unit and port from which port traffic may be copied. • Reset Session - Select the port to a destination port. Type - RX - The new port mirroring session is enabled for the unit and port, and the device is mirrored. Adding a Port Mirroring Session NOTE: A Port will be mirrored to which traffic is updated. TX and...
... only. Monitors received packets only. Source Port -Select the unit and port from which port traffic may be copied. • Reset Session - Select the port to a destination port. Type - RX - The new port mirroring session is enabled for the unit and port, and the device is mirrored. Adding a Port Mirroring Session NOTE: A Port will be mirrored to which traffic is updated. TX and...
User's Guide
Page 332
... policies to define the action to specify flow-based mirroring ports. You can mirror a subset of port monitoring. Use the Flow Based Mirroring page to be taken on a port, the switch can configure the switch to a single destination port. Modifying a Port Mirroring Session 1. Open the Port Mirroring page. 2. Click Apply Changes. The port mirroring session is removed, and the device is updated. Configuring...
... policies to define the action to specify flow-based mirroring ports. You can mirror a subset of port monitoring. Use the Flow Based Mirroring page to be taken on a port, the switch can configure the switch to a single destination port. Modifying a Port Mirroring Session 1. Open the Port Mirroring page. 2. Click Apply Changes. The port mirroring session is removed, and the device is updated. Configuring...
Configuration Guide
Page 4
...-MED 38 IGMP Snooping 40 CLI Examples 40 IGMP Snooping Querier 43 CLI Examples 43 Link Aggregation/Port Channels 45 CLI Example 46 Web Interface Configuration: LAGs/Port-channels 48 Port Mirroring 49 Overview 49 CLI Examples 49 Port Security 50 Overview 50 Operation 50 CLI Examples 51 Link Layer Discovery Protocol 52 CLI Examples...
...-MED 38 IGMP Snooping 40 CLI Examples 40 IGMP Snooping Querier 43 CLI Examples 43 Link Aggregation/Port Channels 45 CLI Example 46 Web Interface Configuration: LAGs/Port-channels 48 Port Mirroring 49 Overview 49 CLI Examples 49 Port Security 50 Overview 50 Operation 50 CLI Examples 51 Link Layer Discovery Protocol 52 CLI Examples...
Configuration Guide
Page 29
...Two features let you define packet filters that connect them. The only physical requirement is that the end station, and the port to which case the first switch port to receive the packet may handle traffic for more than one default VLAN ID. An end station may omit the tag, ... on page 37 • "IGMP Snooping" on page 40 • "IGMP Snooping Querier" on page 43 • "Link Aggregation/Port Channels" on page 45 • "Port Mirroring" on page 49 • "Port Security" on page 50 • "Link Layer Discovery Protocol" on page 52 • "Denial of Service Attack Protection" on page ...
...Two features let you define packet filters that connect them. The only physical requirement is that the end station, and the port to which case the first switch port to receive the packet may handle traffic for more than one default VLAN ID. An end station may omit the tag, ... on page 37 • "IGMP Snooping" on page 40 • "IGMP Snooping Querier" on page 43 • "Link Aggregation/Port Channels" on page 45 • "Port Mirroring" on page 49 • "Port Security" on page 50 • "Link Layer Discovery Protocol" on page 52 • "Denial of Service Attack Protection" on page ...
Configuration Guide
Page 49
... console#show monitor session 1 Session ID ---------1 Admin Mode ---------Enable Probe Port ---------1/g10 Mirrored Port 1/g7 Type ----Rx,Tx Switching Configuration 49 Port Mirroring This section describes the Port Mirroring feature, which can serve as a destination port. Packets received on the source port, transmitted on a source port. Example #1: Set up a Port Mirroring Session The following are examples of fending off attacks. rx tx...
... console#show monitor session 1 Session ID ---------1 Admin Mode ---------Enable Probe Port ---------1/g10 Mirrored Port 1/g7 Type ----Rx,Tx Switching Configuration 49 Port Mirroring This section describes the Port Mirroring feature, which can serve as a destination port. Packets received on the source port, transmitted on a source port. Example #1: Set up a Port Mirroring Session The following are examples of fending off attacks. rx tx...
Configuration Guide
Page 112
...PowerConnect 6200 Series switch supports a limited number of the permitted traffic is delivered to the mirror interface while the packet itself is forwarded normally through the device. Using ACLs to mirror traffic is called flow-based mirroring since the traffic flow is defined by the ACL is denied access. This is in contrast to port mirroring... ACLs is 100, and the maximum number of rules that matches a permit rule to a specific physical port or LAG. You can define an ACL with mirror and redirect attributes. • ACL Logging provides a means for a given ACL rule, but the number...
...PowerConnect 6200 Series switch supports a limited number of the permitted traffic is delivered to the mirror interface while the packet itself is forwarded normally through the device. Using ACLs to mirror traffic is called flow-based mirroring since the traffic flow is defined by the ACL is denied access. This is in contrast to port mirroring... ACLs is 100, and the maximum number of rules that matches a permit rule to a specific physical port or LAG. You can define an ACL with mirror and redirect attributes. • ACL Logging provides a means for a given ACL rule, but the number...