Command Line Interface Guide
Page 79
... field in a packet using a single keyword, a numeric notation, or a numeric range notation. and IC Command Groups 79 CMC mirror Mirrors all the data that all incoming packets for the specified class. PCM C service-policy Attaches a policy to the specified class definition ... packet. PCM C policy-map Establishes a new DiffServ policy GC redirect Specifies that matches the class defined to the destination port specified PCM C police-simple Establishes the traffic policing style for the associated traffic stream are redirected to the specified class definition...
... field in a packet using a single keyword, a numeric notation, or a numeric range notation. and IC Command Groups 79 CMC mirror Mirrors all the data that all incoming packets for the specified class. PCM C service-policy Attaches a policy to the specified class definition ... packet. PCM C policy-map Establishes a new DiffServ policy GC redirect Specifies that matches the class defined to the destination port specified PCM C police-simple Establishes the traffic policing style for the associated traffic stream are redirected to the specified class definition...
Command Line Interface Guide
Page 206
... {dstip dstmask | any} [eq [portkey | portvalue]] [precedence precedence | tos tos tosmask | dscp dscp] [log] [assign-queue queue-id] [redirect interface | mirror interface]}} no access-list list-name • list-name - Equal. Protocol keywords icmp,igmp,ip,tcp,udp. • srcip - Source IP mask. • dstip ...can specify the portkey, which can be logged. 206 ACL Commands The first reference is source match criteria, the second is identified by the port value parameter (Range: 0-65535). • portkey - Source IP address. • srcmask - Refers to be one of the following ...
... {dstip dstmask | any} [eq [portkey | portvalue]] [precedence precedence | tos tos tosmask | dscp dscp] [log] [assign-queue queue-id] [redirect interface | mirror interface]}} no access-list list-name • list-name - Equal. Protocol keywords icmp,igmp,ip,tcp,udp. • srcip - Source IP mask. • dstip ...can specify the portkey, which can be logged. 206 ACL Commands The first reference is source match criteria, the second is identified by the port value parameter (Range: 0-65535). • portkey - Source IP address. • srcmask - Refers to be one of the following ...
Command Line Interface Guide
Page 207
...; redirect interface - • assign-queue queue-id - Allows the traffic matching this rule to be copied to the specified unit/port. Default Configuration This command has no default configuration. Command Mode Global Configuration mode User Guidelines Users are matched. Specifies the particular hardware ...queue for handling traffic that matches the rule. (Range: 0-6) • mirror interface - Examples The following examples create an ACL to discard any HTTP traffic from 192.168.77.171, but allow all other ...
...; redirect interface - • assign-queue queue-id - Allows the traffic matching this rule to be copied to the specified unit/port. Default Configuration This command has no default configuration. Command Mode Global Configuration mode User Guidelines Users are matched. Specifies the particular hardware ...queue for handling traffic that matches the rule. (Range: 0-6) • mirror interface - Examples The following examples create an ACL to discard any HTTP traffic from 192.168.77.171, but allow all other ...
Command Line Interface Guide
Page 208
... cos - Forwards traffic matching this rule is number of service. (Range 0-7) • log - Valid destination MAC address in unit/port format, for the destination MAC address in format xxxx.xxxx.xxxx. • srcmacmask - Bridge protocol data unit • ethertypekey - ...| 0x0600-0xFFFF }] [ vlan eq 0-4095 ] [cos 0-7] [secondary-vlan eq 0-4095 ] [secondary-cos 0-7] [log] [ assign-queue queue-id ] [{mirror |redirect} interface ] • srcmac - Valid physical interface in format xxxx.xxxx.xxxx. • destmacmask - Copies the traffic matching this rule to the specified physical...
... cos - Forwards traffic matching this rule is number of service. (Range 0-7) • log - Valid destination MAC address in unit/port format, for the destination MAC address in format xxxx.xxxx.xxxx. • srcmacmask - Bridge protocol data unit • ethertypekey - ...| 0x0600-0xFFFF }] [ vlan eq 0-4095 ] [cos 0-7] [secondary-vlan eq 0-4095 ] [secondary-cos 0-7] [log] [ assign-queue queue-id ] [{mirror |redirect} interface ] • srcmac - Valid physical interface in format xxxx.xxxx.xxxx. • destmacmask - Copies the traffic matching this rule to the specified physical...
Command Line Interface Guide
Page 370
... any | destination ipv6 prefix/prefix length} [eq {portkey | portvalue}] [flow-label value] [dscp dscp]}} [log] [assign-queue queue-id] [{mirror | redirect} interface] • deny | permit - Each rule is appended to the specified classification fields. The assign-queue parameter is destination match criteria...{deny | permit} This command creates a new rule for a permit rule. A rule may be specified using the keyword 'any' to the Layer 4 port number being used parameters appear in the command format. Syntax {permit | deny} {every | {{icmp | igmp | ipv6 | tcp | udp | number}...
... any | destination ipv6 prefix/prefix length} [eq {portkey | portvalue}] [flow-label value] [dscp dscp]}} [log] [assign-queue queue-id] [{mirror | redirect} interface] • deny | permit - Each rule is appended to the specified classification fields. The assign-queue parameter is destination match criteria...{deny | permit} This command creates a new rule for a permit rule. A rule may be specified using the keyword 'any' to the Layer 4 port number being used parameters appear in the command format. Syntax {permit | deny} {every | {{icmp | igmp | ipv6 | tcp | udp | number}...
Command Line Interface Guide
Page 371
... is specified by the implicit "deny all other traffic from that matches the rule. (Range: 0-6) • mirror interface - Allows the traffic matching this rule to be deleted and re specified. The source layer 4 port match condition for the ACL rule is dropped by the port value parameter. (Range: 0-65535). • destination ipv6 prefix -
... is specified by the implicit "deny all other traffic from that matches the rule. (Range: 0-6) • mirror interface - Allows the traffic matching this rule to be deleted and re specified. The source layer 4 port match condition for the ACL rule is dropped by the port value parameter. (Range: 0-65535). • destination ipv6 prefix -
Command Line Interface Guide
Page 377
IPv6 Access List Commands 377 Destination L4 Port Keyword This field displays the destination port for IP DSCP. IP DSCP This field indicates the value specified for this rule are forwarded. Mirror Interface Displays the interface to which packets matching this rule. Redirect Interface Displays the interface to which packets matching this rule are...
IPv6 Access List Commands 377 Destination L4 Port Keyword This field displays the destination port for IP DSCP. IP DSCP This field indicates the value specified for this rule are forwarded. Mirror Interface Displays the interface to which packets matching this rule. Redirect Interface Displays the interface to which packets matching this rule are...
Command Line Interface Guide
Page 445
...session 1 mode show monitor session Use the show monitor session 1 Session ID Admin Mode Probe Port Mirrored Port Type Port Monitor Commands 445 Session identification number. Example The following examples shows various port monitoring configurations. Default Configuration This command has no user guidelines. Command Mode Privileged EXEC mode User... command has no default configuration. console#show monitor session command in Privileged EXEC mode to display status of port monitoring. Syntax show monitor session session-id • session id - Example The following examples shows...
...session 1 mode show monitor session Use the show monitor session 1 Session ID Admin Mode Probe Port Mirrored Port Type Port Monitor Commands 445 Session identification number. Example The following examples shows various port monitoring configurations. Default Configuration This command has no user guidelines. Command Mode Privileged EXEC mode User... command has no default configuration. console#show monitor session command in Privileged EXEC mode to display status of port monitoring. Syntax show monitor session session-id • session id - Example The following examples shows...
Command Line Interface Guide
Page 448
...8226; match protocol • match source-address mac • match srcip • match srcip6 • match srcl4port • match vlan • mirror • police-simple • policy-map • redirect • service-policy • show class-map • show classofservice dot1p-mapping •...dscp-mapping • show classofservice trust • show diffserv • show diffserv service interface ethernet in • show diffserv service interface port-channel in • show diffserv service brief • show interfaces cos-queue • show policy-map • show policy-map ...
...8226; match protocol • match source-address mac • match srcip • match srcip6 • match srcl4port • match vlan • mirror • police-simple • policy-map • redirect • service-policy • show class-map • show classofservice dot1p-mapping •...dscp-mapping • show classofservice trust • show diffserv • show diffserv service interface ethernet in • show diffserv service interface port-channel in • show diffserv service brief • show interfaces cos-queue • show policy-map • show policy-map ...
Command Line Interface Guide
Page 475
... • interface - Command Mode Policy-Class-Map Configuration mode User Guidelines The port identified in Policy-Class-Map Configuration mode to mirror all the data that matches the class defined to the destination port of the monitor command. Example The following example displays adding a match condition for the VLAN ID "2." Default Configuration This...
... • interface - Command Mode Policy-Class-Map Configuration mode User Guidelines The port identified in Policy-Class-Map Configuration mode to mirror all the data that matches the class defined to the destination port of the monitor command. Example The following example displays adding a match condition for the VLAN ID "2." Default Configuration This...
User's Guide
Page 10
...Storm Control 327 Configuring Traffic Mirroring 330 Port Mirroring 330 Flow Based Mirroring 332 Configuring Address Tables 334 Static Address Table 334 Dynamic Address Table 336 Configuring GARP 339 GARP Timers 339 Configuring the Spanning Tree Protocol 342 STP Global Settings 342 STP Port Settings 346 STP LAG Settings...348 Rapid Spanning Tree 351 MSTP Settings 352 MSTP Interface Settings 355 Configuring VLANs 358 VLAN Membership 358 Double VLAN 362 VLAN Port Settings 366 VLAN LAG Settings 368 Bind MAC to VLAN 370 Bind IP Subnet to VLAN 373 Protocol Group 375 GVRP ...
...Storm Control 327 Configuring Traffic Mirroring 330 Port Mirroring 330 Flow Based Mirroring 332 Configuring Address Tables 334 Static Address Table 334 Dynamic Address Table 336 Configuring GARP 339 GARP Timers 339 Configuring the Spanning Tree Protocol 342 STP Global Settings 342 STP Port Settings 346 STP LAG Settings...348 Rapid Spanning Tree 351 MSTP Settings 352 MSTP Interface Settings 355 Configuring VLANs 358 VLAN Membership 358 Double VLAN 362 VLAN Port Settings 366 VLAN LAG Settings 368 Bind MAC to VLAN 370 Bind IP Subnet to VLAN 373 Protocol Group 375 GVRP ...
User's Guide
Page 24
The flooding occupies bandwidth, and loads all nodes connected on all ports on the relevant virtual local area network (VLAN). Port Mirroring Port mirroring monitors and mirrors network traffic by class D IP addresses, which range from 224.0.0.0 to 239.255.255.255. Based on the switch. ... and multicast frames accepted and forwarded by the switch. 24 Introduction Host groups are flooded to all ports. This prevents the switch from up to four source ports to a monitoring port. Storm control limits the amount of incoming and outgoing packets from broadcasting the traffic to all...
The flooding occupies bandwidth, and loads all nodes connected on all ports on the relevant virtual local area network (VLAN). Port Mirroring Port mirroring monitors and mirrors network traffic by class D IP addresses, which range from 224.0.0.0 to 239.255.255.255. Based on the switch. ... and multicast frames accepted and forwarded by the switch. 24 Introduction Host groups are flooded to all ports. This prevents the switch from up to four source ports to a monitoring port. Storm control limits the amount of incoming and outgoing packets from broadcasting the traffic to all...
User's Guide
Page 317
...-duplex mode of line blocking prevention mode. Restores the switch operation to auto. Figure 7-19. Configuring Ports The Ports menu page provides links for configuring port functionality, including advanced features such as storm control and port mirroring, and for ports configured as LAG members, LAG member ports cannot have flow control configured to head of the switch. -
...-duplex mode of line blocking prevention mode. Restores the switch operation to auto. Figure 7-19. Configuring Ports The Ports menu page provides links for configuring port functionality, including advanced features such as storm control and port mirroring, and for ports configured as LAG members, LAG member ports cannot have flow control configured to head of the switch. -
User's Guide
Page 330
... to define port mirroring sessions and configure flow-based mirroring. The packet that is copied to the mirroring port. To display the Port Mirroring page, click Switching →Traffic Mirroring →Port Mirroring in the tree view. The mirroring can be port-based or flow-based. As such, many switch ports are both received and transmitted, can be mirrored to the destination port. Port Mirroring 330 Configuring...
... to define port mirroring sessions and configure flow-based mirroring. The packet that is copied to the mirroring port. To display the Port Mirroring page, click Switching →Traffic Mirroring →Port Mirroring in the tree view. The mirroring can be port-based or flow-based. As such, many switch ports are both received and transmitted, can be mirrored to the destination port. Port Mirroring 330 Configuring...
User's Guide
Page 331
... Port Mirroring page. 2. Click Add to reset the port monitoring session. • Source Port - The source port appears in the Source Port table on the source port. Allows you to display the Add Source Port page. Adding a Port Mirroring Session NOTE: A Port will be removed from the Add Source Port page. • Type - Add Source Port 3. Source Port -Select the unit and port from which port...
... Port Mirroring page. 2. Click Add to reset the port monitoring session. • Source Port - The source port appears in the Source Port table on the source port. Allows you to display the Add Source Port page. Adding a Port Mirroring Session NOTE: A Port will be removed from the Add Source Port page. • Type - Add Source Port 3. Source Port -Select the unit and port from which port...
User's Guide
Page 332
... 2, Layer 3, and Layer 4 information. Modify the fields. 3. Click Apply Changes. This provides flexibility-instead of that traffic. Modifying a Port Mirroring Session 1. Removing a Port Mirroring Session 1. The port mirroring session is removed, and the device is updated. The port mirroring session fields are modified, and the device is updated. Table 7-16. In QoS, the user creates traffic classes to...
... 2, Layer 3, and Layer 4 information. Modify the fields. 3. Click Apply Changes. This provides flexibility-instead of that traffic. Modifying a Port Mirroring Session 1. Removing a Port Mirroring Session 1. The port mirroring session is removed, and the device is updated. The port mirroring session fields are modified, and the device is updated. Table 7-16. In QoS, the user creates traffic classes to...
Configuration Guide
Page 4
...-MED 38 IGMP Snooping 40 CLI Examples 40 IGMP Snooping Querier 43 CLI Examples 43 Link Aggregation/Port Channels 45 CLI Example 46 Web Interface Configuration: LAGs/Port-channels 48 Port Mirroring 49 Overview 49 CLI Examples 49 Port Security 50 Overview 50 Operation 50 CLI Examples 51 Link Layer Discovery Protocol 52 CLI Examples...
...-MED 38 IGMP Snooping 40 CLI Examples 40 IGMP Snooping Querier 43 CLI Examples 43 Link Aggregation/Port Channels 45 CLI Example 46 Web Interface Configuration: LAGs/Port-channels 48 Port Mirroring 49 Overview 49 CLI Examples 49 Port Security 50 Overview 50 Operation 50 CLI Examples 51 Link Layer Discovery Protocol 52 CLI Examples...
Configuration Guide
Page 29
...to determine if a particular packet belongs to the same VLAN. The only physical requirement is connected, both bridging and routing. A given port may either reject it partitions the network into logical segments, which it can have many reasons for the logical division, for the following ...37 • "IGMP Snooping" on page 40 • "IGMP Snooping Querier" on page 43 • "Link Aggregation/Port Channels" on page 45 • "Port Mirroring" on page 49 • "Port Security" on page 50 • "Link Layer Discovery Protocol" on page 52 • "Denial of Service Attack Protection" ...
...to determine if a particular packet belongs to the same VLAN. The only physical requirement is connected, both bridging and routing. A given port may either reject it partitions the network into logical segments, which it can have many reasons for the logical division, for the following ...37 • "IGMP Snooping" on page 40 • "IGMP Snooping Querier" on page 43 • "Link Aggregation/Port Channels" on page 45 • "Port Mirroring" on page 49 • "Port Security" on page 50 • "Link Layer Discovery Protocol" on page 52 • "Denial of Service Attack Protection" ...
Configuration Guide
Page 49
...port mirroring and specifies a source and destination ports. Port Mirroring This section describes the Port Mirroring feature, which can serve as a destination port. You can configure many switch ports as source ports and one switch port as a diagnostic tool, debugging tool, or means of the commands used in the Port Mirroring...interface 1/g10 console(config)#exit Example #2: Show the Port Mirroring Session console#show monitor session 1 Session ID ---------1 Admin Mode ---------Enable Probe Port ---------1/g10 Mirrored Port 1/g7 Type ----Rx,Tx Switching Configuration 49 rx ...
...port mirroring and specifies a source and destination ports. Port Mirroring This section describes the Port Mirroring feature, which can serve as a destination port. You can configure many switch ports as source ports and one switch port as a diagnostic tool, debugging tool, or means of the commands used in the Port Mirroring...interface 1/g10 console(config)#exit Example #2: Show the Port Mirroring Session console#show monitor session 1 Session ID ---------1 Admin Mode ---------Enable Probe Port ---------1/g10 Mirrored Port 1/g7 Type ----Rx,Tx Switching Configuration 49 rx ...
Configuration Guide
Page 112
... the maximum number of rules per ACL is 127. • You can define an ACL with mirror and redirect attributes. • ACL Logging provides a means for a given port, all traffic encountered on a specific interface is denied access. Furthermore, hardware counters that become available after...the number of rules that in contrast to port mirroring, where all traffic not specifically permitted by the ACL classification rules. You cannot configure a given ACL rule with any number of logging rules, but not both. • The PowerConnect 6200 Series switch supports a limited number of ...
... the maximum number of rules per ACL is 127. • You can define an ACL with mirror and redirect attributes. • ACL Logging provides a means for a given port, all traffic encountered on a specific interface is denied access. Furthermore, hardware counters that become available after...the number of rules that in contrast to port mirroring, where all traffic not specifically permitted by the ACL classification rules. You cannot configure a given ACL rule with any number of logging rules, but not both. • The PowerConnect 6200 Series switch supports a limited number of ...