Comware Based
cancel
Showing results for 
Search instead for 
Did you mean: 

SPAN/Session Port?

L1nklight
Valued Contributor

SPAN/Session Port?

I am trying to configure a Websense appliance and I need a SPAN port.  What is the H3C equivalent?

4 REPLIES
Jeff Carrell
Honored Contributor

Re: SPAN/Session Port?

Basic steps (from a doc I have):

 

1.               Assign destination port for mirror traffic (Wireshark port)

a)               [Switch] mirroring-group 1 local

b)              [Switch] mirroring-group 1 mirroring-port g1/0/xx both

 

2.               Assign source port for traffic to monitor

a)               [Switch] mirroring-group 1 monitor-port g1/0/yy

 

To view status of the monitor

a)               [Switch] display mirroring-group 1

 

hth...Jeff

Fredrik Lönnman
Honored Contributor

Re: SPAN/Session Port?

I think the ports are reversed, mirroring-port would be the source (what you want to monitor) and monitor-port is the destination.

---
CCIE Service Provider
MASE Network Infrastructure [2011]
H3CSE
CCNP R&S

Jeff Carrell
Honored Contributor

Re: SPAN/Session Port?

opps, I am corrected...commands are correct, definitions were incorrect...

 

Here is an update:

 

 

1.              Assign destination port for mirror traffic (Wireshark port)

a)               [Switch] mirroring-group 1 monitor-port g1/0/yy

 

 

2.             Assign source port for traffic to monitor

a)               [Switch] mirroring-group 1 local

b)              [Switch] mirroring-group 1 mirroring-port g1/0/xx both

 

To view status of the monitor

a)               [Switch] display mirroring-group 1

 

Thanx Fredrik :-)

 

Sorry for the confusion...

L1nklight
Valued Contributor

Re: SPAN/Session Port?

Just a quick order of operations revision based off Jeff's info:

 

  1. Create the Mirroring Group:

    [Switch] mirroring-group 1 local

  2. Assign the Destination for the Mirrored Traffic:

    [Switch] mirroring-group 1 monitor-port <gi/te> n/0/n

  3. Define the Source for the Mirroring Activity:

    [Switch] mirroring-group 1 mirroring-port <gi/te> n/0/n both

  4. Status Updates:

    [Switch] display mirroring-group 1

 

I had to create the mirror group first with the command "mirror-group 1 local." Once I had done that, I was then free to create the source and destination ports for the activity. So for my specific example, I am mirroring all outbound/inbound traffic from my firewall which is cross connected on point 2/0/43 of my A5800 and my Websense device's proxy port is setup on 1/0/43. Both interfaces are GigabitEthernet ports. My setup looked like this:

 

  1. [Switch] mirroring-group 1 local
  2. [Switch] mirroring-group 1 monitor-port GigabitEthernet 1/0/43
  3. [Switch] mirroring-group 1 mirroring-port GigabitEthernet 2/0/43 both
  4. [Switch] display mirroring-group 1

The output of the display option looked like this:

 

[Switch] display mirroring-group 1

mirroring-group 1:

    type: local

    status: active

    mirroring port:

             GigabitEthernet2/0/43 both

    mirroring CPU:

    monitor port: GigabitEthernet1/0/43