HP ProCurve 9304M Installation And Configuration Manual page 167
Routing switches
Hide thumbs
Also See for ProCurve 9304M:
- Management and configuration manual (690 pages) ,
- Installation and getting started manual (348 pages) ,
- User manual (236 pages)
Table of Contents
Advertisement
HP9300(config-routemap ssl-pbr-map)# set mirror-interface 5
HP9300(config-routemap ssl-pbr-map)# set next-hop 10.10.10.1
HP9300(config-routemap ssl-pbr-map)# exit
HP9300(config)# interface e 5
HP9300(config-if-5)# port-name mirror-port
HP9300(config-if-mirror-port)# interface e 10
HP9300(config-if-10)# ip policy route-map ssl-pbr-map
HP9300(config-if-10)# exit
HP9300(config)# access-list 100 permit tcp any any eq ssl
The above commands complete the following configuration tasks:
1. Configures an entry in the PBR route map named "ssl-pbr-map" . The match statement matches on IP
information in ACL 100. The set mirror-interface statement specifies interface e 5 as the mirror port for
matched ACL permit clauses. The set next-hop statement sets the IP address of the route's next hop router
to 10.10.10.1.
2. Identifies interface e 5 as a mirror port by assigning the name "mirror-port".
3. Enables PBR and applies the route map "ssl-pbr-map" on interface e 10.
4. Creates an extended ACL (100) that permits all TCP traffic destined for an for an SSL port.
NOTE: This section describes the syntax for the new CLI Route Map level command, set mirror-interface. For
more information about the other existing commands and syntax shown in the above example, see the Command
Line Interface Reference or the Advanced Configuration and Management Guide .
Syntax: set mirror-interface <slot number>/<port number>
The <slot number> parameter specifies the port number on an HP chassis device.
The <port number> parameter specifies the mirror port number.
You can specify up to 4 mirror ports for each PBR route map instance. To do so, enter the set mirror interface
command for each mirror port.
Displaying the Current Mirror and Monitor Port Configuration
You can display the current port mirroring and monitoring configuration using the following CLI method.
USING THE CLI
To display the current mirroring and monitoring configuration, enter the following command at any level of the CLI:
HP9300(config)# show monitor
Mirror Interface:
Monitored Interfaces:
Both
-------------------------------------------------- -
ethernet 4/3
Syntax: show monitor
This example shows the monitoring and mirroring configuration set up by the commands in the example in the
previous section. Port 4/1 is the mirror interface, to which the software copies ("mirrors") the traffic on port 4/3. In
this case, both directions of traffic on the monitored port are mirrored to port 4/1.
If only the incoming traffic is mirrored, the monitored interface is listed under Input. If only the outbound traffic is
mirrored, the monitored interface is listed under Output.
USING THE WEB MANAGEMENT INTERFACE
You cannot display this information using the Web management interface.
ethernet 4/1
Input
Output
Configuring Basic Features
6 - 55
Advertisement
Chapters
Table of Contents
Troubleshooting
