Acl Port Mirroring; Viewing Acl Statistics - IBM RackSwitch G8000 Application Manual
A top-of-rack (tor) switch
Hide thumbs
Also See for RackSwitch G8000:
- Manual (18 pages) ,
- Manual (14 pages) ,
- Installation manual (86 pages)
Table of Contents
Advertisement
ACL Port Mirroring
Viewing ACL Statistics
© Copyright IBM Corp. 2011
For IPv4 ACLs and VMaps, packets that match the filter can be mirrored to another
switch port for network diagnosis and monitoring.
The source port for the mirrored packets cannot be a portchannel, but may be a
member of a portchannel.
The destination port to which packets are mirrored must be a physical port.
If the ACL or VMap has an action (permit, drop, etc.) assigned, it cannot be used to
mirror packets for that ACL.
Use the following commands to add mirroring to an ACL:
•
For IPv4 ACLs:
RS G8000(config)# access-control list <ACL number> mirror port
<destination port>
The ACL must be also assigned to it target ports as usual (see
Individual ACLs to a Port" on page
page
84).
•
For VMaps (see
"VLAN Maps" on page
RS G8000(config)# access-control vmap <VMap number> mirror port <monitor
destination port>
See the configuration example on
ACL statistics display how many packets have “hit” (matched) each ACL. Use
ACL statistics to check filter performance or to debug the ACL filter configuration.
You must enable statistics for each ACL that you wish to monitor:
RS G8000(config)# access-control list <ACL number> statistics
82, or
"Assigning ACL Groups to a Port" on
88):
page
89.
Chapter 7. Access Control Lists
"Assigning
85
Advertisement
Table of Contents
Troubleshooting
