HP ProCurve 6200yl Software Update Npi Technical Training
Hide thumbs
Also See for ProCurve 6200yl:
- Access security manual (390 pages) ,
- Multicast and routing manual (308 pages) ,
- Reference manual (765 pages)
Table of Contents
Advertisement
Quick Links
Advertisement
Table of Contents
Related Manuals for HP ProCurve 6200yl
Summary of Contents for HP ProCurve 6200yl
- Page 1 The ProCurve 3500yl/5400zl/6200yl Switch Software Update NPI Technical Training NPI Technical Training Version 1.0b 6 December 2006 © 2006 Hewlett-Packard Development Company, L.P. The information contained herein is subject to change without notice.
- Page 2 Traffic Mirroring Section © 2006 Hewlett-Packard Development Company, L.P. The information contained herein is subject to change without notice.
-
Page 3: Traffic Mirroring
Traffic Mirroring Allows you to monitor traffic to detect threats or troubleshoot problems Advantages • Allows you to monitor traffic from the local switch or from multiple remote switches • Eliminates the need for a monitoring port on every switch •... -
Page 4: Remote Traffic Mirroring
Remote Traffic Mirroring Allows you to monitor traffic to detect threats or troubleshoot problems from across the network and bring information back to the analyzer. IDS/IPS* Network 3500yl Switch L i n k M o d e U s e o n l y o n e ( T o r M ) f o r e a c h D u a l - P e r s o n a l i t y P o r t L i n k M o d e U s e o n l y o n e ( T o r M ) f o r e a c h D u a l - P e r s o n a l i t y P o r t... - Page 5 Guidelines for Using Traffic Mirroring Two types of traffic mirroring: • Local mirroring—source and destination are on the same switch • Remote mirroring—source and destination are on different switches Each switch can be the: • Originator for four mirror sessions, with the destination on either the local switch or another switch •...
- Page 6 Guidelines for Using Traffic Mirroring Continued For local mirroring, configure exit ports: • Configure multiple mirror sessions to use the same exit port • Load balance mirror sessions across multiple exit ports 1 3 5 7 Core 2 4 6 IDS/IPS...
-
Page 7: Overview Of Configuration Steps
Overview of Configuration Steps 1. Configure the destination switch for remote traffic mirroring. 2. Configure the source switch. • Define the session number and the destination for the mirror session on the source switch. Local traffic mirroring—port on the same switch –... - Page 8 Overview of Configuration Steps 3. For remote traffic mirroring, enable jumbo frames to mirror information fields larger than 1446 bytes (untagged) or (tagged) • On both source and destination switches • Any infrastructure switches in between • The end stations, in this case the IPS/IDS if you know the originating frame was larger than 1522 bytes.
-
Page 9: Configuring The Destination Switch
Configuring the Destination Switch 1. For remote traffic mirroring, configure the source and destination of the mirror session on the destination switch ProCurve_dst_switch(config)# mirror endpoint ip <src-ip-add> <src-udp-port> <dst-ip-add> port <port#> Options <src-ip-add> IP address of the VLAN or subnet on which the These settings mirrored traffic enters or leaves the source must match the... -
Page 10: Configuring The Source Switch
Configuring the Source Switch Remote traffic mirroring 2. Configure the source switch — For remote traffic mirroring, identify the mirror session, the source, and the destination. ProCurve_source_switch(config)# mirror <1-4> [name <name>] remote ip <src-ip-add> <src-udp-port> <dst-ip-add> Replace <1-4> with the number to identify this mirror session. –... - Page 11 Configuring the Source Switch Local traffic mirroring • For local traffic mirroring, identify the session and configure the exit port ProCurve_source_switch(config)# mirror <1-4> [name <name>] port <port#> 1 3 5 7 Core 2 4 6 Exit port is port 8. IPS/IDS...
- Page 12 Configuring the Source Switch Define the originating interface • Define the originating interface as a port, trunk, or mesh port ProCurve_source_switch(config)# interface <port/trunk/mesh> monitor all [in | out | both] mirror <1-4> [mirror <1-4> . . .] Options <port/trunk/mesh> Port, trunk, or mesh [in | out | both] Direction of traffic that you want mirrored: in = traffic entering port...
- Page 13 Configuring the Source Switch Select the originating interface • Define the originating interface as a VLAN or VLANs ProCurve_source_switch(config)# vlan <vlan-ID> monitor all [in | out | both] mirror <1-4> [mirror <1-4> . . .] Replace <vlan-range> with a VLAN or a range or VLANs. –...
- Page 14 Using an ACL to Further Select Traffic Optional • To use an ACL to select traffic arriving on an interface, enter: ProCurve_source_switch(config)# interface <port/trunk/mesh> monitor ip access-group <acl_name> in mirror <1-4> [mirror <1-4> . . .] ProCurve_source_switch(config)# vlan <vlan-ID> monitor ip access-group <acl_name>...
-
Page 15: Enabling Jumbo Frames
Enabling Jumbo Frames 3. For remote traffic mirroring, enable jumbo frames on the source switch, destination switch, and any intervening infrastructure switches For example: ProCurve_Source (config)# vlan 8 jumbo ProCurve_Destination (config)# vlan 8 jumbo ProCurve_Infrastructure (config)# vlan 8 jumbo... - Page 16 Traffic Mirroring show Commands View information about mirror sessions configured on the switch ProCurve# show monitor [<1-4>] Port = local mirror session IPv4 = remote mirror Network Monitoring session Sessions Status Type Sources ---------- ------- ----- --------- active port Indicates # of active IPv4 criteria for mirror...
-
Page 17: Example Configuration
Example Configuration Running configuration: !Source switch! Running configuration: !Dst switch! vlan 8 vlan 8 untagged B1-B24 untagged 1-5 ip address 10.8.1.1 255.255.255.0 ip address 10.8.1.100 255.255.255.0 jumbo jumbo exit exit mirror 1 remote ip 10.8.1.1 1000 mirror endpoint ip 10.8.1.1 1000 10.8.1.100 10.8.1.100 port 22 interface B1...
Need help?
Do you have a question about the ProCurve 6200yl and is the answer not in the manual?
Questions and answers