QUANTUM NETWORKS QASA CLI 24 Full Port Switch
Product Usage Instructions
- This command is used to configure the source interfaces for the mirror.
- This command allows you to specify the source interfaces for mirroring. You can mirror incoming and outgoing datagrams selectively.
- When mirroring multiple interfaces, ensure to configure the direction of the mirror separately.
Commands for Mirroring Configuration
monitor session source interface
| Command | monitor session <session> source {interface <interface-list> | cpu} {rx|
tx| both} no monitor session <session> source {interface <interface-list> | cpu} |
| Parameter | session: is the session number for the mirror. Currently, only 1 is supported.
interface-list: is the list of source interfaces of the mirror which can be separated by “-” and “;”. cpu: means the CPU on the board to be the source of the mirror for debugging. Datagram received by or sent by the CPU. rx: means to filter the datagram received by the interface. tx: for the datagram sent out. both: means both of income and outcome datagram. |
| Default | The default does not match any mirror source port. |
| Mode | Global mode. |
| Usage | This command is used to configure the source interfaces for the mirror. It is not restricted to the source interface of the mirror on the switch. The source can be one interface or can be multiple interfaces. Both of the income and outcome datagrams can be mirrored, or they can be mirrored selectively. If no [rx | tx | both] is specified, both are made to be the default. When multiple interfaces are mirrored, the direction of the mirror can be different, but they should be configured separately. |
| Example | To configure to mirror the datagram sent out by interface 1/0/1-4 and to mirror the datagram received by interface 1/0/5.
Switch(config)#monitor session 1 source interface ethernet 1/0/1–4 tx Switch(config)#monitor session 1 source interface ethernet1/0/5 rx |
monitor session source interface access-list
| Command | monitor session <session> source {interface <interface-list>} access-list <num> {rx|tx|both}
no monitor session <session> source {interface <interface-list>} access-list <num> |
| Parameter | session: is the session number for the mirror. Currently, only 1 is supported.
interface-list: is the list of source interfaces of the mirror which can be separated by ‘-‘ and ‘;’ num: is the number of the access list. rx: means to filter the datagram received by the interface. tx: for the datagram sent out. both: means both of income and outcome datagram |
| Default | Default not configured. |
| Mode | Global mode. |
| Usage | This command is used to configure the source interfaces for the mirror. It is not restricted to the source interface of the mirror on the switch. The source can be one interface or can be multiple interfaces. For the flow mirror, only the datagram received can be mirrored. The parameters can be rx, tx, or both. The related access list should be prepared before this command is issued. For how to configure the access list, please refer to the ACL configuration. The mirror can only be created after the destination interface of the corresponding session has been configured. At the moment, the command only IP ACL and MAC ACL. |
| Example | To configure the mirror interface 1/0/6 to filter with access-list 120 in session 1.
Switch(config)#monitor session 1 source interface 1/0/6 access-list 120 rx |
monitor session destination interface
| Command | monitor session <session> destination interface <interface- number>
no monitor session <session> destination interface <interface- number> |
| Parameter | session: is the session number of the mirror, which is currently limited to 1-4.
interface-number: is the destination interface of the mirror. |
| Default | The default does not match the mirror destination port. |
| Mode | Global mode. |
| Usage | Only four destination mirror interfaces is supported on the switch. To be mentioned, The interface which is configured as the destination of the mirror should not be configured as the member of the interface trunk. The maximum throughput of the interface is recommended to be larger than the total throughput of the interfaces to be mirrored. If the destination is removed, the mirror path configured will be removed at the same time. And if the destination interface is reconfigured, the interface, and CPU mirror path will be recovered. To be mentioned, the flow mirror can only be recovered after the destination of the interface is re- configured. |
| Example | To configure interface 1/0/7 as the destination of the mirror.
Switch(config)#monitor session 1 destination interface ethernet 1/0/7 |
show monitor
| Command | show monitor |
| Parameter | – |
| Default | – |
| Mode | Admin mode. |
| Usage | This command is used to display the source and destination ports for the configured mirror sessions. For port mirroring, CPU mirroring, and flow mirroring, the mirror mode of the source can be displayed. |
| Example | View configuration information for the current image.
Switch#show monitor |
mirror sample rate
| Command | monitor session <session> sample rate <num> no monitor session <session> sample rate |
| Parameter | session: is mirror session value, and it supports 1 to 4 at moment.
num: is sampled value, and ranges from 0 to 65535 |
| Default | Default Unconfigured Sampling Rate. |
| Mode | Global mode. |
| Usage | It represents how many packets mirror to destination port and it ranges from 0 to 65535, such as, when the rate value equals 100, the first, 101, 201 packets can mirror the destination port, when the rate value equals 0, it does not configure sampling rate, the default is not configure sampling rate. |
| Example | The sampling rate for configuring mirror session 1 is 100.
switch(config)#monitor session 1 sample rate 100 |
Commands for sFlow
sflow agent-address
| Command | sflow agent-address <agent-address> nos flow agent-address |
| Parameter | agent-address: is the sample proxy IP address which is shown in dotted decimal notation. |
| Default | No default value. |
| Mode | Global mode. |
| Usage | For configuring sflow proxy address, The proxy address is used to mark the sample proxy which is similar to OSPF or the Router ID in the BGP. However, it is not necessary to make the sFlow sample proxy work properly. |
| Example | Sample the proxy address at global mode.
switch (config)#sflow agent-address 192.168.1.200 |
sflow analyzer
| Command | sflow analyzer sflowtrend no sflow analyzer sflowtrend |
| Parameter | – |
| Default | Do not configure. |
| Mode | Global mode. |
| Usage | This command is used to configure sFlow analyzer. no command disables the analyzer.
Configure this command when using sFlowTrend. |
| Example | To enable sFlow analyzer.
Switch(config)#sflow analyzer sflowtrend |
sflow counter-interval
| Command | sflow counter-interval <interval-value> no sflow counter-interval |
| Parameter | interval-value: is the value of the interval with a valid range of 20~120 and shown in second. |
| Default | No default value. |
| Mode | Global mode. |
| Usage | If no statistic sampling interval is configured, there will not be any statistic sampling on the interface. |
| Example | Set the statistic sampling interval on the interface e1/0/1 to 20 seconds.
Switch(Config-If-Ethernet1/0/1)#sflow counter-interval 20 |
sflow data-len
| Command | sflow data-len<length-value> no sflow data-len |
| Parameter | length-value: is the value of the length with a value range of 500- 1470 |
| Default | The value is 1400 by default. |
| Mode | Global mode. |
| Usage | For configuring sflow packet length. When combining several samples to a sFlow group to be sent, the length of the group excluding the MAC head and IP head parts should not exceed the configured value. |
| Example | To configure the max length of the sFlow packet data to 1000.
switch (Config-If-Ethernet1/0/2)#sflow data-len 1000 |
sflow
| Command | sflow destination <collector-address> [<collector-port>] no sflow destination |
| Parameter | collector-address: is the IP address of the analyzer, shown in dotted decimal notation.
collector-port: is the destination port of the sent sFlow packets. |
| Default | The destination port of the sFlow packet is defaulted at 6343, and the analyzer has no default address. |
| Mode | Global Mode and Port Mode. |
| Usage | If the analyzer address is configured at Port Mode, this IP address and port configured at Port Mode will be applied when sending the sample packet. Or else the address and port configured at global mode will be applied. The analyzer address should be configured to let the sFlow sample proxy work properly. |
| Example | Configure the analyzer address and port at global mode.
switch (config)#sflow destination 192.168.1.200 1025 |
sflow header-len
| Command | sflow header-len<length-value> no sflow header-len |
| Parameter | length-value: is the value of the length with a valid range of 32-256. |
| Default | 128 by default. |
| Mode | Port Mode. |
| Usage | To configure the length of header packets copied in sFlow data sampling.
“no” form reduction default value for this command. If the packet sample cannot be identified whether it is IPv4 or IPv6 when sent to the CPU, a certain length of the head of the group has to be copied to the sFlow packet and sent out. The length of the copied content is configured by this command. |
| Example | Configure the length of the packet data head copied in the sFlow data sampling to 50.
Switch(Config-If-Ethernet1/0/2)#sflow header-len 50 |
sflow priority
| Command | sflow priority <priority-value> no sflow priority |
| Parameter | priority-value: is the priority value with a valid range of 0-3. |
| Default | The default value is 0. |
| Mode | Global Mode. |
| Usage | This command is used to set the priority of the sample message. When a sample packet is sent to the CPU, it is recommended not to assign high priority for the packet so that regular receiving and sending of another protocol packet will not be interfered with. The higher the priority value is set, the higher its priority will be. |
| Example | To configure the priority when sFlow receives packets from the hardware in global mode.
switch (config)#sflow priority 1 |
sflow rate
| Command | sflow rate { input<input-rate> | output <output-rate >} no sflow rate [input | output] |
| Parameter | input-rate: is the rate of ingress group sampling, the valid range is 1000~16383500.
output-rate: is the rate of egress group sampling, the valid range is 1000~16383500 |
| Default | No default value. |
| Mode | Global Mode. |
| Usage | The traffic sampling will not be performed if the sampling rate is not configured on the port. And if the ingress group sampling rate is set to 10000, this indicates there will be one group be sampled every 10000 ingress groups. |
| Example | To configure the ingress sample rate on port e1/0/1 to 10000 and the egress sample rate to 20000.
Switch(Config-If-Ethernet1/0/1)#sflow rate input 10000 Switch(Config-If-Ethernet1/0/1)#sflow rate output 20000 |
show sflow
| Command | show sflow | |||
| Parameter | input-rate: is the rate of ingress group sampling, the valid range is 1000~16383500.
output-rate: is the rate of egress group sampling, the valid range is 1000~16383500 |
|||
| Default | No default value. | |||
| Mode | All Modes. | |||
| Usage | This command is used to acknowledge the operation state of sFlow. | |||
| Example | View sFlow configuration information.
Switch#showsflow
Sflow version 1.2 Agent’s address is 172.16.1.100 The collector address have not been configured Collector port is 6343 Sampler priority is 2 SflowDataSource: type 2, index 194(Ethernet1/0/2) Collector address is 192.168.1.200 The collector port is 6343 Counter interval is 0 The sample rate is input 0, output 0 Sample packet max len is 1400 Sample header max len is 50 Sample version is 4 |
|||
| Display information | description | |||
| Sflow version 1.2 | Indicates sFlow version 1.2 | |||
| Agent address is
172.16.1.100 |
sFlow agent address:172.16.1.1100 | |||
| Collector’s address is not
configured |
the sFlow global analyzer address is not
configured |
|||
| The collector port is 6343 | the sFlow global destination port is the
defaulted 6343 |
|||
| Sampler priority is 2 | The priority of sFlow when receiving
packets from the hardware is 2. |
|||
| SflowDataSource: type 2, index 194(Ethernet1/0/1) | One sample proxy data source of the sFlow is the interface e1/0/1 and its type is 2 (Ethernet), the interface
index is 194. |
|||
| The collector’s address is 192.168.1.200 | The analyzer addresses of the sampling
address of the E1/0/1 interface is 192.168.1.200 |
|||
| The collector port is 6343 | The default value of the port on the E1/0/1 interface sampling proxy is 6343. | |||
| The counter interval is 20 | The statistic sampling interval on e1/0/1
interface is 20 seconds |
|||
| The sample rate is input of 10000,
output 0 |
The ingress traffic rate of the e1/0/1 interface sampling proxy is 10000 and no egress traffic sampling will be
performed |
|||
| Sample packet max len is 1400 | The length of the sFlow group data
sent by the e1/0/1 interface should not exceed 1400 bytes. |
|||
| Sample header max len is 50 | The length of the packet data head
copied in the data sampling of the e1/0/1 interface sampling proxy is 50 |
|||
| The sample version is 4 | The datagram version of the sFlow
group sent by the E1/0/1 interface sampling proxy is 4. |
|||
Commands for RSPAN Configuration remote-span
| Command | remote-span no remote-span |
| Parameter | – |
| Default | Not configured |
| Mode | VLAN Configuration Mode. |
| Usage | This command is used to configure the existing VLAN as RSPAN VLAN. A dedicated RSPAN VLAN should be configured before RSPAN can function. When configuring RSPAN VLAN, it should be made sure that specialized VLAN, such as the default VLAN, dynamic VLAN, private VLAN, multicast VLAN, and layer 3 interface enabled VLAN, should not be configured as RSPAN VLAN. If any existing sessions are still working when RSPAN is disabled, these sessions will be still working regardless the configuration change. However, if any layer 3 interface is configured in the VLAN after RSPAN is disabled, the existing RSPAN session will be stopped. |
| Example | RSPAN VLAN. VLAN 5 configured.
Switch(Config-Vlan5)#remote-span |
monitor session remote vlan
| Command | monitor session <session> remote vlan<vid> no monitor session <session> remote vlan |
| Parameter | session: session ID, range between 1~4
vid: The id of RSPAN VLAN |
| Default | Not configured. |
| Mode | Global Mode. |
| Usage | To configure local mirror session to RSPAN. The VLAN id is the RSPAN VLAN. The mirrored data grams will be attached with RSPAN tags. |
| Example | To configure the remote vlan of mirror session 1 to 5.
Switch(config)#monitor session 1 remote vlan 5 |
monitor session reflector-port
| Command | monitor session <session> reflector-port <interface-number> no monitor session <session> reflector-port <interface- number> |
| Parameter | session: session ID, range between 1~4
interface-number: Interface number |
| Default | Not configured. |
| Mode | Global Mode. |
| Usage | This command configures the reflector port for the destination of mirror datagrams, and disables the MAC learning function of the specified port. The configuration of the reflector port is to change the mode of the local port from the destination port mode to be the reflector mode. Hence, the configuration of reflector port and the destination port are exclusive. The no command is used to restore the reflector port to normal port. The source port, in access or trunk mode, should not be added to RSPAN VLAN. When the reflector port is configured as a springboard of CPU TX direction mirroring, it must be configured as a TRUNK port and allow the RSPAN VLAN data passing, the Native VLAN should not be configured as RSPAN VLAN. After configuring RSPAN, the vlan tag will be added on the packet of the egress mirror. It will cause the abort error frame on the reflection port, so the default MTU value of the switch should be modified. |
| Example | To configure port 1/0/5 as a reflection port.
Switch(config)#monitor session 1 reflector-port ethernet1/0/5 |
FAQ
- Q: How many sessions are supported for mirroring configuration?
- A: Currently, only one session (session number 1) is supported for mirroring configuration.
- Q: Can I mirror both incoming and outgoing datagrams at the same time?
- A: Yes, you can mirror both incoming and outgoing datagrams using the ‘both’ option in the commands.
Documents / Resources
 |
QUANTUM NETWORKS QASA CLI 24 Full Port Switch [pdf] User Guide QASA CLI 24 Full Port Switch, QASA CLI, 24 Full Port Switch, Port Switch |
