Administrator Guide

ManualsBrandsDell ManualsAccess PlatformsPowerSwitch S4048T-ON

651

652

653

654

655

656

657

658

659

660

monitor session session-id

2. Enable flow-based monitoring for a monitoring session.

MONITOR SESSION mode

flow-based enable

3. Specify the source and destination port and direction of traffic.

MONITOR SESSION mode

source source—port destination destination-port direction rx

4. Define IP access-list rules that include the monitor keyword. For port monitoring, Dell EMC Networking OS only considers traffic

matching rules with the monitor keyword.

CONFIGURATION mode

ip access-list

To define access lists, see the Access Control Lists (ACLs) chapter.

5. Allocate a CAM region so that you can apply the ACL you created to the monitoring session.

CONFIGURATION mode

cam-acl l2acl number ipv4acl number ipv6acl number ipv4qos number l2qos number l2pt number

ipmacacl number vman-qos number ipv4mirracl number

6. Apply the ACL to the monitored port.

MONITOR SESSION mode

ip access-group access-list-name

To view an access-list that you applied to an interface, use the show ip accounting access-list command from EXEC Privilege

mode.

DellEMC(conf)#monitor session 0

DellEMC(conf-mon-sess-0)#flow-based enable

DellEMC(conf)#ip access-list ext testflow

DellEMC(config-ext-nacl)#seq 5 permit icmp any any count bytes

monitor

DellEMC(config-ext-nacl)#seq 10 permit ip 102.1.1.0/24 any count bytes monitor

DellEMC(config-ext-nacl)#seq 15 deny udp any any count bytes

DellEMC(config-ext-nacl)#seq 20 deny tcp any any count bytes

DellEMC(config-ext-nacl)#exit

DellEMC(conf)#interface tengigabitethernet 1/1

DellEMC(conf-if-te-1/1)#ip access-group testflow in

DellEMC(conf-if-te-1/1)#show config

interface TenGigabitEthernet 1/1

ip address 10.11.1.254/24

ip access-group testflow in

shutdown

DellEMC(conf-if-te-1/1)#exit

DellEMC(conf)#do show ip accounting access-list testflow

Extended Ingress IP access list testflow on TenGigabitEthernet 1/1

Total cam count 4

seq 5 permit icmp any any 53 monitor 53 count bytes (0 packets 0 bytes)

seq 10 permit ip 102.1.1.0/24 any monitor 53 count bytes (0 packets 0 bytes)

seq 15 deny udp any any count bytes (0 packets 0 bytes)

seq 20 deny tcp any any count bytes (0 packets 0 bytes)

DellEMC(conf)#do show monitor session 0

SessionID Source Destination Direction Mode Type Source IP Dest IP DSCP TTL

Drop Rate Gre-Protocol FcMonitor

--------- ------ ----------- --------- ---- ---- --------- -------- ---- ---

---- ---- ----------- ---------

0 Te 1/1 Te 1/2 rx interface Flow-based 0.0.0.0 0.0.0.0 0 0

No N/A N/A yes

Remote Port Mirroring

While local port monitoring allows you to monitor traffic from one or more source ports by directing it to a destination port on the same

switch/router, remote port mirroring allows you to monitor Layer 2 and Layer 3 ingress and/or egress traffic on multiple source ports on

different switches and forward the mirrored traffic to multiple destination ports on different switches.

656

Port Monitoring