Reference Guide

ManualsBrandsDell ManualsAccess PlatformsPowerSwitch S4148U-ON

241

242

243

244

245

246

247

248

249

250

1 Enable ow-based monitoring for a monitoring session in MONITOR-SESSION mode.

flow-based enable

2 Return to CONFIGURATION mode.

exit

3 Create an access list in CONFIGURATION mode.

ip access-list access-list-name

4 Dene access-list rules using seq, permit, and deny statements in CONFIG-ACL mode. The ACL rules describe the trac you

want to monitor. Flow monitoring is supported for IPv4 ACLs, IPv6 ACLs, and MAC ACLs.

seq sequence-number {deny | permit} {source [mask] | any | host ip-address} [count [byte]]

[fragments] [threshold-in-msgs

count] [capture session session-id]

5 Return to CONFIGURATION mode.

exit

6 Apply the ow-based monitoring ACL to the monitored source port in CONFIGURATION mode (up to 140 characters).

ip access-group access-list-name {in | out}

Enable ow-based monitoring

OS10(config)# monitor session 1

OS10(conf-mon-local-1)# flow-based enable

OS10(conf-mon-local-1)# exit

OS10(config)# ip access-list ipacl1

OS10(conf-ipv4-acl)# deny ip host 1.1.1.23 any capture session 1 count

OS10(conf-ipv4-acl)# exit

OS10(config)# mac access-list mac1

OS10(conf-mac-acl)# deny any any capture session 1

OS10(conf-mac-acl)# exit

OS10(config)# interface ethernet 1/1/9

OS10(conf-if-eth1/1/9)# mac access-group mac1 in

OS10(conf-if-eth1/1/9)# end

OS10# show mac access-lists in

Ingress MAC access-list mac1

Active on interfaces :

ethernet1/1/9

seq 10 deny any any capture session 1 count (0 packets)

Remote port monitoring on VLT

In a network, devices congured with peer VLT nodes are considered as a single device. You can apply remote port monitoring (RPM) on

the VLT devices in a network.

When VLT devices are used as a source or intermediate device, the RPM session provides redundancy to the snier-connected devices.

In a non-failover case, the monitored trac is regular.

In a failover case, the monitored trac reaches the packet analyzer connected to TOR through the VLT interconnect link.

NOTE

• In VLT devices congured with RPM, when the VLT link is down, the monitored packets might drop for some time. The time is

equivalent to the VLT failover recovery time (delay restore).

• You cannot apply ERPM on VLT devices.

Port monitoring commands

Layer 2

245