Manualshelf

Setup Guide

ManualsBrandsDell ManualsAccess PlatformsPowerSwitch S6010-ON
111112113114115116117118119120
If you congure the flow-based enable command and do not apply an ACL on the source port or the monitored port, both ow-based
monitoring and port mirroring do not function.
You cannot apply the same ACL to an interface or a monitoring session context simultaneously.
The port mirroring application maintains a database that contains all monitoring sessions (including port monitor sessions). It has
information regarding the sessions that are enabled for ow-based monitoring and those sessions that are not enabled for ow-based
monitoring. It downloads monitoring conguration to the ACL agent whenever the ACL agent is registered with the port mirroring
application or when ow-based monitoring is enabled.
The show monitor session session-id command displays the Type eld in the output, which indicates whether a particular
session is enabled for ow-monitoring.
Example Output of the show Command
The show config command has been modied to display monitoring conguration in a particular session.
Example Output of the show Command
The show ip accounting commands have been enhanced to display whether monitoring is enabled for trac that matches with the
rules of the specic ACL.
Example Output of the show Command
Enabling Flow-Based Monitoring
Flow-based monitoring is supported on the platform.
Flow-based monitoring conserves bandwidth by monitoring only specied trac instead of all trac on the interface. This feature is
particularly useful when looking for malicious trac. It is available for Layer 2 and Layer 3 ingress trac. You can specify trac using
standard or extended access-lists.
1 Enable ow-based monitoring for a monitoring session.
MONITOR SESSION mode
flow-based enable
2 Dene access-list rules that include the keyword monitor. Dell Networking OS only considers port monitoring trac that matches
rules with the keyword monitor.
CONFIGURATION mode
ip access-list
For more information, see Access Control Lists (ACLs).
3 Apply the ACL to the monitored port.
INTERFACE mode
ip access-group access-list
Example of the flow-based enable Command
To view an access-list that you applied to an interface, use the show ip accounting access-list command from EXEC Privilege
mode.
Access Control Lists (ACLs)
117