Chinaunix首页 | 论坛 | 博客

leit

首页 |  博文目录 |  关于我

leit

  • 博客访问: 41854
  • 博文数量: 14
  • 博客积分: 2830
  • 博客等级: 少校
  • 技术积分: 145
  • 用 户 组: 普通用户
  • 注册时间: 2008-12-21 22:03
个人简介

cloud

文章分类

全部博文(14)

文章存档

2013年(2)

2010年(6)

2009年(6)

我的朋友
最近访客
推荐博文
相关博文
juniper 设备镜像配置

分类: 系统运维

2013-07-19 11:36:09

#加组
set groups mirror_pkts_in forwarding-options port-mirroring instance mirror_in input rate 1
set groups mirror_pkts_in forwarding-options port-mirroring instance mirror_in family inet output interface ge-1/2/1.0 next-hop 10.10.1.2
set groups mirror_pkts_out forwarding-options port-mirroring instance mirror_out input rate 1
set groups mirror_pkts_out forwarding-options port-mirroring instance mirror_out family inet output interface ge-1/2/2.0 next-hop 10.10.1.6




#匹配策略
set firewall family inet filter mirror_in apply-groups mirror_pkts_in
set firewall family inet filter mirror_in term catch_all then port-mirror-instance mirror_in
set firewall family inet filter mirror_in term catch_all then accept
set firewall family inet filter mirror_out apply-groups mirror_pkts_out
set firewall family inet filter mirror_out term catch_all then port-mirror-instance mirror_out
set firewall family inet filter mirror_out term catch_all then accept




#对应板卡
set chassis fpc 1 pic 2 port-mirror-instance mirror_in
set chassis fpc 1 pic 2 port-mirror-instance mirror_out




#加源
set interfaces ge-1/2/9 unit 0 family inet filter input mirror_out
set interfaces ge-1/2/9 unit 0 family inet filter output mirror_in


#目标策略,前提目标接口有ip地址
set forwarding-options port-mirroring instance mirror_in input rate 1
set forwarding-options port-mirroring instance mirror_in input run-length 1
set forwarding-options port-mirroring instance mirror_in family inet output interface ge-1/2/1.0 next-hop 10.10.1.2
set forwarding-options port-mirroring instance mirror_in family inet output no-filter-check
set forwarding-options port-mirroring instance mirror_out input rate 1
set forwarding-options port-mirroring instance mirror_out input run-length 1
set forwarding-options port-mirroring instance mirror_out family inet output interface ge-1/2/2.0 next-hop 10.10.1.6
set forwarding-options port-mirroring instance mirror_out family inet output no-filter-check




#绑定目标mac
set interfaces ge-1/2/1 description mirror-out
set interfaces ge-1/2/1 unit 0 family inet address 10.10.1.1/30 arp 10.10.1.2 mac 00:90:0b:1b:0b:dd
set interfaces ge-1/2/2 description mirror-in
set interfaces ge-1/2/2 unit 0 family inet address 10.10.1.5/30 arp 10.10.1.6 mac 00:90:0b:1b:0b:de
阅读(644) | 评论(0) | 转发(0) |
0

上一篇:huawei3328 ip限速方式!

下一篇:win7 作wifi 热点命令

给主人留下些什么吧!~~
关于我们 | 关于IT168 | 联系方式 | 广告合作 | 法律声明 | 免费注册

Copyright 2001-2010 ChinaUnix.net All Rights Reserved 北京皓辰网域网络信息技术有限公司. 版权所有

感谢所有关心和支持过ChinaUnix的朋友们

16024965号-6