Administrator Guide
In the following example, the host and server are exchanging trac which passes through the uplink interface 1/1. Port 1/1 is the
monitored port and port 1/42 is the destination port, which is congured to only monitor trac received on tengigabitethernet 1/1
(host-originated trac).
Figure 100. Port Monitoring Example
Enabling Flow-Based Monitoring
Flow-based monitoring is supported only on the S-Series platform.
Flow-based monitoring conserves bandwidth by monitoring only specied trac instead of all trac on the interface. This feature is
particularly useful when looking for malicious trac. It is available for Layer 2 and Layer 3 ingress and egress trac. You can specify
trac using standard or extended access-lists.
1. Enable ow-based monitoring for a monitoring session.
MONITOR SESSION mode
flow-based enable
2. Dene in access-list rules that include the keyword monitor. For port monitoring, Dell Networking OS only considers trac
matching rules with the keyword
monitor.
CONFIGURATION mode
ip access-list
Refer to Access Control Lists (ACLs).
3. Apply the ACL to the monitored port.
INTERFACE mode
ip access-group access-list
Example of the flow-based enable Command
To view an access-list that you applied to an interface, use the show ip accounting access-list command from EXEC
Privilege mode.
Port Monitoring
595