Concept Guide

ManualsBrandsDell ManualsAccess PlatformsPowerSwitch S4048T-ON

141

142

143

144

145

146

147

148

149

150

If you congure the flow-based enable command and do not apply an ACL on the source port or the monitored port, both ow-based

monitoring and port mirroring do not function.

You cannot apply the same ACL to an interface or a monitoring session context simultaneously.

The port mirroring application maintains a database that contains all monitoring sessions (including port monitor sessions). It has

information regarding the sessions that are enabled for ow-based monitoring and those sessions that are not enabled for ow-based

monitoring. It downloads monitoring conguration to the ACL agent whenever the ACL agent is registered with the port mirroring

application or when ow-based monitoring is enabled.

The show monitor session session-id command displays the Type eld in the output, which indicates whether a particular

session is enabled for ow-monitoring.

Example Output of the show Command

DellEMC# show monitor session 1

SessID Source Destination Dir Mode Source IP Dest IP DSCP

TTL Drop Rate Gre-Protocol FcMonitor

------ ------ ----------- --- ---- --------- -------- ----

--- ---- ---- ----------- ---------

1 Te 1/2 remote-ip rx Port 0.0.0.0 0.0.0.0 0

0 No N/A N/A yes

DellEMC#

The show config command has been modied to display monitoring conguration in a particular session.

Example Output of the show Command

(conf-mon-sess-11)#show config

monitor session 11

flow-based enable

source TenGigabitEthernet 1/1 destination TenGigabitEthernet 1/1 direction both

The show ip accounting commands have been enhanced to display whether monitoring is enabled for trac that matches with the

rules of the specic ACL.

Example Output of the show Command

DellEMC# show ip accounting access-list

Extended Ingress IP access list kar on TenGigabitEthernet 1/1

Total cam count 1

seq 5 permit ip 192.168.20.0/24 173.168.20.0/24 monitor

DellEMC#show ipv6 accounting access-list

Ingress IPv6 access list kar on TenGigabitEthernet 1/1

Total cam count 1

seq 5 permit ipv6 22::/24 33::/24 monitor

Enabling Flow-Based Monitoring

Flow-based monitoring is supported on the platform.

Flow-based monitoring conserves bandwidth by monitoring only specied trac instead of all trac on the interface. This feature is

particularly useful when looking for malicious trac. It is available for Layer 2 and Layer 3 ingress trac. You can specify trac using

standard or extended access-lists.

1 Enable ow-based monitoring for a monitoring session.

MONITOR SESSION mode

142

Access Control Lists (ACLs)