Users Guide

ManualsBrandsDell ManualsAccess PlatformsPowerSwitch S4820T

641

642

643

644

645

646

647

648

649

650

1. Enable control plane egress acl using the following command:

mac control-plane egress-acl

2. Create an extended MAC access list and add a deny rule of (0x0180c2xxxxxx) packets using the following commands:

mac access-list extended mac2

seq 5 deny any 01:80:c2:00:00:00 00:00:00:ff:ff:ff count

3. Apply ACL on that RPM VLAN. In this example RPM vlan is 10.

Dell#show running-config interface vlan 10

interface Vlan 10

no ip address

mode remote-port-mirroring

tagged Port-channel 2

mac access-group mac2 out

no shutdown

4. Create Source RPM session as follows (port-channel 1 and port-channel 2 are LACP).

Dell(conf)#monitor session 1 type rpm

Dell(conf-mon-sess-1)#source port-channel 1 destination remote-vlan 10 dir rx

Dell(conf-mon-sess-1)#no disable

5. Show the output for the LACP.

Dell#show interfaces port-channel brief

Codes: L - LACP Port-channel

O - OpenFlow Controller Port-channel

LAG Mode Status Uptime Ports

L1 L3 up 00:01:17 Te 1/4 (Up)

L2 L2 up 00:00:58 Te 1/5 (Up)

Dell#

Encapsulated Remote Port Monitoring

Encapsulated Remote Port Monitoring (ERPM) copies trac from source ports/port-channels or source VLANs and forwards the

trac using routable GRE-encapsulated packets to the destination IP address specied in the session.

Important:

When conguring ERPM, follow these guidelines

• The Dell Networking OS supports ERPM source session only. Encapsulated packets terminate at the destination IP address

or at the analyzer.

• You can congure up to four ERPM source sessions on switch.

• The system MTU should be congured properly to accommodate the increased size of the ERPM mirrored packet.

• The maximum number of source ports that can be dened in a session is 128.

• The system encapsulates the complete ingress or egress data under GRE header, IP header and outer MAC header and

sends it out at the next hop interface as pointed by the routing table.

• The keyword ‘ow-based enable’ should have been specied in case of source as vlan or where monitoring on a per ow

basis is desired.

• The keyword monitor should have been specied in the access list rules for which we need to mirror.

• The maximum number of source ports that can be dened in a session is 128.

• The system allows to congure upto 4 ERPM sessions.

• ERPM sessions do not copy locally sourced remote VLAN trac from source trunk ports that carry RPM VLANs. ERPM

sessions do not copy locally sourced ERPM GRE-encapsulated trac from source ports.

• Source Vlan monitoring can be done only for ingress packets and is not supported for egress direction.

• A ow-based source VLAN can be monitored only for ingress trac (not egress trac). direction.

Changes to Default Behavior

• Rate-limiting ïs no longer done for ERSPAN trac.

Port Monitoring

647