IP Traffic Export (Router上类似于SW上SPAN的技术)
(2010-04-03 09:24:24)标签: 杂谈 |
配置备份如下:
*********最简单配置************
ip traffic-export profile test
interface FastEthernet1/0
mac-address 0200.4c4f.4f50
ip traffic-export profile test
*********最终配置备份**********
ip traffic-export profile test
interface FastEthernet1/0 <这是IDS所在的出接口>
bidirectional
incoming access-list incoming.acl
outgoing access-list outgoing.acl
mac-address 0200.4c4f.4f50 <这是IDS的MAC,记住一定是直连或者同一VLAN>
incoming sample one-in-every 2
outgoing sample one-in-every 3
ip traffic-export profile test
interface FastEthernet0/0 <这是被监控的接口>
ip address 202.100.1.2 255.255.255.0
ip traffic-export apply test
R2#sh ip traffic-export
Router IP Traffic Export Parameters
Monitored Interface FastEthernet0/0
Export Interface FastEthernet1/0
Destination MAC address 0200.4c4f.4f50
bi-directional traffic export is on
Output IP Traffic Export Information Packets/Bytes Exported 28/2480
Packets Dropped 39
Sampling Rate one-in-every 3 packets
Access List outgoing.acl [named extended IP]
Input IP Traffic Export Information Packets/Bytes Exported 27/2420
Packets Dropped 38
Sampling Rate one-in-every 2 packets
Access List incoming.acl [named extended IP]
Profile test is Active
Router IP Traffic Export Parameters
Monitored Interface
Output IP Traffic Export Information
Input IP Traffic Export Information
No comments:
Post a Comment