Sunday, January 8, 2012

IP Traffic Export (Router上类似于SW上SPAN的技术)


IP Traffic Export (Router上类似于SW上SPAN的技术)

  (2010-04-03 09:24:24)
标签: 

杂谈

IP <wbr>Traffic <wbr>Export <wbr>(Router上类似于SW上SPAN的技术)
配置备份如下:
*********最简单配置************
ip traffic-export profile test
  interface FastEthernet1/0
  mac-address 0200.4c4f.4f50
*********最终配置备份**********
ip traffic-export profile test
  interface FastEthernet1/0 <这是IDS所在的出接口>
  bidirectional
  incoming access-list incoming.acl
  outgoing access-list outgoing.acl
  mac-address 0200.4c4f.4f50 <这是IDS的MAC,记住一定是直连或者同一VLAN>
  incoming sample one-in-every 2
  outgoing sample one-in-every 3
interface FastEthernet0/0 <这是被监控的接口>
 ip address 202.100.1.2 255.255.255.0
 ip traffic-export apply test
R2#sh ip traffic-export
Router IP Traffic Export Parameters
Monitored Interface             FastEthernet0/0
        Export Interface                FastEthernet1/0
        Destination MAC address 0200.4c4f.4f50
        bi-directional traffic export is on
Output IP Traffic Export Information    Packets/Bytes Exported    28/2480
        Packets Dropped           39
        Sampling Rate             one-in-every 3 packets
        Access List        outgoing.acl [named extended IP]
Input IP Traffic Export Information     Packets/Bytes Exported    27/2420
        Packets Dropped           38
        Sampling Rate             one-in-every 2 packets
        Access List        incoming.acl [named extended IP]
        Profile test is Active

No comments: