행씨네

글

11월, 2021의 게시물 표시

ERSAPN Configuration on CISCO Nexus

11월 25, 2021

시나리오 1. Source에서 발생하는 트래픽을 Analyzer에서 캡쳐할 수 있도록 포트미러링을 설정해라 Pre-configuration 1. 9K #1 Create vlan 100 interface eth2/5 switchport mode access switchport access vlan 100 interface vlan 100 ip address 10.0.0.1/24 interface eth1/1 no switchport ip address 1.1.1.1/30 interface lo0 ip address 10.254.254.1/32 ip route 192.168.0.0 255.255.255.0 1.1.1.2 ip route 10.254.254.2 255.255.255.255 1.1.1.2 2. 9K #2 Create vlan 200 interface eth2/5 switchport mode access switchport access vlan 200 interface vlan 200 ip address 192.168.0.1/24 interface eth1/2 no switchport ip address 1.1.1.2/30 interface lo0 ip address 10.254.254.2/32 ip route 10.0.0.0 255.255.255.0 1.1.1.1 ip route 10.254.254.1 255.255.255.255 1.1.1.1 ERSPAN configuration 1. 9K #1 !--모니터 세션 생성 9K#1(config)#monitor session 1 type erspan-source !--캡쳐할 인터페이스 설정 9K#1(config-erspan-src)#source interface Eth2/5 both !--mirrored packet을 받아볼 디바이스 IP설정 9K#1(config-erspan-src)#destination ip 192.168.0.10 !--ERSPAN ID 설정 (source 및 destination장비의