Data communication foundation - Ethernet port mirroring and link aggregation

Port Mirror
In some scenes , We need to monitor the inbound or outbound messages of the specific port of the switch .

summary
Application of image ：

Flow observation

Fault location

Classification of images ：

Port based mirroring
Port mirroring is to copy the data on the monitored port to the specified monitoring port , Analyze and monitor data .

Stream based mirroring
Flow mirroring is to copy the business flow matching the access control list rule to the specified monitoring port , Used for message analysis and monitoring .

Port based mirroring
Port mirroring means that the switch copies a message flowing through the mirrored port （ You can specify inbound or outbound ）, And send this message to the designated observation port for analysis and monitoring . Port mirroring , All messages flowing through the image port will be copied to the observation port .
Ethernet switches support many to one mirroring , Copy messages from multiple ports to one monitoring port .

Port mirroring is divided into local port mirror and remote port image
Local port mirroring and remote port mirroring
Local port mirroring ：

​ In the local port image , The monitoring host is directly connected to the observation port .

Remote port mirroring ：

​ Remote port image , The monitoring host and the device where the observation port is located are connected through a two-layer network or a three-layer network .

Layer 2 Port mirroring （RSPAN：Remote Switched Port Analyzer）： If it is interconnected through a two-layer network ,S9300 Encapsulate the message of the image port VLAN, Then, the message is remotely mirrored through the observation port VLAN Broadcast in . After the remote device receives the message , Compare the message VLAN ID, If the same , Then forward the message to the remote observation port .

Layer 3 port mirroring （ERSPAN：Encapsulated Remote SPAN）： If it is interconnected through a three-layer network ,S9300 Use GRE Packet header encapsulation and de encapsulation of image message , So that the image message can penetrate the three-layer network , So as to realize the port mirroring when the device where the image port is located and the device where the observation port is located are connected through the three-layer network .

Stream based mirroring
Stream mirroring is to copy the specific data on the stream mirroring port to the specified observation port or CPU Analysis and monitoring . A stream mirroring port is an interface that applies a stream policy that includes the stream mirroring behavior , Messages flowing through the stream image port , If the flow classification in the flow policy on this interface is matched , Will be copied and transferred to the observation port or CPU.

There are two types of stream mirroring , That is, the stream is mirrored to the interface and the stream is mirrored to CPU：

The stream is mirrored to the interface , It is to copy a message that meets the requirements on the interface configured with stream image , Then it is sent to the observation port for analysis and diagnosis .

Stream mirrored to CPU, It is to copy a message that meets the requirements on the interface configured with stream image , Then send it to CPU For analysis and diagnosis . there CPU It refers to the interface on the interface board where the stream image is configured CPU.

Configure local port mirroring

Switch GE0/0/2 Port in 、 Export message is mirrored to GE0/0/3.

To configure ：

[SW] observe-port 1 interface gigabitethernet0/0/3  # Configure the monitoring port as the observation port
[SW] interfae gigabitethernet0/0/2
[SW-gigabitethernet0/0/2] port-mirroring to observe-port 1 both # Interface traffic is mirrored to the observation port

display observe-port # View the configuration information of the observation port
diaplay port-mirroring # View the configuration information of the mirroring function
1
2
3
4
5
6
both Is the mirror direction , It means that bidirectional data should be copied to the observation port , Besides, there are inbound and outbound.

Link aggregation
Link aggregation （Link Aggregation） Yes, it will — Group physical interfaces are bundled together as a way to increase bandwidth as a logical interface , It is also called multi interface load balancing group （Load Sharing Group） Or link aggregation group （Link Aggregation Group）, For relevant protocol standards, please refer to IEEE802.3ad.
By establishing a link aggregation group between two devices , It can provide higher communication bandwidth and higher reliability . Link aggregation not only provides redundancy protection for communication between devices , And there is no need to upgrade the hardware .

stay SW1 Admiral GE0/0/1 And GE0/0/2 Interface to aggregate , So as to form a logical interface Eth-trunk, SW2 Empathy . In this way ,SW1 And SW2 The link between them becomes a logical link . such , The bandwidth of the link is increased , Redundancy is also enhanced .

Huawei's network equipment supports two types Eth-trunk Working mode ：

Manual load sharing mode

LACP Pattern

Manual load sharing
Manual load sharing （Manual load-balance） In mode ,Eth-Trunk The establishment of the 、 The membership interface is manually configured , No, LACP（link Aggregation Control Protocol） Participation in protocol messages .

In this mode, all active links are involved in data forwarding , Average shared flow , Therefore, it is called load sharing mode .

If an active link fails , The link aggregation group automatically shares the traffic among the remaining active links .

When it is necessary to provide a large link bandwidth between two directly connected devices, and the device does not support LACP When the agreement , Manual load sharing mode can be used .

static state LACP
static state LACP（Static LACP） Pattern is a kind of utilization LACP The protocol performs aggregation parameter negotiation 、 Determine the link aggregation mode of active and inactive interfaces .

In this mode , It needs to be created manually Eth-Trunk, Hand in Eth-Trunk Member interface , from LACP Protocol negotiation determines active and inactive interfaces .

static state LACP Patterns are also called M∶N Pattern . In this way, the dual functions of link load sharing and link redundant backup can be realized at the same time . In the link aggregation group M Links are active , These links are responsible for forwarding data and load sharing , in addition N Links are inactive as backup links , Don't forward data . When M When one of the links fails , The system will N Select the link with the highest priority from the backup links to replace the failed link , At the same time, the backup link that replaces the failed link becomes active and starts forwarding data .

static state LACP The main difference between mode and manual load sharing mode is ： static state LACP Mode has a backup link , In the manual load sharing mode, all member interfaces are in forwarding status , Share load traffic .

And static LACP Patterns also correspond to dynamic LACP Pattern . dynamic LACP Link aggregation mode , from Eth-Trunk There is no need for human intervention from the creation of the member interface to the joining of the member interface , from LACP Automatic agreement negotiation is completed . Although this method is very simple for users , But because this method is too flexible , Not easy to manage , therefore S9300 Dynamic... Is not supported on LACP Mode link aggregation .

LACP Pattern （ Add ）
LACP: be based on IEEE802.3ad The standard LACP（ Link aggregation control protocol ） It is a protocol to realize dynamic link aggregation .LACP Agreement passed LACPDU（ Link aggregation control protocol data unit ） Interact with the opposite end . Enable... For a port LACP After the agreement , The port will send through LACPDU Announce your system priority to the opposite end 、 System MAC Address 、 Port priority 、 Port number and operation Key. After receiving the information from the opposite end , Compare this information with the information saved by other ports to select the ports that can be converged , In this way, both parties can reach an agreement on whether to join or exit a dynamic aggregation group .

System LACP priority

System LACP Priority is a parameter configured to distinguish the priority of devices at both ends .LACP In mode , The active interfaces selected by devices at both ends must be consistent , Otherwise, the link aggregation group cannot be established . At this point, one end can have a higher priority , The other end selects the active interface according to the high priority end . System LACP The smaller the priority value, the higher the priority .

Interface LACP priority

Interface LACP Priority is to distinguish the same Eth-Trunk The different interfaces in are selected as the priority of the active interface , The interface with higher priority will be selected as the active interface first . Interface LACP The lower the priority value , The higher the priority .

Between member interfaces M:N Backup

LACP Mode link aggregation consists of LACP Determine the active and inactive links in the aggregation group , Also known as M:N Pattern , namely M Active link and N Mode of backup link . This mode provides higher link reliability , And you can M Different ways of load balancing are realized in each link .

There are... Between the two equipment M+N Links , When forwarding traffic on an aggregated link, the traffic is transmitted at M The load is shared on the chain , Active link , Not in another N Link forwarding traffic , this N Links provide backup functions , Backup link . At this time, the actual bandwidth of the link is M The sum of links , But the maximum bandwidth that can be provided is M+N The sum of links .

When M When one of the links fails ,LACP From N Find a high priority available link among the backup links to replace the failed link . At this time, the actual bandwidth of the link is still M The sum of links , But the maximum bandwidth available becomes M+N-1 The sum of links .

M：N Backup diagram

This scenario is mainly used to provide users with M Bandwidth of links , At the same time, it is hoped to provide certain fault protection capability . When a link fails , The system can automatically select an available backup link with the highest priority to become an active link .

If an available link cannot be found in the backup link , And the number of currently active links is lower than the configured lower threshold of the number of active interfaces , Then the system will close the aggregation interface .

LACP preemption ：

LACP Preemption is not enabled , After an interface failure that was originally an active interface , Recovery will act as a backup interface ;
LACP Preemption enable , After an interface failure that was originally an active interface , The resumption will renegotiate , As an active interface .
Specific configuration
Manual load sharing mode link aggregation

Divide vlan And enter the interface

SW1 To configure
[SW1]vlan batch 10 20
[SW1]interface GigabitEthernet 0/0/1
[SW1-GigabitEthernet0/0/1]port link-type access
[SW1-GigabitEthernet0/0/1]port default vlan 10    
[SW1]interface GigabitEthernet 0/0/2
[SW1-GigabitEthernet0/0/2]port link-type access
[SW1-GigabitEthernet0/0/2]port default vlan 20

SW2 To configure
[SW2]vlan batch 10 20
[SW2]interface GigabitEthernet 0/0/1
[SW2-GigabitEthernet0/0/1]port link-type access
[SW2-GigabitEthernet0/0/1]port default vlan 10
[SW2]interface GigabitEthernet 0/0/2
[SW2-GigabitEthernet0/0/2]port link-type access
[SW2-GigabitEthernet0/0/2]port default vlan 20
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
Create interfaces Eth-trunk1, And will GE0/0/23 And 24 Ports are added to the aggregation link

SW1:
[SW1]interface Eth-Trunk 1
[SW1-Eth-Trunk1]mode manual load-balance  # The default is manual loading
[SW1-Eth-Trunk1]trunkport GigabitEthernet 0/0/23
[SW1-Eth-Trunk1]trunkport GigabitEthernet 0/0/24
# because Eth-trun1 The interface needs to carry more VLAN, Therefore, it needs to be configured as trunk Pattern ：
[SW1-Eth-Trunk1]PORT link-type trunk 
[SW1-Eth-Trunk1]PORT trunk allow-pass vlan 10 20
SW2：
[SW2]interface Eth-Trunk 1
[SW2-Eth-Trunk1]mode manual load-balance 
[SW2-Eth-Trunk1]trunkport GigabitEthernet 0/0/23
[SW2-Eth-Trunk1]trunkport GigabitEthernet 0/0/24
[SW2-Eth-Trunk1]port link-type trunk 
[SW2-Eth-Trunk1]port trunk allow-pass vlan 10 20

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
View interface information ：

In manual load sharing mode , All interfaces are up

Add ： After creating Eth-trunk After the interface , Member interface （ Physical interface ） Add to the Eth-trunk in , There are two configuration methods , These two configurations have the same effect ：

[SW1]interface Eth-Trunk 1
[SW1-Eth-Trunk1]trunkport GigabitEthernet 0/0/23
[SW1-Eth-Trunk1]trunkport GigabitEthernet 0/0/24
perhaps
[SW1]interface Eth-Trunk 1
[SW1-Eth-Trunk1]quit
[SW1]interface GigabitEthernet 0/0/23
[SW1-GigabitEthernet0/0/23]eth-trunk 1
[SW1]interface GigabitEthernet 0/0/24
[SW1-GigabitEthernet0/0/24]eth-trunk 1
1
2
3
4
5
6
7
8
9
10
static state LACP Mode link aggregation

SW1、SW2 Of GE0/0/22、23 And 24 Mouth to mouth , Bound into Eth-Trunk, Use static LACP Pattern , also 2 Links are active , The other one is the backup link .SW1 by LACP Active end .
SW1 To configure ：

[SW1]interface Eth-Trunk 1
[SW1-Eth-Trunk1]mode lacp-static 
[SW1-Eth-Trunk1]max active-linknumber 2   # Maximum number of active chain paths , Default is 8
[SW1-Eth-Trunk1]trunkport GigabitEthernet 0/0/22
[SW1-Eth-Trunk1]trunkport GigabitEthernet 0/0/23
[SW1-Eth-Trunk1]trunkport GigabitEthernet 0/0/24
[SW1]lacp priority 1            # The system of the equipment LACP The priority is set to 1 
                            # System LACP The smaller the priority value, the higher the priority , Default is 32768.
1
2
3
4
5
6
7
8
SW2 To configure ：

[SW2]interface Eth-Trunk 1
[SW2-Eth-Trunk1]mode lacp-static 
[SW2-Eth-Trunk1]max active-linknumber 2
[SW2-Eth-Trunk1]trunkport GigabitEthernet 0/0/22
[SW2-Eth-Trunk1]trunkport GigabitEthernet 0/0/23
[SW2-Eth-Trunk1]trunkport GigabitEthernet 0/0/24
1
2
3
4
5
6
View interface information ：

Turn off the SW2 Of G0/0/22 Interface

[SW2]interface GigabitEthernet 0/0/22
[SW2-GigabitEthernet0/0/22]shutdown 
1
2

Backup interface to active interface
————————————————
Copyright notice ： This paper is about CSDN Blogger 「GALi_233」 The original article of , follow CC 4.0 BY-SA Copyright agreement , For reprint, please attach the original source link and this statement .
Link to the original text ：https://blog.csdn.net/GALi_233/article/details/111303301

Ethernet port mirroring and link aggregation vlan Technical principle
https://www.docin.com/p-950584342.html
https://blog.csdn.net/GALi_233/article/details/111303301
https://max.book118.com/html/2017/0426/102464364.shtm