본문 바로가기

업무이야기/패킷전달플랫폼

Gigamon Inline Network Group (Many-to-Many)

by 쫑콩아빠 2021. 1. 17.
728x90

Example 9 is an inline bypass solution on GigaVUE-HC2 for an inline network group. Example 9 expands upon Example 8 by adding a second inline tool. The inline networks are a mix of unprotected and protected.

In addition, user-defined VLAN tags are added in Example 9 to guide traffic from the multiple inline networks in the inline network group.

On GigaVUE-HC3, unprotected inline bypass can be configured on any module on the node. Protected inline bypass can be configured on the bypass combo module on ports c1..c4.

On GigaVUE-HC1, unprotected inline bypass can be configured on the base module, with the inline networks and inline tools on ports 1/1/x1..x12 and 1/1/g1..g4, or on the bypass combo module on ports x1..x4. Protected inline bypass can be configured on the bypass combo module, or on the TAP-HC1-G10040 module placed in either bay 2 or bay 3, so the ports will be 1/2/g1..g8 or 1/3/g1..g8. On the TAP module, you will need to configure inline network ports and the inline network because they are not created automatically (as they are on bypass combo modules).

Step

Description

Command

  1. Configure inline network aliases, port type (inline-network), and administratively enable inline network ports.

(config) # port 7/2/x1 alias iN1
(config) # port iN1 type inline-network
(config) # port iN1 params admin enable

(config) # port 7/2/x20 alias iN2
(config) # port iN2 type inline-network
(config) # port iN2 params admin enable

  1. Configure inline network.

(config) # inline-network alias inNet pair net-a iN1 and net-b iN2

  1. Configure an inline network group consisting of a single unprotected inline network and two protected inline networks.

(config) # inline-network-group alias inNetGroup
(config inline-network-group alias inNetGroup) # network-list inNet,default_inline_net_7_2_1,default_inline_net_7_2_3
(config inline-network-group alias inNetGroup) # exit
(config) #

  1. (Optional) Configure user-defined VLAN tags.

Note: The net-a and net-b ports can have the same VLAN tag, but tags must otherwise be unique within the inline network group.

(config) # port 7/2/x1 ingress-vlan-tag 1201
(config) # port 7/2/x20 ingress-vlan-tag 1202
(config) # port 7/2/x17 ingress-vlan-tag 1203
(config) # port 7/2/x18 ingress-vlan-tag 1203

  1. Configure inline tool ports, port type (inline-tool), and administratively enable inline tool ports.

(config) # port 7/2/x3 alias iT1
(config) # port iT1 type inline-tool
(config) # port iT1 params admin enable

(config) # port 7/2/x4 alias iT2
(config) # port iT2 type inline-tool
(config) # port iT2 params admin enable

(config) # port 7/2/x9 alias iT3
(config) # port iT3 type inline-tool
(config) # port iT3 params admin enable

(config) # port 7/2/x10 alias iT4
(config) # port iT4 type inline-tool
(config) # port iT4 params admin enable

  1. Configure inline tools and enable them. Also, specify that inline tools are going to be shared by different sources. When shared is enabled (true), the inline tools can receive traffic from multiple sources (the inline networks in the inline network group).

(config) # inline-tool alias inTool1 pair tool-a iT1 and tool-b iT2
(config) # inline-tool alias inTool2 pair tool-a iT3 and tool-b iT4

(config) # inline-tool alias inTool1 enable
(config) # inline-tool alias inTool2 enable

(config) # inline-tool alias inTool1 shared true
(config) # inline-tool alias inTool2 shared true

  1. Configure inline tool group and enable it.

(config) # inline-tool-group alias inToolGroup tool-list inTool1,inTool2
(config) # inline-tool-group alias inToolGroup enable

  1. Configure map passall, from inline network to inline tool group.

(config) # map-passall alias inMap
(config map-passall alias inMap) # from inNet
(config map-passall alias inMap) # to inToolGroup
(config map-passall alias inMap) # exit
(config) #

  1. Configure the path of the traffic to inline tool.

(config) # inline-network alias inNet traffic-path to-inline-tool
(config) # inline-network alias default_inline_net_7_2_1 traffic-path to-inline-tool
(config) # inline-network alias default_inline_net_7_2_3 traffic-path to-inline-tool

  1. Disable physical bypass on the default inline network aliases.

(config) # inline-network alias default_inline_net_7_2_1 physical-bypass disable
(config) # inline-network alias default_inline_net_7_2_3 physical-bypass disable

  1. Display the configuration for this example.

(config) # show inline-network-group
(config) # show ingress-vlan-tag
(config) # show inline-tool-group

 

728x90