Example 16 is an inline bypass solution on GigaVUE-HC2 for an inline tool group with four tools. The inline tool group uses asymmetrical hashing (unlike Example 5: Inline Tool Group (N+1) Redundancy which uses symmetrical hashing). The hashing is based on the source IP address for side A and the destination IP address for side B.
A rule-based map (vlan 200) is configured from the inline network to the inline tool group. Traffic that matches the map rule and has the same source IP on side A and destination IP on side B will be sent to the same inline tool in the inline tool group.
A shared collector is configured from the inline network to bypass. Traffic that does not match the map rule will be sent to the shared collector and bypassed.
Step
Description
Command
- Configure inline network aliases, port type (inline-network), and administratively enable inline network ports.
(config) # port 1/2/x1 alias iN1
(config) # port iN1 type inline-network
(config) # port iN1 params admin enable
(config) # port 1/2/x2 alias iN2
(config) # port iN2 type inline-network
(config) # port iN2 params admin enable
- Configure inline network.
(config) # inline-network alias inNet pair net-a iN1 and net-b iN2
- Configure inline tool ports, port type (inline-tool), and administratively enable inline tool ports.
(config) # port 1/2/x15 alias iT1
(config) # port iT1 type inline-tool
(config) # port iT1 params admin enable
(config) # port 1/2/x16 alias iT2
(config) # port iT2 type inline-tool
(config) # port iT2 params admin enable
(config) # port 1/2/x19 alias iT3
(config) # port iT3 type inline-tool
(config) # port iT3 params admin enable
(config) # port 1/2/x20 alias iT4
(config) # port iT4 type inline-tool
(config) # port iT4 params admin enable
(config) # port 1/2/x21 alias iT5
(config) # port iT5 type inline-tool
(config) # port iT5 params admin enable
(config) # port 1/2/x22 alias iT6
(config) # port iT6 type inline-tool
(config) # port iT6 params admin enable
(config) # port 1/2/x23 alias iT7
(config) # port iT7 type inline-tool
(config) # port iT7 params admin enable
(config) # port 1/2/x24 alias iT8
(config) # port iT8 type inline-tool
(config) # port iT8 params admin enable
- Configure inline tools and enable them.
(config) # inline-tool alias inTool1 pair tool-a iT1 and tool-b iT2
(config) # inline-tool alias inTool2 pair tool-a iT3 and tool-b iT4
(config) # inline-tool alias inTool3 pair tool-a iT5 and tool-b iT6
(config) # inline-tool alias inTool4 pair tool-a iT7 and tool-b iT8
(config) # inline-tool alias inTool1 enable
(config) # inline-tool alias inTool2 enable
(config) # inline-tool alias inTool3 enable
(config) # inline-tool alias inTool4 enable
- Configure inline tool group and parameters. Enable it and then configure failover action.
(config) # inline-tool-group alias inToolGroup
(config inline-tool-group alias inToolGroup) # tool-list inTool1,inTool2,inTool3,inTool4
(config inline-tool-group alias inToolGroup) # hash a-srcip-b-dstip
(config inline-tool-group alias inToolGroup) # minimum-group-healthy-size 4
(config inline-tool-group alias inToolGroup) # enable
(config inline-tool-group alias inToolGroup) # failover-action tool-bypass
(config inline-tool-group alias inToolGroup) # exit
(config) #
- Configure rule-based map, from inline network to inline tool group.
(config) # map alias inNet-to-ITG
(config map alias inNet-to-ITG) # type inline byRule
(config map alias inNet-to-ITG) # from inNet
(config map alias inNet-to-ITG) # to inToolGroup
(config map alias inNet-to-ITG) # rule add pass vlan 200
(config map alias inNet-to-ITG) # exit
(config) #
- Add a shared collector for any unmatched data and send it to bypass.
(config) # map-scollector alias inNet-to-bypass
(config map-scollector alias inNet-to-bypass) # from inNet
(config map-scollector alias inNet-to-bypass) # collector bypass
(config map-scollector alias inNet-to-bypass) # exit
(config) #
- Configure the path of the traffic to inline tool.
(config) # inline-network alias inNet traffic-path to-inline-tool
- Display the configuration for this example.
(config) # show inline-tool-group
(config) # show map
'업무이야기 > 패킷전달플랫폼' 카테고리의 다른 글
| Gigamon Resiliency for Inline Protection (GRIP) (0) | 2021.01.18 |
|---|---|
| Gigamon Maps to Individual Inline Tool Group Members (0) | 2021.01.18 |
| Gigamon OOB Maps Originating from Inline Network Group (0) | 2021.01.18 |
| Gigamon OOB Maps Originating from Inline Network (0) | 2021.01.18 |
| Gigamon Inline Flow Mapping Based Solution D (0) | 2021.01.17 |