Top

Menu

Everflow mirror session Follow

Avatar
kojui_chang 張恪睿
  • Updated

Example:

  1. Everflow
  2. SPAN

Reference model:

  • Switch model name:

- AS7726-32X

- AS7326-56X

- AS7816-64X

- AS5835-54X(T)

- AS4630-54PE

- AS9716-32D

- AS8000(Minipack)

- Wedge100BF-32X

  • Edgecore SONiC version: 

- Edgecore-SONiC_20201123_130028_ec202006_74

- Edgecore-SONiC_20201229_070315_ec202006_101

- Edgecore-SONiC_20201229_070315_ec202006_bfn_65(Wedge100BF-32X)

Restriction:

  • SONiC Everflow is similar to Cisco ERSPAN. 
  • Everflow supports mirror only ingress traffic of source interface.
  • There is no SONiC command for add ACL rules for type MIRROR. (refer to this article)
  • For mirror type, it didn't support IPv6 destination setting on ACL rule.

Reference model:

  • Switch model name:

- AS7726-32X

- AS7326-56X

- AS7816-64X

- AS5835-54X(T)

- AS4630-54PE

- AS9716-32D

- AS8000(Minipack)

- Wedge100BF-32X

  • Edgecore SONiC version: 

- Edgecore-SONiC_20201123_130028_ec202006_74

- Edgecore-SONiC_20201229_070315_ec202006_101

- Edgecore-SONiC_20201229_070315_ec202006_bfn_65(Wedge100BF-32X)

Example 1. Everflow

Procedure :

Step 1. Configure Switch IP address (refer to this article)

i.g 192.168.1.1/24 on Ethernet0

admin@sonic:~$ sudo config interface ip add Ethernet0 192.168.1.1/24

 

Step 2. Create a mirror session to specify source and destination IP address.

This command is used to add or remove mirroring sessions. Mirror session is identified by "session_name".

config mirror_session add [OPTIONS] <session_name> <src_ip> <dst_ip> <dscp> <ttl> [gre_type] [queue]

 Note: session_name, src_ip, dst_ip, dscp, ttl are required for adding a new session.    are_type and queue are optional.
admin@sonic:~$ sudo config mirror_session add ts1_everflow 192.168.1.1 192.168.3.35 63 255

Caution: src_ip is switch IP address. (refer to Step 1. Configure switch IP address)

 

Step 3. Check mirror_session by SONiC commands

admin@sonic:~$ show mirror_session
Name Status SRC IP DST IP GRE DSCP TTL Queue
------------ -------- ----------- ------------ ----- ------ ----- -------
ts1_everflow active 192.168.1.1 192.168.3.35 63 255

 

Step 4. Save above settings to /etc/sonic/config_db.json, since we will edit /etc/sonic/config_db.json on the following steps. 

admin@sonic:~$ sudo config save -y

 

Step 5. Create ACL table and rules for traffic classification. (How to add ACL table and rules? Please refer to this article)

admin@sonic:/etc/sonic$ sudo vi config_db.json
{
    omitted...
    "ACL_TABLE": {
        "ACL_Mirror": {
            "policy_desc": "mirror",
            "type": "MIRROR",
            "stage": "ingress",
            "ports": ["Ethernet1"]
        }
    },
    "ACL_RULE": {
        "ACL_Mirror|ACE_Mirror": {
            "PRIORITY": "55",
            "IP_TYPE": "ipv4any",
            "MIRROR_ACTION": "ts1_everflow"
        }
    },
    omitted...
}
 

Note:

  • The value of ACL type must be MIRROR
  • The value of MIRROR_ACTION is the name of mirror session

 

Steps 6. Reload config or Reboot the switch

admin@sonic:~$ sudo config reload -y

 

Step 7. Check ACL table and rules

admin@sonic:~$ show acl table
Name Type Binding Description
---------- ------ --------- -------------
ACL_Mirror MIRROR Ethernet1 mirror
admin@sonic:~$ show acl rule
Table Rule Priority Action Match
---------- ---------- ---------- -------------------- ----------------
ACL_Mirror ACE_Mirror 55 MIRROR: ts1_everflow IP_TYPE: ipv4any

Caution:  Have to make sure IP connectivity works properly between the switch and remote server. Otherwise, 

 

Steps 8. Check the arp of monitor server is learned on arp table.

admin@sonic:~$ show arp
Address MacAddress Iface Vlan
------------ ----------------- ---------- ------
192.168.3.35 8c:ea:1b:30:da:4a Ethernet16 -
Total number of entries 1

Caution: Before switch learn the arp of monitor device to arp table, the ERSPAN won't work.

 

ACL Table example: Classify LLDP(0x88CC) and LACP(0x8809) packets

"ETHER_TYPE": "0x88cc" for LLDP

"ETHER_TYPE": "0x8809" for LACP

/etc/sonic/config_db.json

{
    omitted...
    "ACL_TABLE": {
        "ACL_Mirror": {
            "policy_desc": "mirror",
            "type": "MIRROR",
            "stage": "ingress",
            "ports": ["Ethernet8"]
        }
    },
    "ACL_RULE": {
        "ACL_Mirror|ACE_Mirror1": {
            "PRIORITY": "55",
            "ETHER_TYPE": "0x88cc",
            "MIRROR_ACTION": "ts1_everflow"
        },
        "ACL_Mirror|ACE_Mirror2": {
            "PRIORITY": "54",
            "ETHER_TYPE": "0x8809",
            "MIRROR_ACTION": "ts1_everflow"
        }, 
    },
    omitted...
}

Example 2. SPAN

Topology:

mceclip0.png

Procedure :

Step 1. Setup environment as topology.

Switch1

admin@Switch1:~$ sudo config vlan add 10
admin@Switch1:~$ sudo config vlan add 100
admin@Switch1:~$ sudo config vlan member add -u 10 Ethernet56
admin@Switch1:~$ sudo config vlan member add -u 100 Ethernet0
admin@Switch1:~$ sudo config interface ip add Vlan10 10.1.0.2/31
admin@Switch1:~$ sudo config interface ip add Vlan100 192.168.100.1/24

Switch2

admin@Switch2:~$ sudo config vlan add 10
admin@Switch2:~$ sudo config vlan add 200
admin@Switch2:~$ sudo config vlan member add -u 10 Ethernet56
admin@Switch2:~$ sudo config vlan member add -u 200 Ethernet0
admin@Switch2:~$ sudo config interface ip add Vlan10 10.1.0.3/31
admin@Switch2:~$ sudo config interface ip add Vlan200 192.168.200.1/24

Step 2. Setup the routing by BGP

Switch1

sonic# configure
sonic(config)# router-id 1.1.1.1
sonic(config-router)# router bgp 65100
sonic(config-router)# neighbor Vlan10 interface remote-as 65100
sonic(config-router)# address-family ipv4 unicast
sonic(config-router-af)# redistribute connected

Switch2

sonic# configure
sonic(config)# router-id 4.4.4.4
sonic(config-router)# router bgp 65100
sonic(config-router)# neighbor Vlan10 interface remote-as 65100
sonic(config-router)# address-family ipv4 unicast
sonic(config-router-af)# redistribute connected

Step 3. Create a SPAN session to monitor Ethernet56 to Ethernet3 on Switch1

Switch1

admin@Switch1:~$ sudo config mirror_session span add span1 Ethernet3 Ethernet56

Caution: The source port for SPAN can be trunk port or router port. The destination port won't be trunk port or router port.

Step 4. Keep ping from Host1 to Host2 and captured packets on Ethernet3

Caution: For mirror traffic, the egress traffic will always bring tagged to notice which vlan send out.

Related articles

Comments

0 comments

Please sign in to leave a comment.

Articles in this section

See more