Skip to content
AsterNOS Logo AsterNOS

Network Management And Monitoring

Mirror Configuration

Section titled “Mirror Configuration”

show mirror

Section titled “show mirror”

[Command]

show mirror

[Purpose]

Show configuration related to mirror

[View]

System view

[Use Cases]

sonic# show mirror session
+----------------+--------------------+---------------+--------+-------------+
| Session Name | Destination Port | Source Port | Type | Direction |
+================+====================+===============+========+=============+
| 1 | Ethernet1 | Ethernet2 | SPAN | BOTH |
+----------------+--------------------+---------------+--------+-------------+

mirror session name

Section titled “mirror session name”

[Command]

mirror session id span [direction {rx|tx|both}] {src-ethernet|src-vlan} port-name {dst-ethernet} port-name

no mirror session id span

[Purpose]

Create a mirror session or add port to the mirror session

[Parameter]

id mirror session ID, value range: 1-6

interface-name Interface name, support VLAN interface and Ethernet interface

direction {rx|tx|both} Direction of traffic to be mirrored rx is the entry direction

tx is the outgoing direction

both is mirror in both directions

{src-ethernet|src-vlan} The interface on which traffic needs to be mirrored

{dst-ethernet} The destination interface for mirrored traffic

[View]

System configuration view

[Use Cases]

sonic# configure
sonic(config)# mirror session 1 span direction both src-ethernet 2 dst-ethernet 3

mirror session id erspan

Section titled “mirror session id erspan”

[Command]

mirror session id erspan [direction {rx|tx|both}] {src-ethernet} port-name gre-src-ip A.B.C.D/A::B gre-dst-ip A.B.C.D/A::B [gre-vrf vrf-name]

no mirror session id erspan

[Purpose]

Create a remote mirroring session and add the source and destination addresses for GRE encapsulation

[Parameter]

id Mirror session ID, valid range: 1-6.

direction {rx|tx|both} Traffic direction to be mirrored.

rx Inbound direction.

tx Outbound direction.

{src-ethernet} Interface to be mirrored.

gre-src-ip Source IP for GRE encapsulation

gre-dst-ip Destination IP for GRE encapsulation

vrf-name VRF for GRE encapsulation, with the default VRF set to “default”

[View]

System view

[Usage Scenario]

ERSPAN is a Layer 3 remote mirroring technology that duplicates packets from specified ports. It sends the duplicated packets to a remote data monitoring device through a GRE tunnel, allowing users to analyze these packets using the monitoring device for network monitoring and troubleshooting.

[Notes]

To configure encapsulation parameters for Layer 3 remote mirroring, you only need to specify the mirror source and destination port on the source device. Additionally, all devices must have a unicast routing protocol configured, ensuring a seamless Layer 3 network between the devices.It should be noted that ERSPAN needs to be configured after the destination IP actually takes effect. For example, if the destination IP corresponds to a static ARP, then the static ARP needs to be configured first before configuring the ERSPAN function.

[Use Cases]

sonic# configure
sonic(config)# mirror session 1 erspan direction rx src-ethernet 3 gre-src-ip 10.1.1.1 gre-dst-ip 30.1.1.2

SNMP Configuration

Section titled “SNMP Configuration”

show snmp-agent trap-target

Section titled “show snmp-agent trap-target”

[Command]

show snmp-agent trap-target

[Purpose]

Display SNMP trap server configuration

[View]

System view

[Use Cases]

sonic# show snmp-agent trap-target
Version TrapReceiverIP Port VRF Community User
--------- ---------------- ------ ----- ----------- ------
2 1.1.1.1 162 None testa -

show snmp-agent source

Section titled “show snmp-agent source”

[Command]

show snmp-agent source

[Purpose]

Display the SNMP source address and port configuration

[View]

System view

[Use Cases]

sonic# show snmp-agent source
ListenIP ListenPort ListenVrf
---------- ------------ -----------
30.11.0.82

show snmp-agent user

Section titled “show snmp-agent user”

[Command]

show snmp-agent user

[Purpose]

Display SNMPv3 user configuration

[View]

System view

[Use Cases]

sonic# show snmp-agent user
User Type AuthType EncryptionType
------ ------------ ---------- ----------------
test noAuthNoPriv

show snmp-agent threshold

Section titled “show snmp-agent threshold”

[Command]

show snmp-agent threshold

[Purpose]

Display SNMP alarm threshold configuration

[View]

System view

[Use Cases]

sonic# show snmp-agent threshold
Threshold-Type Threshold-Value
---------------- -----------------
cpu-usage 80%
memory-usage 80%

snmp-agent enable

Section titled “snmp-agent enable”

[Command]

snmp-agent enable

no snmp-agent enable

[Purpose]

Enable SNMP function

[View]

System configure view

[Use Cases]

sonic(config)# snmp-agent enable

snmp-agent community community_name {RO|RW}

Section titled “snmp-agent community community_name {RO|RW}”

[Command]

snmp-agent community community_name {RO|RW}

no snme-agent community community_name

[Purpose]

Add SNMP community

[Parameter]

community_name community name

[View]

System configuration view

[Usage Scenario]

The community name like a password, and devices within the community use this name for authentication during communication. Only devices with the same configured community name can access each other.

By default, the community name is set to public.

[Use Cases]

sonic(config)# snmp-agent community snmptest RW

snmp-agent user name

Section titled “snmp-agent user name”

[Command]

snmp-agent user name AuthNoPriv {RO|RW} {MD5|SHA} password

snmp-agent user name Priv {RO|RW} {MD5|SHA} password {DES|AES} password

snmp-agent user name noAuthNoPriv {RO|RW}

no snmp-agent user name

[Purpose]

Create SNMPv3 users

[Parameter]

name User name

AuthNoPriv Specify the security level as requiring authentication, and specify the authentication method as: MD5/SHA

noAuthNoPriv Specify the security level as no authentication required

Priv Specify the security level as encryption

{RW|RO} Specify the user rights

{DES|AES} Specify the encryption algorithm

[View]

System configuration view

[Usage Scenario]

SNMPv3 provides encryption and authentication mechanisms to safeguard the management information of network devices from unauthorized access. Therefore, in high-security network environments, using SNMPv3 can better protect the security of network devices.

[Use Cases]

sonic(config)# snmp-agent user user3 priv md5 12345678 des 87654321
sonic(config)# snmp-agent user user4 noauthnopriv
sonic(config)# snmp-agent user user5 authnopriv md5 12345678

snmp-agent trap-target threshold system-usage

Section titled “snmp-agent trap-target threshold system-usage”

[Command]

snmp-agent trap-target threshold system-usage {cpu-usage|memory-usage} value

snmp-agent trap-target threshold reset system-usage

[Purpose]

Enable specific utilization alarm switch

[Parameter]

cpu-usage CPU utilization

memory-usage Memory Utilization

value Alarm Threshold

[View]

System configuration view

[Use Cases]

sonic(config)# snmp-agent trap-target threshold system-usage memory-usage 70

snmp-agent trap-target {1|2|3}

Section titled “snmp-agent trap-target {1|2|3}”

[Command]

snmp-agent trap-target {1|2|3} address [udp-port portnum] [vrf vrfname] [community community_name]

no snmp-agent trap-target {1|2|3}

[Purpose]

Configure the server for agent trap

[Parameter]

address IP address

portnum Port number, default 162

vrfname vrf name

name agent community

[View]

System configuration view

[Usage Scenario]

Devices send alarm messages that can be uploaded to a trap server using the trap command. In this case, the SNMP trap server needs to be configured. However, the reliability of trap messages is lower because the sender cannot confirm whether the trap message has been received, as the recipient does not send acknowledgment messages.

[Use Cases]

sonic# configure terminal
sonic(config)# snmp-agent trap-target 1 10.250.0.221
sonic(config)# snmp-agent trap-target 2 10.250.0.221 udp-port 163 community comm1

snmp-agent source A.B.C.D/A::B|Loopback [udp-port portnum] [vrf vrfname]

Section titled “snmp-agent source A.B.C.D/A::B|Loopback [udp-port portnum] [vrf vrfname]”

[Command]

snmp-agent source A.B.C.D/A::B|Loopback [udp-port portnum] [vrf vrfname]

[Purpose]

Configure the source IP address of the device to send SNMP protocol packets

[Parameter]

A.B.C.D/A::B IP address

Interface_name interface name ,can only be configured as Loopback0

Loopback Loopback

portnum The port number, default is 161

vrfname vrf name

[View]

System configuration view

[Use Cases]

sonic# configure terminal
sonic(config)# snmp-agent source 10.250.0.221

Syslog Configuration

Section titled “Syslog Configuration”

syslog source-interface

Section titled “syslog source-interface”

[Command]

syslog source-interface {etherent|loopback} interface-name

no syslog source-interface

[Purpose]

Configure the source interface for the device to send syslog packets

[Parameter]

{etherent|loopback} <interface-name> Specify the source as a service interface or a specific Loopback port

[View]

System configuration view

[Use Cases]

sonic(config)# syslog source-interface loopback 0
Syslog source interface set to Loopback0
Restarting rsyslog-config service...
sonic(config)#

syslog ip-address

Section titled “syslog ip-address”

[Command]

syslog ip-address

no syslog ip-address

[Purpose]

Specify the syslog server

[Parameter]

ip-address IPv4 or IPv6 address

[View]

System configuration view

[Usage Scenario]

Syslog can be used to log messages locally in files or sent over the network to a syslog server. The syslog server can centrally store syslog messages from multiple devices.

[Use Cases]

sonic(config)# syslog 10.1.1.10

IPFIX Configuration

Section titled “IPFIX Configuration”

show ipfix exporter

Section titled “show ipfix exporter”

[Command]

show ipfix exporter

[Purpose]

View ipfix exporter configuration

[View]

System view

[Use Cases]

sonic# show ipfix exporter
+------------+------------------+-------------+-------------+--------------------+---------------+---------+------------+---------------------+
| Exporter | Destination IP | Source IP | Domain_id | Destination Port | Source Port | VRF | Path MTU | Template Interval |
+============+==================+=============+=============+====================+===============+=========+============+=====================+
| test | 192.85.3.100 | 1.1.1.1 | 10 | 4739 | 4739 | default | 1000 | 60 |
+------------+------------------+-------------+-------------+--------------------+---------------+---------+------------+---------------------+

show ipfix monitor

Section titled “show ipfix monitor”

[Command]

show ipfix monitor

[Purpose]

View ipfix monitor configuration

[View]

System view

[Use Cases]

sonic# show ipfix monitor
+----------------+------------+----------+---------------+----------------+
| Monitor name | Exporter | Record | Active Time | Passive Time |
+================+============+==========+===============+================+
| test | test | l2 | 15 | 30 |
+----------------+------------+----------+---------------+----------------+

show ipfix port-map

Section titled “show ipfix port-map”

[Command]

show ipfix port-map

[Purpose]

View ipfix port configuration

[View]

System view

[Use Cases]

sonic# show ipfix port-map
+-------------+-----------+--------+-------------+
| Interface | Monitor | Mode | Direction |
+=============+===========+========+=============+
| Ethernet16 | test | l2 | both |
+-------------+-----------+--------+-------------+

ipfix exporter name

Section titled “ipfix exporter name”

[Command]

ipfix exporter name

[Purpose]

Create ipfix exporter

[View]

System configuration view

[Notes]

Only one exporter can be configured globally

[Use Cases]

sonic# ipfix exporter test

dip A.B.C.D

Section titled “dip A.B.C.D”

[Command]

dip A.B.C.D

[Purpose]

Configure destination ip of the ipfix packet

[View]

ipfix exporter view

[Use Cases]

sonic(config-ipfix-exporter-test)# dip 1.1.1.1

domain_id id

Section titled “domain_id id”

[Command]

domain_id id

[Purpose]

Configure domain_id of ipfix packets

[View]

ipfix exporter view

[Parameter]

id Value range: 1~2147483647

[Use Cases]

sonic(config-ipfix-exporter-test)# domain_id 10

dport value

Section titled “dport value”

[Command]

dport value

[Purpose]

Configure the destination port of ipfix packets

[View]

ipfix exporter view

[Use Cases]

sonic(config-ipfix-exporter-test)# dport 2000

path_mtu value

Section titled “path_mtu value”

[Command]

path_mtu value

[Purpose]

Configure MTU of ipfix packets

[View]

ipfix exporter view

[Parameter]

value Value range: 68~1450

[Use Cases]

sonic(config-ipfix-exporter-test)# path_mtu 1000

sip A.B.C.D

Section titled “sip A.B.C.D”

[Command]

sip A.B.C.D

[Purpose]

Configure the source ip of ipfix packets

[View]

ipfix exporter view

[Use Cases]

sonic(config-ipfix-exporter-test)# sip 1.1.1.1

sport value

Section titled “sport value”

[Command]

sport value

[Purpose]

Configure the source port of ipfix packets

[View]

ipfix exporter view

[Use Cases]

sonic(config-ipfix-exporter-test)# sport 2000

template_interval value

Section titled “template_interval value”

[Command]

template_interval value

[Purpose]

Configure the transmission interval for ipfix template packets

[View]

ipfix exporter view

[Parameter]

value Value range: 1~3600, unit s

[Use Cases]

sonic(config-ipfix-exporter-test)# template_interval 60

vrf name

Section titled “vrf name”

[Command]

vrf name

[Purpose]

Configure the vrf of ipfix packet output port

[View]

ipfix exporter view

[Parameter]

name name of vrf

[Use Cases]

sonic(config-ipfix-exporter-test)# vrf 123

ipfix monitor-map name

Section titled “ipfix monitor-map name”

[Command]

ipfix monitor-map name

[Purpose]

Create ipfix monitor-map

[View]

System configuration view

[Use Cases]

sonic(config)# ipfix monitor-map test

exporter name

Section titled “exporter name”

[Command]

exporter name

[Purpose]

Bind exporter to monitor

[View]

ipfix monitor view

[Parameter]

name name of exporter

[Use Cases]

sonic(config-ipfix-monitor-map-test)# exporter test

record {l2|l3|l4|all}

Section titled “record {l2|l3|l4|all}”

[Command]

record {l2|l3|l4|all}

[Purpose]

Set the depth of analyzed messages

[View]

ipfix monitor view

[Parameter]

l2 Parses the l2 layer of the message

l3 Parses the l3 layer of the message

l4 Parses the l4 layer of the message

all Parses the l2,l3,l4 layer of the message

[Use Cases]

sonic(config-ipfix-monitor-map-test)# record all

timeout_active value

Section titled “timeout_active value”

[Command]

timeout_active value

[Purpose]

Set the active time of a session stream

[View]

ipfix monitor view

[Parameter]

value Value range: 1~3600, unit s

[Usage Scenario]

When the input time of two messages in a stream exceeds the active time, the message information of this stream recorded during this time will be output immediately.

[Use Cases]

sonic(config-ipfix-monitor-map-test)# timeout_active 60

timeout_passive value

Section titled “timeout_passive value”

[Command]

timeout_passive value

[Purpose]

Set the timeout for session flow.

[View]

ipfix monitor view

[Parameter]

value value range: 1~3600, unit s

[Usage Scenario]

Start counting from the first packet input to the device in a flow, if there is no second packet input within the timeout_passive configured time, the device will force to send out the statistics of this flow.

[Use Cases]

sonic(config-ipfix-monitor-map-test)# timeout_passive 120

ipfix monitor name {ip4|ip6|l2} {both|rx|tx}

Section titled “ipfix monitor name {ip4|ip6|l2} {both|rx|tx}”

[Command]

ipfix monitor name {ip4|ip6|l2} {both|rx|tx}

[Purpose]

Set the monitor interface.

[View]

Interface configure view

[Parameter]

name Name of monitor-map

ip4|ip6|l2 Collection point, matching collection message type

both|rx|tx Collection direction

[Use Cases]

sonic(config-if-16)# ipfix monitor test l2 both