sda_1 Posted June 17, 2018 (edited) · Report post Добрый день. при настройке MIRRORING на SNR возника проблема с тем, что при мирроринге TX направления в vlan нет трафика. При этом с RX всё нормально. sh version SoftWare Version 7.0.3.5(R0241.0085) BootRom Version 7.2.25 HardWare Version 1.0.2 vlan 5 name SNR_MIRROR Interface Ethernet1/0/1 description "## UPSTREAM ##" switchport access vlan 43 Interface Ethernet1/0/17 description ## RASPBERRY PI3 ## switchport mode trunk switchport trunk allowed vlan 5;555 switchport trunk native vlan 43 monitor session 1 source interface Ethernet1/0/1 tx monitor session 1 destination interface Ethernet1/0/17 monitor session 1 remote vlan 5 Tx трафик на интерфейсе E1/0/1 есть **** sh interface e1/0/1 Interface brief: Ethernet1/0/1 is up, line protocol is up Ethernet1/0/1 is layer 2 port, alias name is "## UPSTREAM ##", index is 1 Hardware is Gigabit-TX, address is f8-f0-82-75-e9-b0 PVID is 43 MTU 1500 bytes, BW 100000 Kbit Time since last status change:0w-0d-0h-23m-26s (1406 seconds) Encapsulation ARPA, Loopback not set Auto-duplex: Negotiation full-duplex, Auto-speed: Negotiation 100M bits FlowControl is off, MDI type is auto Statistics: 5 minute input rate 4076121 bits/sec, 490 packets/sec 5 minute output rate 530122 bits/sec, 635 packets/sec The last 5 second input rate 1706016 bits/sec, 129 packets/sec The last 5 second output rate 273438 bits/sec, 126 packets/sec **** Но в дампе на устройстве - только переиодически проскакивающие ARP запросы tcpdump -npi eth0.5 tcpdump: verbose output suppressed, use -v or -vv for full protocol decode listening on eth0.5, link-type EN10MB (Ethernet), capture size 262144 bytes 12:49:08.978352 IP 10.30.23.133.17500 > 10.30.23.143.17500: UDP, length 167 12:49:37.469808 IP 10.30.23.130.5353 > 224.0.0.251.5353: 0 [4q] [1au] PTR (QU)? _homekit._tcp.local. PTR (QU)? _raop._tcp.local. PTR (QU)? _airplay._tcp.local. PTR (QU)? _sleep-proxy._udp.local. (117) 12:49:37.484561 IP6 fe80::8f3:690a:cf78:46b1.5353 > ff02::fb.5353: 0 [4q] [1au] PTR (QU)? _homekit._tcp.local. PTR (QU)? _raop._tcp.local. PTR (QU)? _airplay._tcp.local. PTR (QU)? _sleep-proxy._udp.local. (117) 12:49:38.289479 IP 10.30.23.130 > 224.0.0.251: igmp v2 report 224.0.0.251 12:49:38.474804 ARP, Request who-has 10.30.23.131 tell 10.30.23.131, length 50 12:49:38.475497 ARP, Request who-has 10.30.23.131 (ff:ff:ff:ff:ff:ff) tell 10.30.23.140, length 46 12:49:38.481795 IP 10.30.23.130.5353 > 224.0.0.251.5353: 0 [4q] [1au] PTR (QM)? _homekit._tcp.local. PTR (QM)? _raop._tcp.local. PTR (QM)? _airplay._tcp.local. PTR (QM)? _sleep-proxy._udp.local. (117) 12:49:38.482391 IP6 fe80::8f3:690a:cf78:46b1.5353 > ff02::fb.5353: 0 [4q] [1au] PTR (QM)? _homekit._tcp.local. PTR (QM)? _raop._tcp.local. PTR (QM)? _airplay._tcp.local. PTR (QM)? _sleep-proxy._udp.local. (117) 12:49:39.039575 IP 10.30.23.133.17500 > 10.30.23.143.17500: UDP, length 167 12:49:39.475767 ARP, Request who-has 10.30.23.131 tell 10.30.23.131, length 50 12:49:39.476399 ARP, Request who-has 10.30.23.131 (ff:ff:ff:ff:ff:ff) tell 10.30.23.140, length 46 При этом если добавляю (config)#monitor session 1 source interface Ethernet1/0/1 rx то в дампе трафик появляется tcpdump -npi eth0.5 tcpdump: verbose output suppressed, use -v or -vv for full protocol decode listening on eth0.5, link-type EN10MB (Ethernet), capture size 262144 bytes 12:53:51.662602 IP 31.13.81.32.443 > 10.30.23.139.44236: Flags [P.], seq 2059023215:2059023253, ack 2971579541, win 114, options [nop,nop,TS val 3173380672 ecr 2448491651], length 38 12:53:51.663545 IP 31.13.81.32.443 > 10.30.23.139.44236: Flags [P.], seq 38:80, ack 1, win 114, options [nop,nop,TS val 3173380672 ecr 2448491651], length 42 12:53:51.751544 IP 91.231.219.151.1194 > 10.30.23.139.43924: UDP, length 101 12:53:51.761683 IP 91.231.219.151.1194 > 10.30.23.139.43924: UDP, length 101 12:53:51.811092 IP 31.13.81.32.443 > 10.30.23.139.44236: Flags [.], seq 80:1478, ack 1, win 114, options [nop,nop,TS val 3173380819 ecr 2448491688], length 1398 12:53:51.811367 IP 31.13.81.32.443 > 10.30.23.139.44236: Flags [.], seq 1478:2876, ack 1, win 114, options [nop,nop,TS val 3173380819 ecr 2448491688], length 1398 12:53:51.811615 IP 31.13.81.32.443 > 10.30.23.139.44236: Flags [.], seq 2876:4274, ack 1, win 114, options [nop,nop,TS val 3173380819 ecr 2448491688], length 1398 12:53:51.811839 IP 31.13.81.32.443 > 10.30.23.139.44236: Flags [.], seq 4274:5672, ack 1, win 114, options [nop,nop,TS val 3173380819 ecr 2448491688], length 1398 Нужна какая то дополнительная настройка? Заранее спасибо за помощь. Edited June 17, 2018 by sda_1 Вставить ник Quote Ответить с цитированием Share this post Link to post Share on other sites More sharing options...
Victor Tkachenko Posted June 19, 2018 · Report post @sda_1, добрый! По всей видимости речь о коммутаторе серий S2965 или S2985G, мирроринг TX на них работает. Обновите ПО коммутатора, архивы с образами рекомендованных версий можете загрузить здесь: S2965 или S2985G Вставить ник Quote Ответить с цитированием Share this post Link to post Share on other sites More sharing options...
sda_1 Posted June 19, 2018 (edited) · Report post 2 часа назад, Victor Tkachenko сказал: @sda_1, добрый! По всей видимости речь о коммутаторе серий S2965 или S2985G, мирроринг TX на них работает. Обновите ПО коммутатора, архивы с образами рекомендованных версий можете загрузить здесь: S2965 или S2985G Софт обновил, но картина не поменялась tcpdump -npi eth0.5 tcpdump: verbose output suppressed, use -v or -vv for full protocol decode listening on eth0.5, link-type EN10MB (Ethernet), capture size 262144 bytes 18:25:54.851976 IP 10.30.23.133.137 > 10.30.23.143.137: NBT UDP PACKET(137): QUERY; REQUEST; BROADCAST 18:25:54.852738 IP 10.30.23.133.57012 > 224.0.0.252.5355: UDP, length 22 18:25:54.853381 IP 10.30.23.133.59151 > 224.0.0.252.5355: UDP, length 22 18:25:55.262392 IP 10.30.23.133.57012 > 224.0.0.252.5355: UDP, length 22 18:25:55.263198 IP 10.30.23.133.59151 > 224.0.0.252.5355: UDP, length 22 18:25:55.601989 IP 10.30.23.133.137 > 10.30.23.143.137: NBT UDP PACKET(137): QUERY; REQUEST; BROADCAST 18:25:56.351990 IP 10.30.23.133.137 > 10.30.23.143.137: NBT UDP PACKET(137): QUERY; REQUEST; BROADCAST 18:26:13.847265 IP 10.30.23.133.17500 > 255.255.255.255.17500: UDP, length 168 18:26:13.854255 IP 10.30.23.133.17500 > 255.255.255.255.17500: UDP, length 168 18:26:13.854405 IP 10.30.23.133.17500 > 10.30.23.143.17500: UDP, length 168 18:26:13.855158 IP 10.30.23.133.17500 > 255.255.255.255.17500: UDP, length 168 SNR#sh version SNR-S2985G-24T Device, Compiled on Jun 06 20:16:59 2018 sysLocation Building 57/2,Predelnaya st, Ekaterinburg, Russia CPU Mac f8:f0:82:75:e9:b0 Vlan MAC f8:f0:82:75:e9:af SoftWare Version 7.0.3.5(R0241.0258) BootRom Version 7.2.33 HardWare Version 1.0.2 CPLD Version N/A Serial No.:SW067210GB21000366 Copyright (C) 2018 NAG LLC All rights reserved Last reboot is warm reset. Uptime is 0 weeks, 0 days, 0 hours, 1 minutes monitor session 1 source interface Ethernet1/0/1 tx monitor session 1 destination interface Ethernet1/0/17 monitor session 1 remote vlan 5 Edited June 19, 2018 by sda_1 Вставить ник Quote Ответить с цитированием Share this post Link to post Share on other sites More sharing options...
Victor Tkachenko Posted June 20, 2018 · Report post @sda_1, создайте обращение в support. К обращению отдельными файлами приложите полный вывод `sh ven`, `sh tech` и дамп трафика, который зеркалируется. Вставить ник Quote Ответить с цитированием Share this post Link to post Share on other sites More sharing options...
sda_1 Posted July 3, 2018 (edited) · Report post проблема была в самом tcpdump, а именно ключе -p, который не переводил интерфейс в режим приема всех пакетов (promiscuous mode). tcpdump -ni eth0.5 host 85.112.113.90 -c 20 tcpdump: verbose output suppressed, use -v or -vv for full protocol decode listening on eth0.5, link-type EN10MB (Ethernet), capture size 262144 bytes 20:35:06.645762 IP 10.30.23.135.4642 > 85.112.113.90.443: Flags [S], seq 3730807690, win 64240, options [mss 1460,nop,wscale 8,nop,nop,sackOK], length 0 20:35:06.671513 IP 10.30.23.135.4642 > 85.112.113.90.443: Flags [.], ack 3804666398, win 256, length 0 20:35:06.675108 IP 10.30.23.135.4642 > 85.112.113.90.443: Flags [P.], seq 0:517, ack 1, win 256, length 517 Edited July 3, 2018 by sda_1 Вставить ник Quote Ответить с цитированием Share this post Link to post Share on other sites More sharing options...