Dec 212014
 

That. Was. Easy.

These are the three words that a fancy button says whenever I press it. That button was gifted by an ex-colleague of mine and it says it all! Once you did it, that was easy 🙂

Exactly when you try to configure a remote port monitoring on an HP v1910 switch. Once upon a time (and I’m really speaking about 20 years ago) a company called 3Com had a slogan saying “the network that go the distance” Then they have been bought approx 4 years ago by HP, but that philosophy remained. A philosophy which says that it does not matter if you have a small switch, but the features you need must be there. Maybe a bit hidden… maybe only from CLI.

It happens that some good 3Com switched were rebranded HP around the second half 2010. All those switches, under the name of the v1910 series, are lifetime warranted!!! If you do not believe it, just click here and insert your switch serial number.

But beside the good policies, I’ve decided to write this nice post since today I reached the nirvana of my home network: two HP 1910v switches, respectively 16 and 24 ports, configured for remote port monitoring.

That is, traffic happening on port gigabit 1/0/8 of my master switch to be mirrored on port gigabit 1/0/24 of my second switch. The two switches are connected through a cat6 UTP ethernet cable going from port gigabit 1/0/2 of the master switch to the port gigabit 1/0/1 of the scone switch, according to the picture below:

net.001 To recap, the ports involved are:

Port 1/0/8 of the main switch ==> traffic of interest

Port 1/0/2 of the main switch ==> interconnection port with second switch

Port 1/0/1 of the second switch ==> interconnection port with main switch

Port 1/0/24 of the second switch ==> where mirrored traffic is sniffed by a Linux box

The HP v1910 switch uses a specific CLI interface, comware5.

This interface requires a specific command to be enable for a longer list of commands (once you have enabled for SSH in the webgui as shown here): _cmdline-mode on.

The command will require a password, which is by default 512900.

Then you need to enter in the system-view configuration using the command system-view and you start typing the following commands, related to the ports indicated above (it means change them according to your needs):

(switch with traffic of interest)
[MainSwitch]mirroring-group 1 ?
local
mirroring-port
monitor-egress
monitor-port
remote-destination  Remote destination mirroring group
remote-probe        Specify remote probe VLAN
remote-source       Remote source mirroring group
Local mirroring group
Specify mirroring port
Specify monitor-egress port
Specify monitor port
[MainSwitch]mirroring-group 1 remote-source ?
  <cr>
[MainSwitch]mirroring-group 1 remote-source
[MainSwitch]vlan 960
[MainSwitch-vlan960]quit
[MainSwitch]mirroring-group 1 ?
[MainSwitch]mirroring-group 1 remote-probe ?
  vlan  Specify VLAN
[MainSwitch]mirroring-group 1 remote-probe vlan 1 ?
  <cr>
[MainSwitch]mirroring-group 1 remote-probe vlan 960
[MainSwitch]mirroring-group 1 mirroring-port g1/0/8 ?
  GigabitEthernet  GigabitEthernet interface
  both             Monitor the inbound and outbound packets
  inbound          Monitor the inbound packets
  outbound         Monitor the outbound packets
  to               Range of interfaces
[MainSwitch]mirroring-group 1 mirroring-port g1/0/8 both
[MainSwitch]mirroring-group 1 monitor-egress g1/0/2 ?
  <cr>
[MainSwitch]mirroring-group 1 monitor-egress g1/0/2
[MainSwitch]interface g1/0/2
[MainSwitch-GigabitEthernet1/0/2]port link-type trunk
[MainSwitch-GigabitEthernet1/0/2]port trunk permit vlan 960

 

(switch where the traffic sniffer is connected to port 24)
[SecondSwitch]vlan 960
[SecondSwitch-vlan960]port g1/0/24
[SecondSwitch-vlan960]quit
[SecondSwitch]interface g1/0/1
[SecondSwitch-GigabitEthernet1/0/1]port link-type trunk
[SecondSwitch-GigabitEthernet1/0/1]port trunk permit vlan 960
[SecondSwitch-GigabitEthernet1/0/1]quit
[SecondSwitch]mirroring-group 1 remote-destination
[SecondSwitch]mirroring-group 1 remote-probe vlan 960
[SecondSwitch]mirroring-group 1 monitor-port g1/0/24

Once you completed the sequence of commands, remember to save the configuration using the command save. If you have Cisco or HP Provision habits/skill, you can compare the different commands with this very useful comparison guide. If you need a CLI manual, click here… while if you want the v1910 user manual you can click here.

Enjoy!

 Leave a Reply

You may use these HTML tags and attributes: <a href="" title=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <cite> <code> <del datetime=""> <em> <i> <q cite=""> <s> <strike> <strong>

(required)

(required)