That. Was. Easy.
These are the three words that a fancy button says whenever I press it. That button was gifted by an ex-colleague of mine and it says it all! Once you did it, that was easy 🙂
Exactly when you try to configure a remote port monitoring on an HP v1910 switch. Once upon a time (and I’m really speaking about 20 years ago) a company called 3Com had a slogan saying “the network that go the distance” Then they have been bought approx 4 years ago by HP, but that philosophy remained. A philosophy which says that it does not matter if you have a small switch, but the features you need must be there. Maybe a bit hidden… maybe only from CLI.
It happens that some good 3Com switched were rebranded HP around the second half 2010. All those switches, under the name of the v1910 series, are lifetime warranted!!! If you do not believe it, just click here and insert your switch serial number.
But beside the good policies, I’ve decided to write this nice post since today I reached the nirvana of my home network: two HP 1910v switches, respectively 16 and 24 ports, configured for remote port monitoring.
That is, traffic happening on port gigabit 1/0/8 of my master switch to be mirrored on port gigabit 1/0/24 of my second switch. The two switches are connected through a cat6 UTP ethernet cable going from port gigabit 1/0/2 of the master switch to the port gigabit 1/0/1 of the scone switch, according to the picture below:
Port 1/0/8 of the main switch ==> traffic of interest
Port 1/0/2 of the main switch ==> interconnection port with second switch
Port 1/0/1 of the second switch ==> interconnection port with main switch
Port 1/0/24 of the second switch ==> where mirrored traffic is sniffed by a Linux box
The HP v1910 switch uses a specific CLI interface, comware5.
This interface requires a specific command to be enable for a longer list of commands (once you have enabled for SSH in the webgui as shown here): _cmdline-mode on.
The command will require a password, which is by default 512900.
Then you need to enter in the system-view configuration using the command system-view and you start typing the following commands, related to the ports indicated above (it means change them according to your needs):
(switch with traffic of interest)
[MainSwitch]mirroring-group 1 ?
local mirroring-port monitor-egress monitor-port remote-destination Remote destination mirroring group remote-probe Specify remote probe VLAN remote-source Remote source mirroring group
Local mirroring group Specify mirroring port Specify monitor-egress port Specify monitor port
[MainSwitch]mirroring-group 1 remote-source ? <cr>
[MainSwitch]mirroring-group 1 remote-source
[MainSwitch]vlan 960 [MainSwitch-vlan960]quit
[MainSwitch]mirroring-group 1 ?
[MainSwitch]mirroring-group 1 remote-probe ? vlan Specify VLAN
[MainSwitch]mirroring-group 1 remote-probe vlan 1 ? <cr>
[MainSwitch]mirroring-group 1 remote-probe vlan 960
[MainSwitch]mirroring-group 1 mirroring-port g1/0/8 ? GigabitEthernet GigabitEthernet interface both Monitor the inbound and outbound packets inbound Monitor the inbound packets outbound Monitor the outbound packets to Range of interfaces
[MainSwitch]mirroring-group 1 mirroring-port g1/0/8 both
[MainSwitch]mirroring-group 1 monitor-egress g1/0/2 ? <cr>
[MainSwitch]mirroring-group 1 monitor-egress g1/0/2
[MainSwitch]interface g1/0/2 [MainSwitch-GigabitEthernet1/0/2]port link-type trunk [MainSwitch-GigabitEthernet1/0/2]port trunk permit vlan 960
(switch where the traffic sniffer is connected to port 24)
[SecondSwitch]vlan 960 [SecondSwitch-vlan960]port g1/0/24 [SecondSwitch-vlan960]quit
[SecondSwitch]interface g1/0/1 [SecondSwitch-GigabitEthernet1/0/1]port link-type trunk [SecondSwitch-GigabitEthernet1/0/1]port trunk permit vlan 960 [SecondSwitch-GigabitEthernet1/0/1]quit
[SecondSwitch]mirroring-group 1 remote-destination [SecondSwitch]mirroring-group 1 remote-probe vlan 960 [SecondSwitch]mirroring-group 1 monitor-port g1/0/24
Once you completed the sequence of commands, remember to save the configuration using the command save. If you have Cisco or HP Provision habits/skill, you can compare the different commands with this very useful comparison guide. If you need a CLI manual, click here… while if you want the v1910 user manual you can click here.