Filter
Top Products
26
*** Condential - DO NOT Distribute ***
Director
When you dene a lter, you specify and action to be taken when the lter conditions are met. The action can be either
drop or redir (meaning redirect). If the action is drop, then packets which meet the lter criteria are dropped, that is,
they are not copied to any Monitor port. If the action is redir, then packets which meet the lter criteria are copied to
all Monitor ports listed in the redir_ports=<portlist> parameter.
Copy Trafc From Any Network Port to Any Monitor Port
Director can be used like a Matrix Switch to direct trafc from any Network port to any Monitor port. To create a
simple switch connection, use a lteraddcommand without specifying any lters.
The lter add command creates pending lters (including switch settings); they are not activated until altercommit
command is executed. Any number of lteraddcommands may be issued prior to executing the ltercommitcommand.
Other CLI commands may be executed between the lter add commands as well.
To monitor Network Port 1 on Monitor Port 2, and Network Port 3 on Monitor Port 1:
Enter 1. lteraddin_ports=n1.1action=redirredir_ports=m.2. The switch connection is pending.
Enter 2. lteraddin_ports=n1.3action=redirredir_ports=m.1. The switch connection is pending.
Enter 3. ltercommit. The switch connection is activated.
Monitor Port 2Network Port 1
Monitor Port 1Network Port 3
lter add in_ports=n1.1 action=redir redir_ports=m.2
lter add in_ports=n1.3 action=redir redir_ports=m.1
Matrix switch connectionsFigure 22:
Aggregate Trafc From Any Set of Network Ports to Any Monitor Port
Director can be used like a Port Aggregator or a Link Aggregator, copying trafc from multiple Network ports to any
Monitor port. The lteraddcommand is again used to do this. The only difference from using the command to connect
a single Network port to a single Monitor port is that a list of Network ports is specied.
TocopyaggregatedtrafcfromNetworkPort1andNetworkPort2toMonitorPort3:
Enter 1. lteraddin_ports=n1.1,n1.2action=redirredir_ports=m.3. The aggregation connection is pending.
Enter 2. ltercommit. The aggregation connection activated.
Note that in this example, Network Port 1 and Network Port 2 may be Span ports, or they can be a paired in-line
network link. The Network port list in the lteraddcommand always applies to the trafc received at the port, not the
trafc transmitted out the port. Therefore, if Network Port 1 and Network Port 2 are an in-line link, then Director has
been congured to act as a Port Aggregator, combining the trafc from both directions on the in-line link and copying it
to the Monitor port.