efa tenant epg create --name <epg-name> --tenant <tenant-name>
--switchport --switchport-mode trunk –ctag-range <ctag-range>
--port <mirror-source-port-list> --po <mirror-source-po-list>
--pp-mac-acl-in <acl-name> --pp-mac-acl-out <acl-name>
--pp-ip-acl-in <acl-name> --pp-ip-acl-out <acl-name>
--np-mac-acl-in <ctag:acl-name> --np-mac-acl-out <ctag:acl-name>
--np-ip-acl-in <ctag:acl-name> --np-ip-acl-out <ctag:acl-name>
efa tenant service mirror session create –name <session-name> --tenant <tenant-name>
--source {<device-ip>,<eth | po | vlan>,<if-name>}
--type {<source-device-ip>,<eth | po | vlan>,<source-if-name>:<port-based | flow-based>}
--destination {<source-device-ip>,<eth | po | vlan>,<source-if-name> :
<destination-device-ip>,<eth | po | vlan>,<destination-if-name}
--destination-type {<source-device-ip>,< eth | po | vlan>,<source-if-name>:<span>}
--direction {<source-device-ip>,< eth | po | vlan>,<source-if-name> : <tx | rx | both>}
(efa:root)root@node-2:~# efa tenant show
+--------+---------+-------+-------+-------+-------+--------+----------------------+--------------------+
| Name | Type | VLAN | L2VNI | L3VNI | VRF | Enable | Ports | Mirroring Ports |
| | | Range | Range | Range | Count | BD | | |
+--------+---------+-------+-------+-------+-------+--------+----------------------+--------------------+
| shared | Shared | | | | 0 | false | | 10.20.246.16[0/31] |
| Tenant | | | | | | | | 10.20.246.21[0/31] |
| | | | | | | | | 10.20.246.22[0/31] |
| | | | | | | | | 10.20.246.25[0/31] |
| | | | | | | | | 10.20.246.26[0/31] |
+--------+---------+-------+-------+-------+-------+--------+----------------------+--------------------+
| ten1 | private | 11-20 | | | 10 | false | 10.20.246.15[0/1-10] | |
| | | | | | | | 10.20.246.16[0/1-10] | |
| | | | | | | | 10.20.246.21[0/1-10] | |
| | | | | | | | 10.20.246.22[0/1-10] | |
+--------+---------+-------+-------+-------+-------+--------+----------------------+--------------------+
| ten2 | private | 21-30 | | | 10 | false | 10.20.246.15[0/11-20]| |
| | | | | | | | 10.20.246.16[0/11-20]| |
| | | | | | | | 10.20.246.21[0/11-20]| |
| | | | | | | | 10.20.246.22[0/11-20]| |
+--------+---------+-------+-------+-------+-------+--------+----------------------+--------------------+
(efa:root)root@node 2:~# efa tenant po show
+---------+--------+--------------+-----+-------------+----------+---------+-------------------+------------+-------------+-------------+
| Name | Tenant | ID | Speed | MTU | Negotiation | Min Link | Lacp | Ports | State | Dev State | App State |
| | | | | | | Count | Timeout | | | | |
+---------+--------+--------------+-----+-------------+----------+---------+-------------------+------------+-------------+-------------+
| ten1po1 | ten1 | 2 | 10Gbps | | active | 1 | long | 10.20.246.15[0/1] | po-created | provisioned | cfg-in-sync |
| | | | | | | | | 10.20.246.16[0/1] | | | |
+---------+--------+--------------+-----+-------------+----------+---------+-------------------+------------+-------------+-------------+
| ten2po1 | ten2 | 3 | 10Gbps | | active | 1 | long | 10.20.246.15[0/11]| po-created | provisioned | cfg-in-sync |
| | | | | | | | | 10.20.246.16[0/11]| | | |
+---------+--------+--------------+-----+-------------+----------+---------+-------------------+------------+-------------+-------------+
| ten1po2 | ten1 | 2 | 10Gbps | | active | 1 | long | 10.20.246.21[0/1] | po-created | provisioned | cfg-in-sync |
| | | | | | | | | 10.20.246.22[0/1] | | | |
+---------+--------+--------------+-----+-------------+----------+---------+-------------------+------------+-------------+-------------+
| ten2po2 | ten2 | 3 | 10Gbps | | active | 1 | long | 10.20.246.21[0/11]| po-created | provisioned | cfg-in-sync |
| | | | | | | | | 10.20.246.22[0/11]| | | |
+---------+--------+--------------+-----+-------------+----------+---------+-------------------+------------+-------------+-------------+
efa tenant epg create –name ten1epg1 –tenant ten1
--switchport-mode trunk --po ten1po1,ten1po2 --ctag-range 11
--np-mac-acl-in 11:ext-mac-permit-any-mirror-acl
--np-mac-acl-out 11:ext-mac-permit-any-mirror-acl
efa tenant service mirror session create –name ten1mirrorsession1 --tenant ten1
--source vlan,11
--type vlan,11:flow-based
--destination-type vlan,11:span
--destination vlan,11:10.20.246.15,eth,0/31
--direction vlan,11:both
|
efa tenant epg create –name ten2epg1 –tenant ten2
--switchport-mode trunk --po ten2po1,ten2po2 --ctag-range 21
--np-mac-acl-in 21:ext-mac-permit-any-mirror-acl
--np-mac-acl-out 21:ext-mac-permit-any-mirror-acl
efa tenant service mirror session create –name ten2mirrorsession1 --tenant ten2
--source vlan,21
--type vlan,21:flow-based
--destination-type vlan,21:span
--destination vlan,21:10.20.246.16,eth,0/31
--direction vlan,21:both
|
10.20.246.15SLX# show running-config mac access-list mac access-list extended ext-mac-permit-any-mirror-acl seq 10 permit any any mirror ! SLX# SLX# show running-config vlan 11,21 vlan 11 description Tenant L2 Extended VLAN mac access-group ext-mac-permit-any-mirror-acl in mac access-group ext-mac-permit-any-mirror-acl out ! vlan 21 description Tenant L2 Extended VLAN mac access-group ext-mac-permit-any-mirror-acl in mac access-group ext-mac-permit-any-mirror-acl out ! SLX# |
10.20.246.16SLX# show running-config mac access-list mac access-list extended ext-mac-permit-any-mirror-acl seq 10 permit any any mirror ! SLX# SLX# show running-config vlan 11,21 vlan 11 description Tenant L2 Extended VLAN mac access-group ext-mac-permit-any-mirror-acl in mac access-group ext-mac-permit-any-mirror-acl out ! vlan 21 description Tenant L2 Extended VLAN mac access-group ext-mac-permit-any-mirror-acl in mac access-group ext-mac-permit-any-mirror-acl out ! SLX# |
10.20.246.21SLX# show running-config mac access-list mac access-list extended ext-mac-permit-any-mirror-acl seq 10 permit any any mirror ! SLX# SLX# show running-config vlan 11,21 vlan 11 description Tenant L2 Extended VLAN mac access-group ext-mac-permit-any-mirror-acl in mac access-group ext-mac-permit-any-mirror-acl out ! vlan 21 description Tenant L2 Extended VLAN mac access-group ext-mac-permit-any-mirror-acl in mac access-group ext-mac-permit-any-mirror-acl out ! SLX# |
10.20.246.22SLX# show running-config mac access-list mac access-list extended ext-mac-permit-any-mirror-acl seq 10 permit any any mirror ! SLX# SLX# show running-config vlan 11,21 vlan 11 description Tenant L2 Extended VLAN mac access-group ext-mac-permit-any-mirror-acl in mac access-group ext-mac-permit-any-mirror-acl out ! vlan 21 description Tenant L2 Extended VLAN mac access-group ext-mac-permit-any-mirror-acl in mac access-group ext-mac-permit-any-mirror-acl out ! SLX# |
10.20.246.15-16SLX# show running-config monitor session monitor session 1 source vlan 11 destination ethernet 0/31 direction both flow-based ! monitor session 2 source vlan 21 destination ethernet 0/31 direction both flow-based !SLX# SLX# show monitor session 1 Session : 1 Type : SPAN Description : [None] State : Enabled Source Interface : Vlan 11 Destination Interface : Eth 0/31 (Down) Direction : Both Type : flow-based SLX# show monitor session 2 Session : 2 Type : SPAN Description : [None] State : Enabled Source Interface : Vlan 21 Destination Interface : Eth 0/31 (Down) Direction : Both Type : flow-based SLX# |
10.20.246.21-22SLX# show running-config monitor session monitor session 1 source vlan 11 destination ethernet 0/31 direction both flow-based ! monitor session 2 source vlan 21 destination ethernet 0/31 direction both flow-based !SLX #SLX# show monitor session 1 Session : 1 Type : SPAN Description : [None] State : Enabled Source Interface : Vlan 11 Destination Interface : Eth 0/31 (Down) Direction : Both Type : flow-based SLX# show monitor session 2 Session : 2 Type : SPAN Description : [None] State : Enabled Source Interface : Vlan 21 Destination Interface : Eth 0/31 (Down) Direction : Both Type : flow-based SLX# |
||