efa tenant epg create --name <epg-name> --tenant <tenant-name>
--switchport --switchport-mode trunk –ctag-range <ctag-range>
--port <mirror-source-port-list> --po <mirror-source-po-list>
--pp-mac-acl-in <acl-name> --pp-mac-acl-out <acl-name>
--pp-acl-in <acl-name> --pp-ip-acl-out <acl-name>
--np-mac-acl-in <ctag:acl-name> --np-mac-acl-out <ctag:acl-name>
--np-ip-acl-in <ctag:acl-name> --np-ip-acl-out <ctag:acl-name>
efa tenant service mirror session create –name? <session-name> --tenant <tenant-name>
--source {<device-ip>,<eth | po | vlan>,<if-name>}
--type {<source-device-ip>,<eth | po | vlan>,<source-if-name>:<port-based | flow-based>}
--destination {<source-device-ip>,<eth | po | vlan>,<source-if-name> :
<destination-device-ip>,<eth | po | vlan>,<destination-if-name}
--destination-type {<source-device-ip>,< eth | po | vlan>,<source-if-name>:<span>}
--direction {<source-device-ip>,< eth | po | vlan>,<source-if-name> : <tx | rx | both>}
(efa:root)root@node-2:~# efa tenant show
+--------------+---------+------------+-------------+-------------+-----------+-----------+-----------------------+---------------------+
| Name | Type | VLAN Range | L2VNI Range | L3VNI Range | VRF Count | Enable BD | Ports | Mirroring Ports |
+--------------+---------+------------+-------------+-------------+-----------+-----------+-----------------------+---------------------+
| sharedTenant | shared | | | | 0 | false | | 10.20.246.15[0/31] |
| | | | | | | | | 10.20.246.16[0/31] |
| | | | | | | | | 10.20.246.21[0/31] |
| | | | | | | | | 10.20.246.22[0/31] |
| | | | | | | | | 10.20.246.25[0/31] |
| | | | | | | | | 10.20.246.26[0/31] |
+--------------+---------+------------+-------------+-------------+-----------+-----------+-----------------------+---------------------+
| ten1 | private | 11-20 | | | 10 | false | 10.20.246.15[0/1-10] | |
| | | | | | | | 10.20.246.16[0/1-10] | |
+--------------+---------+------------+-------------+-------------+-----------+-----------+-----------------------+---------------------+
| ten2 | private | 21-30 | | | 10 | false | 10.20.246.15[0/11-20] | |
| | | | | | | | 10.20.246.16[0/11-20] | |
+--------------+---------+------------+-------------+-------------+-----------+-----------+-----------------------+---------------------+
(efa:root)root@node 2:~# efa tenant po show
+---------+--------+--------------+-----+-------------+----------+---------+-------------------+------------+-------------+-------------+
| Name | Tenant | ID | Speed | MTU | Negotiation | Min Link | Lacp | Ports | State | Dev State | App State |
| | | | | | | Count | Timeout | | | | |
+---------+--------+--------------+-----+-------------+----------+---------+-------------------+------------+-------------+-------------+
| ten1po1 | ten1 | 2 | 10Gbps | | active | 1 | long | 10.20.246.15[0/1] | po-created | provisioned | cfg-in-sync |
| | | | | | | | | 10.20.246.16[0/1] | | | |
+---------+--------+--------------+-----+-------------+----------+---------+-------------------+------------+-------------+-------------+
| ten2po1 | ten2 | 3 | 10Gbps | | active | 1 | long | 10.20.246.15[0/11]| po-created | provisioned | cfg-in-sync |
| | | | | | | | | 10.20.246.16[0/11]| | | |
+---------+--------+----+---------+-----+-------------+----------+---------+-------------------+------------+-------------+-------------+
efa tenant epg create –name ten1epg1 –tenant ten1
--switchport-mode trunk --po ten1po1 --ctag-range 11
--pp-ip-acl-in ext-ip-permit-any-mirror-acl
--pp-ip-acl-out ext-ip-permit-any-mirror-acl
efa tenant service mirror session create –name ten1mirrorsession1 --tenant ten1
--source 10.20.246.15,po,ten1po1
--type 10.20.246.15,po,ten1po1:flow-based
--destination 10.20.246.15,po,ten1po1:10.20.246.15,eth,0/31
--destination-type 10.20.246.15,po,ten1po1:span
--direction 10.20.246.15,po,ten1po1:both
efa tenant service mirror session create –name ten2mirrorsession1 --tenant ten2
--source 10.20.246.15,po,ten2po1
--type 10.20.246.15,po,ten2po1:flow-based
--destination 10.20.246.15,po,ten2po1:10.20.246.15,eth,0/31
--destination-type 10.20.246.15,po,ten2po1:span
--direction 10.20.246.15,po,ten2po1:both
|
efa tenant epg create –name ten2epg1 –tenant ten2
--switchport-mode trunk --po ten2po1 --ctag-range 21
--pp-ip-acl-in ext-ip-permit-any-mirror-acl
--pp-ip-acl-out ext-ip-permit-any-mirror-acl
efa tenant service mirror session create –name ten1mirrorsession2 --tenant ten1
--source 10.20.246.16,po,ten1po1
--type 10.20.246.16,po,ten1po1:flow-based
--destination 10.20.246.16,po,ten1po1:10.20.246.16,eth,0/31
--destination-type 10.20.246.16,po,ten1po1:span
--direction 10.20.246.16,po,ten1po1:both
efa tenant service mirror session create –name ten2mirrorsession2 --tenant ten2
--source 10.20.246.16,po,ten2po1
--type 10.20.246.16,po,ten2po1:flow-based
--destination 10.20.246.16,po,ten2po1:10.20.246.16,eth,0/31
--destination-type 10.20.246.16,po,ten2po1:span
--direction 10.20.246.16,po,ten2po1:both
|
10.20.246.15SLX# show running-config ip access-list ip access-list extended ext-ip-permit-any-mirror-acl seq 10 permit ip any any mirror ! SLX# show running-config interface Port-channel 2,3 interface Port-channel 2 description EFA Port-channel ten1po1 cluster-client auto switchport switchport mode trunk switchport trunk allowed vlan add 11 no switchport trunk tag native-vlan ip access-group ext-ip-permit-any-mirror-acl in ip access-group ext-ip-permit-any-mirror-acl out no shutdown ! interface Port-channel 3 description EFA Port-channel ten2po1 cluster-client auto switchport switchport mode trunk switchport trunk allowed vlan add 21 no switchport trunk tag native-vlan ip access-group ext-ip-permit-any-mirror-acl in ip access-group ext-ip-permit-any-mirror-acl out no shutdown ! SLX# |
10.20.246.16SLX# show running-config ip access-list ip access-list extended ext-ip-permit-any-mirror-acl seq 10 permit ip any any mirror ! SLX# show running-config interface Port-channel 2,3 interface Port-channel 2 description EFA Port-channel ten1po1 cluster-client auto switchport switchport mode trunk switchport trunk allowed vlan add 11 no switchport trunk tag native-vlan ip access-group ext-ip-permit-any-mirror-acl in ip access-group ext-ip-permit-any-mirror-acl out no shutdown ! interface Port-channel 3 description EFA Port-channel ten2po1 cluster-client auto switchport switchport mode trunk switchport trunk allowed vlan add 21 no switchport trunk tag native-vlan ip access-group ext-ip-permit-any-mirror-acl in ip access-group ext-ip-permit-any-mirror-acl out no shutdown ! SLX# |
10.20.246.15SLX# show running-config monitor session monitor session 1 source port-channel 2 destination ethernet 0/31 direction both !monitor session 2 source port-channel 3 destination ethernet 0/31 direction both ! SLX# show monitor session 1 Session : 1 Type : SPAN Description : [None] State : Enabled Source Interface : Po 2 (Down) Destination Interface : Eth 0/31 (Down) Direction : Both Type : flow-based SLX# show monitor session 2 Session : 2 Type : SPAN Description : [None] State : Enabled Source Interface : Po 3 (Down) Destination Interface : Eth 0/31 (Down) Direction : Both Type : flow-based |
10.20.246.16SLX# show running-config monitor session monitor session 1 source port-channel 2 destination ethernet 0/31 direction both !monitor session 2 source port-channel 3 destination ethernet 0/31 direction both ! SLX# show monitor session 1 Session : 1 Type : SPAN Description : [None] State : Enabled Source Interface : Po 2 (Down) Destination Interface : Eth 0/31 (Down) Direction : Both Type : flow-based SLX# show monitor session 2 Session : 2 Type : SPAN Description : [None] State : Enabled Source Interface : Po 3 (Down) Destination Interface : Eth 0/31 (Down) Direction : Both Type : flow-based |