Configure Packet Truncation

Follow this procedure to truncate a packet to conform to the length required by your analysis tools.

Before you begin

About this task

You configure packet truncation in a listener policy. You can include other settings in addition to packet truncation. Minimum truncated packet length is 64 bytes.
Note

Note

In the examples that follow the configuration commands for this task, bold font is used to show the relationship between the items you configure and then bind. The example parameters and optional settings are only a partial set of those available. See the Extreme 9920 Software Command Reference, 21.1.0.0 for more information.

Procedure

  1. Run the configure terminal command to access Config mode.
    The command line changes to configuration mode.
    device(config)#
  2. Configure an ACL of type IPv4, IPv6, or MAC and any actions.
    ip access-list acl-name

    The specified ACL and configured actions will be bound to a listener policy.

    device(config)# ip access-list acl3-ipv4
device(config-ip-acl)# seq 12 permit ip any any count
  3. Create the listener policy, including the truncate subcommand with any other action subcommands for the policy.
    Note

    Note

    A listener policy supports only one of each of each ACL type: IP, IPv6, MAC .
    listener-policy name seq
    device(config)# listener-policy lp-3 18
device(config-listener-policy)# match ip access-list acl3-ipv4
device(config-listener-policy)# truncate 512
device(config-listener-policy)# description "truncate ip packets lp"
  4. Configure an egress policy and bind the listener policy, specifying any additional egress actions.
    Note

    Note

    An egress can be associated with only one listener policy.
    egress name
    device(config)# egress e3
device(config-egress)# set listener-policy lp-3 18
device(config-egress)# description DirectTool
device(config-egress)# precedence 1 interface ethernet 2/14
  5. Configure an egress group and associate it with the egress policy.
    egress-group group-name
    device(config)# egress-group eg_5 
device(config-egress-group)# description e-group_5
device(config-egress-group)# set egress e3
  6. Configure the route map and set any other parameters, such as forwarding actions, match ip access list, and the egress-group.
    Note

    Note

    A route-map policy supports only one match-ACL per layer.
    route-map map-name seq
    device(config)# route-map R2 10 
device(config-route-map)# match ip access-list acl3-ipv4
device(config-route-map)# set egress-group eg_5
device(config-route-map)# forward-action permit
  7. Configure an ingress group and associate a route map.
    Note

    Note

    An ingress group can be associated with only one route map.
    ingress-group group-name
    device(config)# ingress-group TAP_TRAFFIC
device(config-ingress-group)# set route-map R2
  8. Configure the interface port and channel for ingress traffic.
    interface slot / port-number
    Note

    Note

    In the following example, traffic is coming in on slot/port-number 2/3. 
    interface ethernet 2/3
description From_TAP
set ingress-group TAP_TRAFFIC
no shutdown
  9. Configure the interface port and channel for egress traffic.
    interface slot / port-number
    Note

    Note

    In the following example, traffic is leaving on slot/port-number 2/14.
    interface ethernet 2/14
speed 40000
description To_Tool
no shutdown
9037100-00 Rev AA