镜像ping端口
ping端口 时间:2021-05-01 阅读:()
H3CCAS端口镜像特性操作指导书Copyright2015杭州华三通信技术有限公司版权所有,保留一切权利.
非经本公司书面许可,任何单位和个人不得擅自摘抄、复制本文档内容的部分或全部,并不得以任何形式传播.
本文档中的信息可能变动,恕不另行通知.
i目录1简介·······························································································································12产品规格·························································································································12.
1规格列表······················································································································12.
2规格约束······················································································································13配置前提·························································································································24配置环境·························································································································24.
1服务器·························································································································24.
2软件···························································································································25配置指导·························································································································25.
1组网需求······················································································································25.
2准备工作······················································································································35.
2.
1准备测试虚拟机····································································································35.
2.
2准备测试网络与工具······························································································55.
3测试步骤······················································································································65.
3.
1配置端口镜像策略·································································································65.
3.
2验证入方向端口镜像策略························································································95.
3.
3验证出方向端口镜像策略······················································································105.
3.
4验证双向端口镜像策略·························································································1211简介本文档介绍H3CCAS端口镜像特性的使用方法和操作步骤.
端口镜像通过将指定端口的报文复制到与数据监测设备相连的端口,使用户可以利用数据监测设备分析这些复制过来的报文,以进行网络监控和故障排除.
在端口镜像中,有几个基本概念,分别是镜像源、镜像目的、镜像方向和镜像VLANID.
(1)镜像源:指被监控的对象,在虚拟化应用中,该对象就是虚拟机的虚拟网卡.
经由被监控对象收发的报文会被复制一份到与数据监测设备(或虚拟机)相连的端口,用户就可以对这些报文(称之为镜像报文)进行监控和分析了.
(2)镜像目的:指镜像报文所要达到的目的地,即与数据监测设备相连的那个端口.
(3)镜像方向:指在虚拟交换机上可复制的报文方向,包括:入方向:指仅复制虚拟机指定端口发送到虚拟交换机的报文.
出方向:指仅复制虚拟交换机发送到虚拟机指定端口的报文.
双向:指对虚拟交换机收到和发出的报文都进行复制.
(4)镜像VLAN:将镜像报文从源端口传送到目的端口时专用的VLAN,用于跨主机镜像(即镜像源和镜像目的不在同一个物理主机)时,隔离镜像报文和业务报文.
镜像报文在源虚拟交换机上封装VLAN标签,邻接物理交换机上透传并在VLAN内广播该报文,镜像目的所在的虚拟交换机接收到该报文之后,剥除镜像VLAN,将报文发送给相同VLAN配置的目的虚拟机的虚拟网卡.
2产品规格2.
1规格列表一级规格二级规格说明虚拟交换机端口镜像支持将一个或多个镜像源的IP报文镜像到指定的镜像目的.
支持入方向、出方向或入出双方向配置.
支持主机内和跨主机的虚拟机端口流量镜像.
2.
2规格约束(1)镜像VLANID不允许与业务VLANID重复,不同镜像策略的镜像VLANID也不允许重复.
(2)不支持VLANID为1的虚拟端口配置镜像功能,因为如果配置了两组VLANID为1的端口镜像,可能出现报文环路,导致网络故障.
(3)跨主机端口镜像时,要求中间设备必须允许镜像VLAN通过,并关闭该VLANID的MAC地址学习功能,以确保镜像源与镜像目的之间的二层网络畅通,同时,必须确保镜像报文从源到达目的的过程中,其VLANID不被修改或删除,否则跨主机镜像功能将失效.
2(4)在刀片环境中,由于刀片服务器与外部接入交换机之间有VC模块,而VC模块无法处理镜像VLAN报文,导致镜像功能失效.
因此,暂时不支持刀片环境下的端口镜像功能.
3配置前提本文档中的配置均是在实验室环境下进行的配置和验证,配置前服务器和软件的所有参数均采用出厂时的缺省配置.
如果您已经对被测试对象进行了配置,为了保证配置效果,请确认现有配置和以下举例中的配置不冲突.
4配置环境4.
1服务器本文档不严格与具体硬件服务器型号对应,如果使用过程中与产品实际情况有差异,请参考相关产品手册,或以设备实际情况为准.
本文档使用的服务器型号与配置如下表所示,该环境不作为实际部署时的强制环境或推荐环境,只需要服务器能够兼容H3CCAS云计算管理平台即可完成本配置.
配置项说明服务器#1(H3CCASCVM虚拟化管理平台)H3CFlexServerR390CPU:2路8核,IntelXeonE5-26500@2.
00GHz内存:32GB服务器#2(H3CCASCVK虚拟化内核系统)H3CFlexServerB390CPU:2路6核,IntelXeonE5-26200@2.
00GHz内存:32GB4.
2软件软件版本服务器虚拟化管理软件H3CCAS-E0216(KVMKernel3.
13.
6)虚拟机操作系统WindowsServer2008R2数据中心版64位数据监测软件WiresharkV1.
12.
1(64位)5配置指导5.
1组网需求验证H3CCAS端口镜像功能的逻辑组网拓扑图如下所示.
3图1端口镜像功能测试组网逻辑拓扑图(1)在H3CCASCVK虚拟化内核系统上安装三个虚拟机,其中VM#1和VM#3分别为镜像源和镜像目的,VM#1和VM#2用作Ping测试虚拟机.
(2)在虚拟交换机上配置流量镜像策略,将虚拟交换机入方向(即从VM#1的vNIC发送到虚拟交换机)的网络流量(红色虚线1A)镜像到数据监测软件(红色虚线1B).
(3)在VM#1上PingVM#2,在镜像目的虚拟机VM#3上,通过Wireshark抓包软件,验证是否只观察到源IP为VM#1,目的IP为VM#2的ICMPRequest报文.
(4)在虚拟交换机上修改流量镜像策略,对虚拟交换机出方向(即从虚拟交换机发送到VM#1的vNIC)的网络流量(蓝色虚线2A)镜像到数据检测软件(蓝色虚线2B).
(5)在VM#2上PingVM#1,在镜像目的虚拟机VM#3上,通过Wireshark抓包软件,验证是否只观察到源IP为VM#2,目的IP为VM#1的ICMPRequest报文.
(6)在虚拟交换机上修改流量镜像策略,对虚拟交换机双向(即从虚拟交换机发送到VM#1的vNIC以及从VM#1的vNIC接收)的网络流量(绿色虚线3A)镜像到数据检测软件(绿色虚线3B).
(7)在VM#1上PingVM#2,在镜像目的虚拟机VM#3上,通过Wireshark抓包软件,验证是否同时观察到源IP为VM#1,目的IP为VM#2的ICMPRequest报文,以及源IP为VM#2,目的IP为VM#1的ICMPReply报文.
5.
2准备工作5.
2.
1准备测试虚拟机步骤1系统管理员登录H3CCASCVM虚拟化管理平台(服务器#1),在H3CCASCVK虚拟化内核系统(服务器#2)上创建1个新的虚拟机(VM),虚拟机主要配置如下表所示.
4资源大小vCPU2核vMem4GBvDisk1*20GB(Virtio,本地磁盘)vNIC1(Virtio,启用内核加速)虚拟交换机vSwitch0(管理口)上述虚拟机资源配置仅为测试环境下的配置,不作为生产环境中业务虚拟机的推荐配置.
生产环境中的虚拟机配置应该根据业务本身对CPU、内存、磁盘和网卡等资源的实际需求进行评估和测试后最终确定.
步骤2通过控制台(VNC)为虚拟机安装WindowsServer2008R2数据中心版64位操作系统.
图2为虚拟机安装操作系统步骤3虚拟机操作系统安装成功之后,关闭操作系统默认开启的防火墙功能.
步骤4正常关闭虚拟机,将虚拟机转换为虚拟机模板.
步骤5通过虚拟机模板,依次部署3个测试虚拟机VM#1~VM#3.
5图3基于虚拟机模板部署测试虚拟机5.
2.
2准备测试网络与工具步骤1配置测试虚拟机IP地址.
#在H3CCASCVM虚拟化管理平台上,通过控制台(VNC)配置VM#1~VM#3的IP地址.
虚拟机序号名称用途IP地址VM#1PingSource镜像源,同时作为Ping业务的一端.
192.
168.
0.
231VM#2PingDestPing业务的另一端.
192.
168.
0.
232VM#3Monitor镜像目的,通过监控软件验证镜像结果的正确性.
192.
168.
0.
238H3CCASCVM虚拟化管理平台支持通过界面直接设置虚拟机的IP地址和掩码等网络参数,但要求虚拟机上必须已经按照CAStools工具.
#配置完成之后,通过虚拟机操作系统的命令行窗口或PowerShell工具,在各个虚拟机之间互相发送Ping报文,确保网络可达.
6如果IP地址已经配置成功,但是虚拟机之间无法相互Ping通,可能的原因是虚拟机操作系统开启了防火墙,默认禁止Ping报文入出.
此时,可以尝试关闭操作系统中的防火墙配置.
步骤2在镜像目的虚拟机(VM#3)操作系统内,安装WiresharkV1.
12.
1抓包软件.
5.
3测试步骤5.
3.
1配置端口镜像策略步骤1系统管理员登录H3CCASCVM虚拟化管理平台,在导航窗格中选中主机,在右侧配置窗口中,点击标签页,选择业务虚拟机使用的虚拟交换机,并点击表格行末的按钮.
图4端口镜像策略配置入口步骤2在弹出的"高级设置"对话框中,点击"端口镜像"选项,在右侧配置窗口中,点击按钮,启动端口镜像策略配置向导.
#输入端口镜像策略名称和镜像VLANID,选择方向为"入方向",点击按钮.
7图5端口镜像策略配置向导第一步#选择VM#1作为虚拟机镜像源,点击按钮.
图6端口镜像策略配置向导第二步#配置VM#3作为镜像目的虚拟机,点击按钮.
8图7端口镜像策略配置向导第三步#确认配置之后,点击按钮.
图8端口镜像策略配置向导第四步95.
3.
2验证入方向端口镜像策略步骤1在VM#1上通过命令行窗口PingVM#2.
图9以Ping(ICMP)报文模拟业务流量步骤2验证入方向端口镜像策略是否生效.
图10通过Wireshark抓包工具验证入方向端口镜像策略10因为从VM#1发送到VM#2的ICMPRequest报文经过虚拟交换机的时候,对虚拟交换机而言,该报文是从VM#1虚拟网卡方向入的报文,因此,虚拟交换机匹配到入方向端口镜像策略之后,应将该报文镜像到镜像目的.
在VM#3虚拟机上,通过Wireshark抓包接口可以看出,VM#1发送到VM#2的4个ICMPRequest报文被成功镜像到VM#3的虚拟网卡上,源IP地址为VM#1虚拟网卡的IP地址,目的IP地址为VM#2虚拟网卡的IP地址.
5.
3.
3验证出方向端口镜像策略步骤1在H3CCASCVM虚拟化管理平台中,修改虚拟交换机上的端口镜像策略方向为出方向,其余配置保持不变.
图11修改端口镜像策略方向为出方向步骤2在VM#2上通过命令行窗口PingVM#1.
11图12以Ping(ICMP)报文模拟业务流量步骤3验证出方向端口镜像策略是否生效.
图13通过Wireshark抓包工具验证出方向端口镜像策略因为从VM#2发送到VM#1的ICMPRequest报文经过虚拟交换机的时候,对虚拟交换机而言,该报文是从虚拟交换机转发到VM#1虚拟网卡的,也就是从虚拟交换机发送出去的报文,因此,虚拟交换机匹配到出方向端口镜像策略之后,应将该报文镜像到镜像目的.
在VM#3虚拟机上,通过12Wireshark抓包接口可以看出,VM#2发送到VM#1的4个ICMPRequest报文被成功镜像到VM#3的虚拟网卡上,源IP地址为VM#2虚拟网卡的IP地址,目的IP地址为VM#1虚拟网卡的IP地址.
5.
3.
4验证双向端口镜像策略步骤1在H3CCASCVM虚拟化管理平台中,修改虚拟交换机上的端口镜像策略方向为双向,其余配置保持不变.
图14修改端口镜像策略方向为双向步骤2在VM#1上通过命令行窗口PingVM#2.
图15以Ping(ICMP)报文模拟业务流量13步骤3验证双向端口镜像策略是否生效.
因为从VM#1发送到VM#2的ICMPRequest报文,以及从VM#2回应VM#1的ICMPReply报文经过虚拟交换机的时候,对虚拟交换机而言,该报文是从VM#1虚拟网卡进入虚拟交换机,再由虚拟交换机转发到VM#2虚拟网卡的,因此,虚拟交换机匹配到双向端口镜像策略之后,既将VM#1发送的ICMPRequest报文镜像到镜像目的,也会将VM#2回应的ICMPReply报文镜像到镜像目的.
在VM#3虚拟机上,通过Wireshark抓包接口可以看出,VM#1发送到VM#2的4个ICMPRequest报文,以及VM#2回应VM#1的4个ICMPReply都被成功镜像到VM#3的虚拟网卡上.
图16通过Wireshark抓包工具验证双向端口镜像策略
非经本公司书面许可,任何单位和个人不得擅自摘抄、复制本文档内容的部分或全部,并不得以任何形式传播.
本文档中的信息可能变动,恕不另行通知.
i目录1简介·······························································································································12产品规格·························································································································12.
1规格列表······················································································································12.
2规格约束······················································································································13配置前提·························································································································24配置环境·························································································································24.
1服务器·························································································································24.
2软件···························································································································25配置指导·························································································································25.
1组网需求······················································································································25.
2准备工作······················································································································35.
2.
1准备测试虚拟机····································································································35.
2.
2准备测试网络与工具······························································································55.
3测试步骤······················································································································65.
3.
1配置端口镜像策略·································································································65.
3.
2验证入方向端口镜像策略························································································95.
3.
3验证出方向端口镜像策略······················································································105.
3.
4验证双向端口镜像策略·························································································1211简介本文档介绍H3CCAS端口镜像特性的使用方法和操作步骤.
端口镜像通过将指定端口的报文复制到与数据监测设备相连的端口,使用户可以利用数据监测设备分析这些复制过来的报文,以进行网络监控和故障排除.
在端口镜像中,有几个基本概念,分别是镜像源、镜像目的、镜像方向和镜像VLANID.
(1)镜像源:指被监控的对象,在虚拟化应用中,该对象就是虚拟机的虚拟网卡.
经由被监控对象收发的报文会被复制一份到与数据监测设备(或虚拟机)相连的端口,用户就可以对这些报文(称之为镜像报文)进行监控和分析了.
(2)镜像目的:指镜像报文所要达到的目的地,即与数据监测设备相连的那个端口.
(3)镜像方向:指在虚拟交换机上可复制的报文方向,包括:入方向:指仅复制虚拟机指定端口发送到虚拟交换机的报文.
出方向:指仅复制虚拟交换机发送到虚拟机指定端口的报文.
双向:指对虚拟交换机收到和发出的报文都进行复制.
(4)镜像VLAN:将镜像报文从源端口传送到目的端口时专用的VLAN,用于跨主机镜像(即镜像源和镜像目的不在同一个物理主机)时,隔离镜像报文和业务报文.
镜像报文在源虚拟交换机上封装VLAN标签,邻接物理交换机上透传并在VLAN内广播该报文,镜像目的所在的虚拟交换机接收到该报文之后,剥除镜像VLAN,将报文发送给相同VLAN配置的目的虚拟机的虚拟网卡.
2产品规格2.
1规格列表一级规格二级规格说明虚拟交换机端口镜像支持将一个或多个镜像源的IP报文镜像到指定的镜像目的.
支持入方向、出方向或入出双方向配置.
支持主机内和跨主机的虚拟机端口流量镜像.
2.
2规格约束(1)镜像VLANID不允许与业务VLANID重复,不同镜像策略的镜像VLANID也不允许重复.
(2)不支持VLANID为1的虚拟端口配置镜像功能,因为如果配置了两组VLANID为1的端口镜像,可能出现报文环路,导致网络故障.
(3)跨主机端口镜像时,要求中间设备必须允许镜像VLAN通过,并关闭该VLANID的MAC地址学习功能,以确保镜像源与镜像目的之间的二层网络畅通,同时,必须确保镜像报文从源到达目的的过程中,其VLANID不被修改或删除,否则跨主机镜像功能将失效.
2(4)在刀片环境中,由于刀片服务器与外部接入交换机之间有VC模块,而VC模块无法处理镜像VLAN报文,导致镜像功能失效.
因此,暂时不支持刀片环境下的端口镜像功能.
3配置前提本文档中的配置均是在实验室环境下进行的配置和验证,配置前服务器和软件的所有参数均采用出厂时的缺省配置.
如果您已经对被测试对象进行了配置,为了保证配置效果,请确认现有配置和以下举例中的配置不冲突.
4配置环境4.
1服务器本文档不严格与具体硬件服务器型号对应,如果使用过程中与产品实际情况有差异,请参考相关产品手册,或以设备实际情况为准.
本文档使用的服务器型号与配置如下表所示,该环境不作为实际部署时的强制环境或推荐环境,只需要服务器能够兼容H3CCAS云计算管理平台即可完成本配置.
配置项说明服务器#1(H3CCASCVM虚拟化管理平台)H3CFlexServerR390CPU:2路8核,IntelXeonE5-26500@2.
00GHz内存:32GB服务器#2(H3CCASCVK虚拟化内核系统)H3CFlexServerB390CPU:2路6核,IntelXeonE5-26200@2.
00GHz内存:32GB4.
2软件软件版本服务器虚拟化管理软件H3CCAS-E0216(KVMKernel3.
13.
6)虚拟机操作系统WindowsServer2008R2数据中心版64位数据监测软件WiresharkV1.
12.
1(64位)5配置指导5.
1组网需求验证H3CCAS端口镜像功能的逻辑组网拓扑图如下所示.
3图1端口镜像功能测试组网逻辑拓扑图(1)在H3CCASCVK虚拟化内核系统上安装三个虚拟机,其中VM#1和VM#3分别为镜像源和镜像目的,VM#1和VM#2用作Ping测试虚拟机.
(2)在虚拟交换机上配置流量镜像策略,将虚拟交换机入方向(即从VM#1的vNIC发送到虚拟交换机)的网络流量(红色虚线1A)镜像到数据监测软件(红色虚线1B).
(3)在VM#1上PingVM#2,在镜像目的虚拟机VM#3上,通过Wireshark抓包软件,验证是否只观察到源IP为VM#1,目的IP为VM#2的ICMPRequest报文.
(4)在虚拟交换机上修改流量镜像策略,对虚拟交换机出方向(即从虚拟交换机发送到VM#1的vNIC)的网络流量(蓝色虚线2A)镜像到数据检测软件(蓝色虚线2B).
(5)在VM#2上PingVM#1,在镜像目的虚拟机VM#3上,通过Wireshark抓包软件,验证是否只观察到源IP为VM#2,目的IP为VM#1的ICMPRequest报文.
(6)在虚拟交换机上修改流量镜像策略,对虚拟交换机双向(即从虚拟交换机发送到VM#1的vNIC以及从VM#1的vNIC接收)的网络流量(绿色虚线3A)镜像到数据检测软件(绿色虚线3B).
(7)在VM#1上PingVM#2,在镜像目的虚拟机VM#3上,通过Wireshark抓包软件,验证是否同时观察到源IP为VM#1,目的IP为VM#2的ICMPRequest报文,以及源IP为VM#2,目的IP为VM#1的ICMPReply报文.
5.
2准备工作5.
2.
1准备测试虚拟机步骤1系统管理员登录H3CCASCVM虚拟化管理平台(服务器#1),在H3CCASCVK虚拟化内核系统(服务器#2)上创建1个新的虚拟机(VM),虚拟机主要配置如下表所示.
4资源大小vCPU2核vMem4GBvDisk1*20GB(Virtio,本地磁盘)vNIC1(Virtio,启用内核加速)虚拟交换机vSwitch0(管理口)上述虚拟机资源配置仅为测试环境下的配置,不作为生产环境中业务虚拟机的推荐配置.
生产环境中的虚拟机配置应该根据业务本身对CPU、内存、磁盘和网卡等资源的实际需求进行评估和测试后最终确定.
步骤2通过控制台(VNC)为虚拟机安装WindowsServer2008R2数据中心版64位操作系统.
图2为虚拟机安装操作系统步骤3虚拟机操作系统安装成功之后,关闭操作系统默认开启的防火墙功能.
步骤4正常关闭虚拟机,将虚拟机转换为虚拟机模板.
步骤5通过虚拟机模板,依次部署3个测试虚拟机VM#1~VM#3.
5图3基于虚拟机模板部署测试虚拟机5.
2.
2准备测试网络与工具步骤1配置测试虚拟机IP地址.
#在H3CCASCVM虚拟化管理平台上,通过控制台(VNC)配置VM#1~VM#3的IP地址.
虚拟机序号名称用途IP地址VM#1PingSource镜像源,同时作为Ping业务的一端.
192.
168.
0.
231VM#2PingDestPing业务的另一端.
192.
168.
0.
232VM#3Monitor镜像目的,通过监控软件验证镜像结果的正确性.
192.
168.
0.
238H3CCASCVM虚拟化管理平台支持通过界面直接设置虚拟机的IP地址和掩码等网络参数,但要求虚拟机上必须已经按照CAStools工具.
#配置完成之后,通过虚拟机操作系统的命令行窗口或PowerShell工具,在各个虚拟机之间互相发送Ping报文,确保网络可达.
6如果IP地址已经配置成功,但是虚拟机之间无法相互Ping通,可能的原因是虚拟机操作系统开启了防火墙,默认禁止Ping报文入出.
此时,可以尝试关闭操作系统中的防火墙配置.
步骤2在镜像目的虚拟机(VM#3)操作系统内,安装WiresharkV1.
12.
1抓包软件.
5.
3测试步骤5.
3.
1配置端口镜像策略步骤1系统管理员登录H3CCASCVM虚拟化管理平台,在导航窗格中选中主机,在右侧配置窗口中,点击标签页,选择业务虚拟机使用的虚拟交换机,并点击表格行末的按钮.
图4端口镜像策略配置入口步骤2在弹出的"高级设置"对话框中,点击"端口镜像"选项,在右侧配置窗口中,点击按钮,启动端口镜像策略配置向导.
#输入端口镜像策略名称和镜像VLANID,选择方向为"入方向",点击按钮.
7图5端口镜像策略配置向导第一步#选择VM#1作为虚拟机镜像源,点击按钮.
图6端口镜像策略配置向导第二步#配置VM#3作为镜像目的虚拟机,点击按钮.
8图7端口镜像策略配置向导第三步#确认配置之后,点击按钮.
图8端口镜像策略配置向导第四步95.
3.
2验证入方向端口镜像策略步骤1在VM#1上通过命令行窗口PingVM#2.
图9以Ping(ICMP)报文模拟业务流量步骤2验证入方向端口镜像策略是否生效.
图10通过Wireshark抓包工具验证入方向端口镜像策略10因为从VM#1发送到VM#2的ICMPRequest报文经过虚拟交换机的时候,对虚拟交换机而言,该报文是从VM#1虚拟网卡方向入的报文,因此,虚拟交换机匹配到入方向端口镜像策略之后,应将该报文镜像到镜像目的.
在VM#3虚拟机上,通过Wireshark抓包接口可以看出,VM#1发送到VM#2的4个ICMPRequest报文被成功镜像到VM#3的虚拟网卡上,源IP地址为VM#1虚拟网卡的IP地址,目的IP地址为VM#2虚拟网卡的IP地址.
5.
3.
3验证出方向端口镜像策略步骤1在H3CCASCVM虚拟化管理平台中,修改虚拟交换机上的端口镜像策略方向为出方向,其余配置保持不变.
图11修改端口镜像策略方向为出方向步骤2在VM#2上通过命令行窗口PingVM#1.
11图12以Ping(ICMP)报文模拟业务流量步骤3验证出方向端口镜像策略是否生效.
图13通过Wireshark抓包工具验证出方向端口镜像策略因为从VM#2发送到VM#1的ICMPRequest报文经过虚拟交换机的时候,对虚拟交换机而言,该报文是从虚拟交换机转发到VM#1虚拟网卡的,也就是从虚拟交换机发送出去的报文,因此,虚拟交换机匹配到出方向端口镜像策略之后,应将该报文镜像到镜像目的.
在VM#3虚拟机上,通过12Wireshark抓包接口可以看出,VM#2发送到VM#1的4个ICMPRequest报文被成功镜像到VM#3的虚拟网卡上,源IP地址为VM#2虚拟网卡的IP地址,目的IP地址为VM#1虚拟网卡的IP地址.
5.
3.
4验证双向端口镜像策略步骤1在H3CCASCVM虚拟化管理平台中,修改虚拟交换机上的端口镜像策略方向为双向,其余配置保持不变.
图14修改端口镜像策略方向为双向步骤2在VM#1上通过命令行窗口PingVM#2.
图15以Ping(ICMP)报文模拟业务流量13步骤3验证双向端口镜像策略是否生效.
因为从VM#1发送到VM#2的ICMPRequest报文,以及从VM#2回应VM#1的ICMPReply报文经过虚拟交换机的时候,对虚拟交换机而言,该报文是从VM#1虚拟网卡进入虚拟交换机,再由虚拟交换机转发到VM#2虚拟网卡的,因此,虚拟交换机匹配到双向端口镜像策略之后,既将VM#1发送的ICMPRequest报文镜像到镜像目的,也会将VM#2回应的ICMPReply报文镜像到镜像目的.
在VM#3虚拟机上,通过Wireshark抓包接口可以看出,VM#1发送到VM#2的4个ICMPRequest报文,以及VM#2回应VM#1的4个ICMPReply都被成功镜像到VM#3的虚拟网卡上.
图16通过Wireshark抓包工具验证双向端口镜像策略
易探云(QQ音乐绿钻)北京/深圳云服务器8核8G10M带宽低至1332.07元/年起
易探云怎么样?易探云香港云服务器比较有优势,他家香港BGP+CN2口碑不错,速度也很稳定。尤其是今年他们动作很大,推出的香港云服务器有4个可用区价格低至18元起,试用过一个月的用户基本会续费,如果年付的话还可以享受8.5折或秒杀价格。今天,云服务器网(yuntue.com)小编推荐一下易探云国内云服务器优惠活动,北京和深圳这二个机房的云服务器2核2G5M带宽低至330.66元/年,还有高配云服务器...
cera:秋季美国便宜VPS促销,低至24/月起,多款VPS配置,自带免费Windows
介绍:819云怎么样?819云创办于2019,由一家从2017年开始从业的idc行业商家创办,主要从事云服务器,和物理机器819云—-带来了9月最新的秋季便宜vps促销活动,一共4款便宜vps,从2~32G内存,支持Windows系统,…高速建站的美国vps位于洛杉矶cera机房,服务器接入1Gbps带宽,采用魔方管理系统,适合新手玩耍!官方网站:https://www.8...
香港 E5-2650 16G 10M 900元首月 美国 E5-2660 V2 16G 100M 688元/月 华纳云
华纳云双11钜惠出海:CN2海外物理服务器终身价688元/月,香港/美国机房,免费送20G DDos防御,50M CN2或100M国际带宽可选,(文内附带测评)华纳云作为一家专业的全球数据中心基础服务提供商,总部在香港,拥有香港政府颁发的商业登记证明,APNIC 和 ARIN 会员单位。主营香港服务器、美国服务器、香港/美国OpenStack云服务器、香港高防物理服务器、美国高防服务器、香港高防I...
ping端口为你推荐
-
企业邮局系统为什么企业需要企业邮箱系统 ?accessdenied网页打开显示Access Denied,怎么解决access数据库修复Access数据库恢复,有些表被损坏或有些表的部分记录被损坏,求解啊全国企业信息查询有没有可以查全国企业信息的工商查询网站asp.net网页制作ASP.NET设计网页的方法?www.topit.mehttp://www.topit.me/ 中自己上传的照片如何删除filezilla_serverFileZilla无法连接服务器怎么解决银花珠树晓来看关于下雪景的诗句瞄准的拼音碰的拼音是什么即时通平台有好的放单平台吗?