• Basic Use of Aggregation Groups

 
 
Print Friendly, PDF & Email

Introduction

Aggregation groups provide a means of grouping tool ports to simplify the mapping of a tap port to multiple tools and allow grouping of alike applications. In current releases, each tap port can only be bound to one default aggregation group at any time. A tool port however, can simultaneously be a member of multiple aggregation groups. This is important as it allows multiple tools or tool servers to receive any of the multiple traffic flows input to the tap ports. The Tap Aggregation operator can for example have an IDS/IPS tool receiving the same traffic as an application performance monitoring tool. As well, these two tools could be receiving completely separate traffic flows or any overlapping set of traffic as appropriate.

Command examples

  • Configure two tap interfaces
  • Configure a tool interface
  • Set two tap interfaces and a tool interface to be part of the same aggregation group
  • Show the tap aggregation group to verify configuration
  • All traffic received on tap interfaces ethernet 6 and ethernet 7 will be sent to the group Test1
  • All tool ports that are members of group Test1 will receive a copy of the traffic. In this case all traffic received on Ethernet 6-7 will be aggregated to Ethernet8 for analysis tools.
7150(config)#interface et6

7150(config-if-Et6)#switchport mode tap             # Configure a tap interface

7150(config-if-Et6)#interface ethernet 7

7150(config-if-Et7)#switchport mode tap             # Configure a tap interface

7150(config-if-Et7)#interface ethernet 8

7150(config-if-Et8)#switchport mode tool            # Configure a tool interface


7150(config)#show tap aggregation groups Test1
   Group Name       Tool Members    Tap Members
---------------- ------------------ -----------
   Test1            Et8             Et6, Et7


7150(config)#show tap aggregation groups detail
Group Test1
---------------------------------------------------------------

Source Port:
  Active: Et6, Et7



Destination Port:
  Active: Et8

GUI examples

  • Create an Aggregation group called Test1

Aggregation Group Creation

  • Next, configure two tap interfaces

Tap Agg Port Config.002

  • Set the two tap interfaces to be members of the Test1 group

Tap Agg Port Config.003

  • Configure a tool interface

Tap Agg Port Config.003

  • Set the tool interface to be a member of the Test1 group

Tap Agg Port Config.005

  • All traffic received on tap interfaces ethernet 6 and ethernet 7 will be sent to the group Test1
  • All tool ports that are members of group Test1 will receive a copy of the traffic, in this case ethernet 8
  • Ethernet 5 is an example of a tool port that is a member of multiple aggregation groups. Ethernet 5 will receive all traffic that is sent to groups “Dev” and “Prod” which have tap ports Ethernet 1 and Ethernet 2 as members in this example.

Tap Agg Port Config.006

Follow

Get every new post on this blog delivered to your Inbox.

Join other followers: