1.6.1 配置报文捕获举例
在Router A的Gigabitethernet3/0/1接口上开启报文捕获功能。配置捕获接口Gigabitethernet3/0/1入方向上的硬件转发与软件转发报文。
#创建IPv4高级ACL 3000,并定制如下规则:只捕获源IP为192.168.56.1的报文。
[RouterA] acl number 3000
[RouterA-acl-adv-3000] rule permit ip source 192.168.56.1 0
[RouterA-acl-adv-3000] quit
#定义流行为behavior1,配置流量镜向到CPU。
[RouterA-behavior-behavior1] mirror-to cpu
[RouterA-behavior-behavior1] quit
#定义类classifier1,匹配ACL3000。
[RouterA-classifier-classifier1] if-match acl 3000
[RouterA-classifier-classifier1] quit
#定义一个名为user1的策略,并在策略user1中为类classifier1指定采用流行为behavior1。
[RouterA-qospolicy-user1] classifier classifier1 behavior behavior1
[RouterA-qospolicy-user1] quit
#将策略user1应用到接口GigabitEthernet3/0/1的入方向上。
[RouterA-GigabitEthernet3/0/1] qos apply policy user1 inbound
[RouterA-GigabitEthernet3/0/1] quit
[RouterA] quit
#开启Gigabitethernet3/0/1接口上的报文捕获功能,捕获软硬件转发报文。
Capturing on 'Gigabitethernet3/0/1'
1 0.000000 192.168.56.1 -> 192.168.56.2 TCP 62 6325 > telnet [SYN] Seq=0 Win
=65535 Len=0 MSS=1460 SACK_PERM=1
2 0.000061 192.168.56.1 -> 192.168.56.2 TCP 60 6325 > telnet [ACK] Seq=1 Ack
=1 Win=65535 Len=0
3 0.024370 192.168.56.1 -> 192.168.56.2 TELNET 60 Telnet Data ...
4 0.024449 192.168.56.1 -> 192.168.56.2 TELNET 78 Telnet Data ...
5 0.025766 192.168.56.1 -> 192.168.56.2 TELNET 65 Telnet Data ...
6 0.035096 192.168.56.1 -> 192.168.56.2 TELNET 60 Telnet Data ...
7 0.047317 192.168.56.1 -> 192.168.56.2 TCP 60 6325 > telnet [ACK] Seq=42 Ac
k=434 Win=65102 Len=0
8 0.050994 192.168.56.1 -> 192.168.56.2 TCP 60 6325 > telnet [ACK] Seq=42 Ac
k=436 Win=65100 Len=0
9 0.052401 192.168.56.1 -> 192.168.56.2 TCP 60 6325 > telnet [ACK] Seq=42 Ac
k=438 Win=65098 Len=0
10 0.057736 192.168.56.1 -> 192.168.56.2 TCP 60 6325 > telnet [ACK] Seq=42 Ac
k=440 Win=65096 Len=0
10 packets captured
· 在RouterA的Gigabitethernet 3/0/1接口上开启报文捕获功能,配置捕获报文的个数为10个,配置将捕获的报文存入文件a.pcap。
#开启Gigabitethernet3/0/1接口上的报文捕获功能,指定捕获报文个数上限为10,指定捕获的报文存入文件a.pcap。
Capturing on 'Gigabitethernet3/0/1'
#开启报文解析功能,指定解析的完整文件名为flash:/a.pcap。
1 0.000000 192.168.56.1 -> 192.168.56.2 TCP 62 6325 > telnet [SYN] Seq=0 Win
=65535 Len=0 MSS=1460 SACK_PERM=1
2 0.000061 192.168.56.1 -> 192.168.56.2 TCP 60 6325 > telnet [ACK] Seq=1 Ack
=1 Win=65535 Len=0
3 0.024370 192.168.56.1 -> 192.168.56.2 TELNET 60 Telnet Data ...
4 0.024449 192.168.56.1 -> 192.168.56.2 TELNET 78 Telnet Data ...
5 0.025766 192.168.56.1 -> 192.168.56.2 TELNET 65 Telnet Data ...
6 0.035096 192.168.56.1 -> 192.168.56.2 TELNET 60 Telnet Data ...
7 0.047317 192.168.56.1 -> 192.168.56.2 TCP 60 6325 > telnet [ACK] Seq=42 Ac
k=434 Win=65102 Len=0
8 0.050994 192.168.56.1 -> 192.168.56.2 TCP 60 6325 > telnet [ACK] Seq=42 Ac
k=436 Win=65100 Len=0
9 0.052401 192.168.56.1 -> 192.168.56.2 TCP 60 6325 > telnet [ACK] Seq=42 Ac
k=438 Win=65098 Len=0
10 0.057736 192.168.56.1 -> 192.168.56.2 TCP 60 6325 > telnet [ACK] Seq=42 Ac
k=440 Win=65096 Len=0