Ukuze kuhlalutywe ithrafikhi yenethiwekhi, kuyimfuneko ukuthumela ipakethi yenethiwekhi kwi-NTOP/NPROBE okanye kwiZixhobo zoKhuseleko lweNethiwekhi kunye nokuJonga ezingaphandle kwebhendi. Kukho izisombululo ezimbini kule ngxaki:
Ukujonga iiPort(ekwaziwa ngokuba yi-SPAN)
I-Network Tap(ekwaziwa ngokuba yiReplication Tap, iAggregation Tap, iActive Tap, iCopper Tap, iEthernet Tap, njl.njl.)
Ngaphambi kokuba uchaze umahluko phakathi kwezi zisombululo zimbini (iPort Mirror kunye neNetwork Tap), kubalulekile ukuqonda indlela esebenza ngayo i-Ethernet. Kwi-100Mbit nangaphezulu, ii-host zihlala zithetha nge-duplex epheleleyo, oko kuthetha ukuba i-host enye inokuthumela (i-Tx) kwaye ifumane (i-Rx) ngaxeshanye. Oku kuthetha ukuba kwintambo ye-100 Mbit eqhagamshelwe kwi-host enye, isixa sipheleleyo se-network traffic enokuthunyelwa/ukuyifumana yi-host enye (i-Tx/Rx)) yi-2 × 100 Mbit = 200 Mbit.
I-Port mirroring yi-active packet replication, oko kuthetha ukuba isixhobo senethiwekhi sinoxanduva ngokwasemzimbeni lokukopa ipakethi kwi-mirrored port.
Oku kuthetha ukuba isixhobo kufuneka senze lo msebenzi ngokusebenzisa ezinye izixhobo (ezifana neCPU), kwaye zombini iindlela zethrafikhi ziya kuphindaphindwa kwizibuko elinye. Njengoko bekutshiwo ngaphambili, kwikhonkco elipheleleyo le-duplex, oku kuthetha ukuba
A -> B kunye no-B -> A
Isimbuku sika-A asiyi kudlula isantya senethiwekhi ngaphambi kokuba ilahleko yepakethi yenzeke. Oku kungenxa yokuba akukho ndawo yokukopa iipakethi ngokwasemzimbeni. Kuyavela ukuba ukujonga iiport mirror yindlela entle njengoko inokwenziwa ziiswitshi ezininzi (kodwa kungekhona zonke), kuba uninzi lweeswitshi ezineengxaki zokulahleka kwepakethi, ukuba ujonga ikhonkco elinomthwalo ongaphezulu kwe-50%, okanye ujonga iiports kwiport ekhawulezayo (umz. iiports ze-100 Mbit kwiport ye-1 Gbit). Ingasathethwa ke into yokuba ukujonga iipakethi mirror kunokufuna ukutshintshiselana ngezixhobo zeeswitshi, nto leyo enokulayisha isixhobo kwaye ibangele ukusebenza kotshintshiselwano ukuba kunciphe. Qaphela ukuba ungaqhagamshela iport e-1 kwiport enye, okanye i-VLAN e-1 kwiport enye, kodwa ngokubanzi awunakukwazi ukukopa iiports ezininzi kwi-1. (Ke ngoko njengoko isipili sepakethi) singekho.
I-Network TAP (Indawo yokufikelela kwiTerminal)sisixhobo sehardware esingasebenziyo ngokupheleleyo, esinokubamba ithrafikhi kwinethiwekhi ngokungasebenzisi mandla. Sisetyenziswa rhoqo ukujonga ithrafikhi phakathi kwamanqaku amabini kwinethiwekhi. Ukuba inethiwekhi phakathi kwala manqaku mabini inentambo ebonakalayo, i-TAP yenethiwekhi inokuba yeyona ndlela ilungileyo yokubamba ithrafikhi.
I-network TAP inee-port ezintathu ubuncinane: i-port A, i-port B, kunye ne-monitor port. Ukubeka i-tap phakathi kwamanqaku A kunye no-B, intambo yenethiwekhi phakathi kwenqaku A kunye nenqaku B ithathelwa indawo ngeentambo ezimbini, enye iya kwi-port A ye-TAP, enye iya kwi-port B ye-TAP. I-TAP idlula zonke iitrafikhi phakathi kwamanqaku amabini enethiwekhi, ngoko ke zisaqhagamshelwe kwenye nenye. I-TAP ikwakopa i-traffic kwi-port yayo ye-monitor, ngaloo ndlela ivumela isixhobo sohlalutyo ukuba simamele.
Ii-TAP zenethiwekhi zisetyenziswa kakhulu zizixhobo zokubeka esweni nezokuqokelela ezifana ne-APS. Ii-TAP zingasetyenziswa nakwii-apps zokhuseleko kuba aziphazamisi, azibonakali kwinethiwekhi, zinokujongana neenethiwekhi ezipheleleyo nezingenakwabelwana ngazo, kwaye zihlala zidlula kwitrafikhi nokuba itephu iyeka ukusebenza okanye ilahlekelwa ngumbane.
Njengoko ii-port zeNetwork Taps zingamkeli kodwa zithumela kuphela, iswitshi ayinalo ulwazi lokuba ngubani ohleli emva kwee-ports. Isiphumo kukuba isasaza iipakethi kuzo zonke ii-ports. Ke ngoko, ukuba uqhagamshela isixhobo sakho sokujonga kwiswitshi, eso sixhobo siya kufumana zonke iipakethi. Qaphela ukuba le ndlela iyasebenza ukuba isixhobo sokujonga asithumeli nayiphi na ipakethi kwiswitshi; kungenjalo, iswitshi iya kucinga ukuba iipakethi ezicofiweyo azizo zeso sixhobo. Ukuze ufezekise oko, ungasebenzisa intambo yenethiwekhi ongakhange uqhagamshele kuyo iintambo ze-TX, okanye usebenzise ujongano lwenethiwekhi olungena-IP (kunye ne-DHCP-less) olungadlulisi iipakethi kwaphela. Okokugqibela qaphela ukuba ukuba ufuna ukusebenzisa i-tap ukuze ungalahlekelwa ziipakethi, musa ukudibanisa izikhombisi-ndlela okanye usebenzise iswitshi apho izikhombisi-ndlela ezicofiweyo zihamba kancinci (umz. 100 Mbit) kune-port yokudibanisa (umz. 1 Gbit).
Ngoko ke, Ungayibamba njani iTrafikhi yeNethiwekhi? IiTaps zeNethiwekhi vs iSwitch Ports Mirror
1- Uqwalaselo olulula: I-Network Tap > I-Port Mirror
2- Impembelelo yokusebenza kwenethiwekhi: I-Network Tap < Isibuko sezibuko
3- Ukubamba, Ukuphindaphinda, Ukudibanisa, Amandla okudlulisa: I-Network Tap > I-Port Mirror
4- Ulindelo lokudluliselwa kweTrafikhi: I-Network Tap < Isibuko sePort
5- Umthamo Wokulungiselela Ithrafikhi: I-Network Tap > Isibuko Sezibuko
Ixesha lokuthumela: Matshi-30-2022
