Umahluko ophambili phakathi kokubamba iipakethi usebenzisa i-Network TAP kunye nee-SPAN ports.
Ukujonga iiPort(ekwaziwa ngokuba yi-SPAN)
I-Network Tap(ekwaziwa ngokuba yiReplication Tap, iAggregation Tap, iActive Tap, iCopper Tap, iEthernet Tap, njl.njl.)I-TAP (Indawo yokufikelela kwiTerminal)sisixhobo sehardware esingasebenziyo ngokupheleleyo, esinokubamba ithrafikhi kwinethiwekhi ngokungasebenzisi mandla. Sisetyenziswa rhoqo ukujonga ithrafikhi phakathi kwamanqaku amabini kwinethiwekhi. Ukuba inethiwekhi phakathi kwala manqaku mabini inentambo ebonakalayo, i-TAP yenethiwekhi inokuba yeyona ndlela ilungileyo yokubamba ithrafikhi.
Ngaphambi kokuba uchaze umahluko phakathi kwezi zisombululo zimbini (iPort Mirror kunye neNetwork Tap), kubalulekile ukuqonda indlela esebenza ngayo i-Ethernet. Kwi-100Mbit nangaphezulu, ii-host zihlala zithetha nge-duplex epheleleyo, oko kuthetha ukuba i-host enye inokuthumela (i-Tx) kwaye ifumane (i-Rx) ngaxeshanye. Oku kuthetha ukuba kwintambo ye-100 Mbit eqhagamshelwe kwi-host enye, isixa sipheleleyo se-network traffic enokuthunyelwa/ukuyifumana yi-host enye (i-Tx/Rx)) yi-2 × 100 Mbit = 200 Mbit.
I-Port mirroring yi-active packet replication, oko kuthetha ukuba isixhobo senethiwekhi sinoxanduva ngokwasemzimbeni lokukopa ipakethi kwi-mirrored port.
Ukubamba iTrafikhi: TAP vs SPAN
Xa ujonga ithrafikhi yenethiwekhi, ukuba awufuni ukusebenzisa inkxaso ngokuthe ngqo ngelixa umsebenzisi eqhuba intengiselwano, uneendlela ezimbini eziphambili onokukhetha kuzo. Kwinqaku elilandelayo, siza kunika umbono jikelele we-TAP (Test Access Point) kunye ne-SPAN (Switch Port Analyzer). Ukuze ufumane uhlalutyo olunzulu, ingcali yokuhlolwa kweepakethi uTimo'Neill inamanqaku aliqela kwi-lovemytool.com achaza iinkcukacha ezininzi, kodwa apha, siza kusebenzisa indlela ebanzi ngakumbi.
I-SPAN
I-Port mirroring yindlela yokujonga ithrafikhi yenethiwekhi ngokudlulisela ikopi yephakethi nganye engenayo kunye/okanye ephumayo ukusuka kwi-port enye okanye ezingaphezulu (okanye ii-VLans) zeswitshi ukuya kwenye i-port eqhagamshelwe kwi-network traffic analyzer. Ii-Span zidla ngokusetyenziswa kwiinkqubo ezilula ukujonga iisayithi ezininzi ngaxeshanye. Inani elichanekileyo lothumelo lwenethiwekhi ekwaziyo ukulijonga lixhomekeke ekubeni i-SPAN ifakwe phi xa kuthelekiswa nezixhobo zeziko ledatha. Mhlawumbi uza kufumana into oyifunayo, kodwa kulula ukuzifumana unedatha eninzi kakhulu. Umzekelo, kunokwenzeka ukufumana iikopi ezininzi zedatha efanayo kwi-VLAN iyonke. Oku kwenza ukusombulula iingxaki ze-LAN kube nzima ngakumbi, kwaye kuchaphazela isantya se-switch cpus okanye kuchaphazela i-Ethernet ngokuchongwa kwendawo. Ngokusisiseko, ii-span ezininzi, kokukhona kunokwenzeka ukuba ulahlekelwe ziipakethi. Xa kuthelekiswa nee-taps, ii-span zinokulawulwa kude, oko kuthetha ukuba ixesha elincinci lichithwa kutshintshwe uqwalaselo, kodwa iinjineli zenethiwekhi zisafuneka.
Iiports ze-SPAN aziyoteknoloji engasebenziyo, njengoko abanye besitsho, kuba zinokuba neminye imiphumo enokulinganiselwa kwi-traffic yenethiwekhi, kuquka:
- Ixesha lokutshintsha ukusebenzisana kwefreyimu
- Ukulahla iipakethi ngenxa yokukhangela kakhulu
- Iipakethi ezonakeleyo ziyalahlwa ngaphandle kwesaziso, nto leyo ethintela uhlalutyo
Ngoko ke, iiports ze-SPAN zilungele ngakumbi kwiimeko apho ukulahla iipakethi kungachaphazeli uhlalutyo, okanye apho kuqwalaselwa khona iindleko.
TAP
Ngokwahlukileyo koko, ii-taps kufuneka zichithe imali kwi-hardware kwangaphambili, kodwa azidingi kuseto oluninzi. Enyanisweni, ekubeni zingasebenzi, zinokuqhagamshelwa kwaye zisuswe kwinethiwekhi ngaphandle kokuyichaphazela. Ii-taps zizixhobo ze-hardware ezibonelela ngendlela yokufikelela kwidatha ehamba ngenethiwekhi yekhompyutha kwaye zihlala zisetyenziselwa ukhuseleko lwenethiwekhi kunye neenjongo zokujonga ukusebenza. I-traffic ejongiweyo ibizwa ngokuba yi-"pass-through" traffic kwaye i-port esetyenziselwa ukujonga ibizwa ngokuba yi-"monitoring port". Ukuze kuhlolwe inethiwekhi ngokucacileyo, ii-taps zingabekwa phakathi kwee-routers kunye neeswitshi.
Ngenxa yokuba i-TAP ayichaphazeli iipakethi, inokujongwa njengendlela engasebenziyo yokujonga ithrafikhi yenethiwekhi.
Kukho iintlobo ezintathu zezisombululo ze-TAP:
- Isahluli senethiwekhi (1: 1)
- I-Aggregate TAP (ezininzi: 1)
- I-Regeneration TAP (1: ezininzi)
I-TAP iphinda-phinda ithrafikhi iye kwisixhobo esinye sokujonga esingasebenziyo, okanye kwisixhobo sokudlulisa iipakethi zenethiwekhi ezinoxinano oluphezulu, kwaye ikhonza izixhobo zokuvavanya ii-QOS ezininzi (ezidla ngokuba zininzi), izixhobo zokujonga inethiwekhi, kunye nezixhobo zokufunxa inethiwekhi ezifana ne-wireshark.
Ukongeza, iintlobo ze-TAP ziyahluka ngokuxhomekeke kuhlobo lwentambo, kuquka i-fiber TAP kunye ne-gigabit copper TAP, zombini zisebenza ngendlela efanayo ngokukhuphela inxalenye yesignali kwi-network traffic analyzer, ngelixa imodeli ephambili iqhubeka nokudlulisa ngaphandle kokuphazamiseka. Kwi-fiber TAP, kukwahlulahlula umqadi kubini, ngelixa kwinkqubo yentambo yobhedu, kukuphinda-phinda isignali yombane.
Ukuthelekisa i-TAP kunye ne-SPAN
Okokuqala, i-SPAN port ayifanelekanga kwi-full-duplex 1G link, kwaye nokuba ingaphantsi komthamo wayo ophezulu, ikhawuleza ilahle iipakethi kuba inzima kakhulu, okanye kuba nje iswitshi ibeka phambili imihla eqhelekileyo ye-port-to-port kunedatha ye-SPAN port. Ngokungafaniyo nee-network taps, ii-SPAN ports zihluza iimpazamo ze-physical layer, okwenza ezinye iintlobo zohlalutyo zibe nzima ngakumbi, kwaye njengoko sibonile, amaxesha okunyusa angachanekanga kunye neefreyimu ezitshintshiweyo zinokubangela ezinye iingxaki. Kwelinye icala, i-TAP inokusebenzisa i-full-duplex 1G link.
I-TAP inokwenza nokubamba iipakethi ngokupheleleyo kwaye yenze uhlolo olunzulu lweepakethi ukuze ibone iiprotokholi, ukwaphulwa kwemithetho, ukungena, njl. Ngoko ke, idatha ye-TAP ingasetyenziswa njengobungqina enkundleni, ngelixa idatha yezibuko le-SPAN ingenako.
Ukhuseleko lolunye umba apho kukho umahluko phakathi kwezi ndlela zimbini. Iiports ze-SPAN zihlala zilungiselelwe unxibelelwano oluya kwicala elinye, kodwa zinokufumana unxibelelwano kwezinye iimeko, nto leyo ebangela ubuthathaka obukhulu. Ngokwahlukileyo koko, i-TAP ayinakulungiselelwa kwaye ayinayo idilesi ye-IP, ngoko ke ayinakuqhekezwa.
Iiports ze-SPAN azidluli kwiithegi ze-VLAN, nto leyo enokwenza kube nzima ukubona ukusilela kwe-VLAN, kodwa ii-taps azikwazi ukubona lonke inethiwekhi ye-VLAN ngaxeshanye. Ukuba ii-taps ezihlanganisiweyo azisetyenziswa, i-TAP ayizukubonelela ngomkhondo ofanayo kuzo zombini iitshaneli, kodwa kufuneka kuqatshelwe ukufunyanwa kobudala obugqithisileyo. Kukho ii-taps ezihlanganisiweyo, ezifana ne-Booster for Profitep, ezihlanganisa iiports ezisibhozo ze-10/100/1G kwimveliso ye-1G-10G.
I-Booster iyakwazi ukufaka iipakethi ngokufaka iithegi ze-VLAN. Ngale ndlela, ulwazi lwe-source port lwepakethi nganye luya kuthunyelwa kwi-analyzer.
Iiport ze-SPAN zisesisixhobo esiza kusetyenziswa ngabalawuli benethiwekhi, kodwa ukuba isantya kunye nokufikelela okuthembekileyo kuyo yonke idatha yenethiwekhi kubalulekile, i-TAP yeyona ndlela ilungileyo. Xa ugqiba ukuba yeyiphi indlela omawuyithathe, iiport ze-SPAN zifanelekile ngakumbi kwiinethiwekhi ezinokusetyenziswa okuphantsi, kuba iipakethi ezilahlekileyo azichaphazeli uhlalutyo okanye azinyanzelekanga kwiimeko apho iindleko zixhalabisayo. Nangona kunjalo, kwiinethiwekhi ezinetrafikhi ephezulu, amandla e-TAP, ukhuseleko kunye nokuthembeka kuya kubonelela ngokubonakala ngokupheleleyo kwitrafikhi kwinethiwekhi yakho ngaphandle koloyiko lokulahleka kwepakethi okanye ukucoca iimpazamo zomaleko womzimba.
○ Ibonakala ngokupheleleyo
○ Phinda zonke iitrafikhi (zonke iipakethi zazo zonke iintlobo nobukhulu)
○ Ayisebenzi, ayiphazamisi (ayitshintshi idatha)
○ Kwiichungechunge, akukho zichweba zokutshintsha ezisetyenziselwa ukuphinda ithrafikhi epheleleyo ye-duplex kwiiharnesses Ukuseta okulula (ukuxhuma nokudlala)
○ Ayinabungozi kubaphangi (isixhobo sokujonga esingabonakaliyo, esizimeleyo kwinethiwekhi, akukho dilesi ye-IP/MAC)
○ Iyakhula
○ Ifanelekile nakweyiphi na imeko
○ Ukubonakala okungaphelelanga
○ Ukungakopishi zonke iitrafikhi (ukulahla ubungakanani obuthile kunye neentlobo ezithile zeepakethi)
○ Ukungasebenzisi ixesha (ukutshintsha ixesha lepakethi, ukwandisa ukubambezeleka)
○ Sebenzisa i-switch port (i-SPAN port nganye isebenzisa i-switch port)
○ Ayikwazi ukuphatha unxibelelwano olupheleleyo lwe-duplex (iipakethi ziyawa xa zigcwele kakhulu, zinokuphazamisana nokusebenza kweswitshi yokuqala)
○ Iinjineli kufuneka zilungiselele
○ Ayikhuselekanga (Inkqubo yokubeka esweni yinxalenye yenethiwekhi, iingxaki zokhuseleko ezinokubakho)
○ Ayinakukhuliswa
○ Inokwenzeka kuphela phantsi kweemeko ezithile
Usenokuba nomdla kwinqaku elinxulumene nalo: Ungayibamba njani iTrafikhi yeNethiwekhi? I-Network Tap vs i-Port Mirror
Ixesha leposi: Juni-09-2025
