Umahluko omkhulu phakathi kokubamba iipakethi usebenzisa i-Network TAP kunye ne-SPAN port.
Isibuko sePort(ekwaziwa njenge-SPAN)
Itephu yeNethiwekhi(ekwabizwa ngokuba yiReplication Tap, aggregation tap, Active Tap, Copper Tap, Ethernet Tap, njl.)I-TAP (Indawo yoFikelelo lweterminal)sisixhobo sehardware esenziwa ngokupheleleyo, esinokuthi sibambe itrafikhi kuthungelwano. Ngokuqhelekileyo isetyenziselwa ukujonga i-traffic phakathi kwamanqaku amabini kwinethiwekhi. Ukuba uthungelwano phakathi kwala manqaku mabini lubandakanya intambo yomzimba, i-TAP yenethiwekhi inokuba yeyona ndlela ilungileyo yokubamba i-traffic.
Phambi kokuchaza umahluko phakathi kwezisombululo ezimbini (Port Mirror kunye Network Tap), kubalulekile ukuqonda ukuba isebenza njani Ethernet. Kwi-100Mbit nangaphezulu, ababuki zindwendwe baqhele ukuthetha nge-duplex epheleleyo, okuthetha ukuba umamkeli omnye angathumela(Tx) kwaye afumane(Rx) ngaxeshanye. Oku kuthetha ukuba kwi-cable ye-100 ye-Mbit eqhagamshelwe kwi-host host enye, inani elipheleleyo le-traffic yenethiwekhi enye i-host host ingathumela / ifumane (Tx / Rx)) yi-2 × 100 Mbit = 200 Mbit.
Isibuko sesibuko kukuphindwa kwepakethi esebenzayo, okuthetha ukuba isixhobo sothungelwano sinoxanduva ngokwasemzimbeni lokukopa ipakethi kwizibuko elibonisiweyo.
Ukuthatha iTrafikhi: TAP vs SPAN
Xa ubeka iliso kwi-traffic yenethiwekhi, ukuba awufuni ukusebenzisa inkxaso ngokuthe ngqo ngelixa umsebenzisi eqhuba intengiselwano, unokhetho oluphambili ezimbini. Kwinqaku elilandelayo, siza kunika isishwankathelo se-TAP (iNdawo yoFikelelo yoVavanyo) kunye ne-SPAN (Tshintsha isiHlalutyi sePort). Kuhlalutyo olunzulu, ingcali yokuhlola ipakethe uTimo'Neill unamanqaku aliqela kwi-lovemytool.com engena kwiinkcukacha ezinkulu, kodwa apha, siza kuthatha indlela ngokubanzi.
I-SPAN
Isibuko sezibuko yindlela yokubeka iliso kwi-traffic yothungelwano ngokuthumela ikopi yepakethi nganye engenayo kunye / okanye ephumayo ukusuka kwelinye okanye ngaphezulu kwamazibuko (okanye i-VLans) yokutshintshela kwelinye izibuko eliqhagamshelwe kumhlalutyi wendlela yothungelwano. Iispans zihlala zisetyenziswa kwiinkqubo ezilula ukujonga iisayithi ezininzi ngaxeshanye. Elona nani lichanekileyo lothumelo lwenethiwekhi elikwaziyo ukulibeka iliso lixhomekeke apho i-SPAN ifakwe khona ngokumalunga nezixhobo zeziko ledatha. Mhlawumbi uya kuyifumana le nto uyikhangelayo, kodwa kulula ukuzifumana unedatha eninzi kakhulu. Umzekelo, kuyenzeka ukufumana iikopi ezininzi zedatha efanayo kuyo yonke iVLAN. Oku kwenza i-LAN yokulungisa ingxaki ibe nzima ngakumbi, kwaye ikwachaphazela isantya sokutshintsha i-cpus okanye ichaphazela i-Ethernet ngokubhaqwa kokubekwa. Ngokwenene, i-spans ezininzi, kunokwenzeka ukuba ulahlekelwe iipakethi. Xa kuthelekiswa neempompo, i-spans inokulawulwa kude, oku kuthetha ukuba ixesha elincinci lichithwe ukutshintsha ulungelelwaniso, kodwa iinjineli zenethiwekhi zisafuneka.
Izibuko ze-SPAN azikho itekhnoloji esebenzayo, njengoko abanye bebanga, kuba banokuba nezinye iziphumo ezinokulinganiswa kwitrafikhi yenethiwekhi, kubandakanya:
- Ixesha lokutshintsha unxibelelwano lwesakhelo
- Ukulahla iipakethi ngenxa yokujonga kakhulu
- Iipakethi ezonakele zichithwa ngaphandle kwesaziso, zithintela uhlalutyo
Ngoko ke, izibuko ze-SPAN zifanelekile kwiimeko apho ukulahla iipakethi akuchaphazeli uhlalutyo, okanye apho iindleko ziqwalaselwa.
TAP
Ngokwahlukileyo, iimpompo kufuneka zichithe imali kwi-hardware ngaphambili, kodwa azifuni kusekwa okuninzi. Enyanisweni, ekubeni zi-passive, zinokudityaniswa kwaye zikhutshwe kwinethiwekhi ngaphandle kokuyichaphazela. Iimpompo zizixhobo ze-hardware ezibonelela ngendlela yokufikelela kwidatha ejikelezayo kwinethiwekhi yekhompyuter kwaye iqhele ukusetyenziselwa ukhuseleko lwenethiwekhi kunye neenjongo zokuhlola ukusebenza. I-traffic egadiweyo ibizwa ngokuba yi-"pass-through" traffic kwaye izibuko elisetyenziselwa ukubeka esweni libizwa ngokuba yi-"monitoring port". Ukuphonononga inethiwekhi ngokucacileyo ngakumbi, iimpompo zinokufakwa phakathi kweerotha kunye nokutshintsha.
Ngenxa yokuba i-TAP ayichaphazeli iipakethi, inokujongwa njengendlela yokwenyani yokujonga itrafikhi yenethiwekhi.
Zintathu iindidi zezisombululo ze-TAP:
- Ukwahlula inethiwekhi (1 : 1)
-Aggregate TAP (ezininzi: 1)
-Ukuhlaziya i-TAP (1: ezininzi)
I-TAP iphindaphinda i-traffic kwisixhobo esisodwa sokubeka iliso, okanye kwi-high-density network packet relay device, kwaye ikhonza izixhobo ezininzi zokuvavanya i-QOS, izixhobo zokuhlola inethiwekhi, kunye nezixhobo ze-network sniffer ezifana ne-wireshark.
Ukongeza, iintlobo ze-TAP ziyahluka ngokuxhomekeka kuhlobo lwekhebula, kubandakanywa i-TAP ye-fiber kunye ne-gigabit copper TAP, zombini ezisebenza ngokubalulekileyo ngendlela efanayo ngokukhupha inxalenye yesignali kwi-analyzer ye-traffic yenethiwekhi, ngelixa imodeli ephambili iqhubeka nokudlulisa ngaphandle kokuphazamiseka. Kwi-TAP yefiber, kukwahlula i-beam kubini, ngelixa kwinkqubo yentambo yobhedu, kukuphindaphinda umqondiso wombane.
Ukuthelekisa i-TAP kunye ne-SPAN
Okokuqala, i-port ye-SPAN ayifanelekanga kwi-full-duplex ye-1G ikhonkco, kwaye naxa ingaphantsi komthamo wayo ophezulu, iwisa ngokukhawuleza iipakethi ngenxa yokuba ixinzelelwe, okanye ngenxa yokuba utshintshi lubeka phambili phambili imihla ye-port-to-port rhoqo kwi-data ye-port ye-SPAN. Ngokungafaniyo neempompo zenethiwekhi, izibuko ze-SPAN zihluza iimpazamo zomaleko womzimba, zenza ezinye iintlobo zohlalutyo zibe nzima ngakumbi, kwaye njengoko sibonile, amaxesha angachanekanga okunyusa kunye nezakhelo ezitshintshileyo zinokubangela ezinye iingxaki. Kwelinye icala, i-TAP inokusebenzisa ikhonkco eliphindwe kabini le-1G.
I-TAP ingenza kwakhona ukuthathwa kwepakethi epheleleyo kwaye yenze uphando olunzulu lwepakethe kwiiprothokholi, ukuphulwa, ukungena, njl. Ngaloo ndlela, idatha ye-TAP ingasetyenziswa njengobungqina enkundleni, ngelixa idatha ye-port ye-SPAN ayikwazi.
Ukhuseleko lolunye umba apho kukho umahluko phakathi kwezi ndlela zimbini. Amazibuko e-SPAN adla ngokulungiselelwa unxibelelwano lwendlela enye, kodwa anokufumana unxibelelwano kwezinye iimeko, okubangela ubuthathaka obukhulu. Ngokwahlukileyo, i-TAP ayilungiseki kwaye ayinayo idilesi ye-IP, ngoko ayinakuqhekezwa.
Izibuko ze-SPAN azigqithisi iithegi zeVLAN, ezinokwenza kube nzima ukubona ukusilela kweVLAN, kodwa iimpompo azikwazi ukubona yonke inethiwekhi yeVLAN kanye. Ukuba iimpompo ezidityanisiweyo azisetyenziswanga, i-TAP ayizukubonelela ngomkhondo ofanayo kuwo omabini amajelo, kodwa kufuneka kuthathwe ukhathalelo ngokubhaqwa kobudala obugqithisileyo. Kukho iimpompo ezidibeneyo, ezifana ne-Booster ye-Profitap, edibanisa izibuko ezisibhozo ze-10/100/1G kwimveliso ye-1G-10G.
I-Booster iyakwazi ukufaka iipakethi ngokufaka iithegi zeVLAN. Ngale ndlela, ulwazi lwechweba lomthombo wepakethi nganye luya kuthunyelwa kwi-analyzer.
Amazibuko e-SPAN asesisixhobo abaza kusisebenzisa abalawuli bothungelwano, kodwa ukuba isantya kunye nofikelelo oluthembekileyo kuzo zonke iinkcukacha zenethiwekhi zibalulekile, i-TAP lolona khetho lungcono. Xa uthatha isigqibo sokuba yeyiphi indlela yokuthatha, izibuko ze-SPAN zifaneleke ngakumbi kuthungelwano olunosetyenziso oluphantsi, ekubeni iipakethi ezilahlekileyo azichaphazeli uhlalutyo okanye zikhethwa kwiimeko apho iindleko zixhalabisa. Nangona kunjalo, kwiinethiwekhi ezinetrafikhi ephezulu, umthamo we-TAP, ukhuseleko, kunye nokuthembeka kuya kubonelela ngokubonakala okupheleleyo kwitrafikhi kwinethiwekhi yakho ngaphandle koloyiko lokulahleka kwepakethi okanye ukuhluza iimpazamo zomzimba.
○ Ibonakala ngokupheleleyo
○ Phinda kwakhona zonke iipakethi zabo bonke ubungakanani kunye neentlobo)
○ Ungenzi nto, awungeneleli (ayitshintshi idatha)
○ Kuthotho, akukho zizibuko zokutshintsha zisetyenziselwa ukuphinda-phinda itrafikhi ephindwe kabini kwizibophelelo Useto olulula (iplagi kunye nokudlala)
○ Ayinamngciphekweni kubageli (engabonakaliyo, isixhobo sokubeka esweni esisodwa kwinethiwekhi, akukho dilesi ye IP/MAC)
○ Inokukala
○ Ifanelekile kuyo nayiphi na imeko
○ Ukubonakala ngokuyinxenye
○ Ukungakhupheli zonke iitrafikhi (ukulahla ubungakanani obuthile kunye neendidi zeepakethi)
○ Ayinakwenziwa (ukutshintsha ixesha lepakethi, ukwandisa ukubambezeleka)
○ Sebenzisa izibuko lokutshintsha (izibuko le-SPAN ngalinye lisebenzisa izibuko lokutshintsha)
○ Ayikwazanga ukujongana nonxibelelwano oluphindwe kabini (iipakethi eziwisiweyo xa zigcwele kakhulu, zinokuphazamisana nomsebenzi wokutshintsha okusisiseko)
○ Iinjineli kufuneka ziqwalasele
○ Ayikhuselekanga (Inkqubo yokubek'esweni yinxalenye yothungelwano, iingxaki zokhuseleko ezinokubakho)
○ Ayinakulinganiswa
○ Inokwenzeka kuphela phantsi kweemeko ezithile
Unokuba nomdla kwinqaku elinxulumeneyo: Indlela yokuBamba iTrafikhi yeNethiwekhi? Itephu yeNethiwekhi vs Port Mirror
Ixesha lokuposa: Jun-09-2025
