set firewall filter sequence then erspan source-ip


The set firewall filter sequence then erspan source-ip command configures the source IP address for ACL-based ERSPAN encapsulation for the packets matching the ACL rule.

If ACL-based ERSPAN is configured, PICOS copies service flows matching the rules to the output port, and then forwards the mirrored messages to the remote monitoring device through the GRE tunnel for analysis and monitoring. This command configures the source IP address of the GRE tunnel.

The delete firewall filter sequence then erspan source-ip command deletes the configuration.


NOTE:

The configured source IPv4 address and destination IPv4 address are used for the IP header encapsulation in the outer layer of the GRE message. Users have to configure the routing protocol to ensure the devices at both ends of the GRE tunnel are route reachable.



Command Syntax

set firewall filter <filter-name> sequence <number> then erspan source-ip <source-ip>


Parameter

Parameter

Description

filter <filter-name>

Specifies the filter name. The value is a string.

sequence <number>

Specifies the filter sequence number. The value is an integer that ranges from 0 to 9999.

source-ip <source-ip>

Specifies the source IP address of the GRE tunnel of ERSPAN destination interface.


Example

  • The following example commands mirror the packets matching the ACL rule that te-1/1/1 receives, and copy and transmit the packets from source IP address 4.4.4.4 to destination IP address 8.8.8.8through a GRE tunnel:
admin@Xorplus# set firewall filter f1 sequence 1 from protocol tcp
admin@Xorplus# set firewall filter f1 sequence 1 from source-address-ipv4 1.1.1.1/32
admin@Xorplus# set firewall filter f1 input interface te-1/1/1
admin@Xorplus# set firewall filter f1 sequence 1 then erspan source-ip 4.4.4.4
admin@Xorplus# set firewall filter f1 sequence 1 then erspan dest-ip 8.8.8.8
admin@Xorplus# commit




Copyright © 2024 Pica8 Inc. All Rights Reserved.