以下是华三6800系列端口流量镜像的配置实例

system-view

[H3C]mirroring-group 1 local 创建本地镜像组1

[H3C]mirroring-group 2 local 创建本地镜像组2

[H3C]interface GigabitEthernet2/0/28 进入端口模式

[H3C-GigabitEthernet2/0/28]description TO NGIPS800-A--HR5040-1F01-CNC-G0/1 端口描述

[H3C-GigabitEthernet2/0/28]mirroring-group 2 mirroring-port both 把被监测端口加入镜像组2双向

[H3C]interface GigabitEthernet2/0/36 进入端口模式

[H3C-GigabitEthernet2/0/36]mirroring-group 2 monitor-port 把监测端口加入镜像组2

[H3C]interface Ten-GigabitEthernet6/0/2 进入端口模式

[H3C-Ten-GigabitEthernet6/0/2]description TO- HF5040E-04-BJJDSJ-1F01_T0/24 端口描述

[H3C-Ten-GigabitEthernet6/0/2]mirroring-group 1 mirroring-port both 把被监测端口加入镜像组1双向

[H3C]interface Ten-GigabitEthernet7/0/13 进入端口模式

[H3C-Ten-GigabitEthernet7/0/13]description TO- HF5040E-04-BJJDSJ-1F01_T0/26 端口描述

[H3C-Ten-GigabitEthernet7/0/13]mirroring-group 1 mirroring-port both 把被监测端口加入镜像组1双向

[H3C]interface Ten-GigabitEthernet7/0/14 进入端口模式

[H3C-Ten-GigabitEthernet7/0/14]description to TAP-流量分发 端口描述

[H3C-Ten-GigabitEthernet7/0/14]mirroring-group 1 mirroring-port 把监测端口加入镜像组1

[H3C]acl number 3007 创建ACL规则

[H3C]traffic classifier vpn_limit_outbonud operator and 配置流分类vpn_limit_outbonud

[H3C]traffic classifier 3007 operator and 配置流分类3007

[H3C]if-match acl 3007 匹配到acl 3007

[H3C]traffic behavior vpn_limit_outbound 配置流行为vpn_limit_outbound

[H3C]traffic behavior 3007 配置流行为3007

[H3C]redirect next-hop 10.72.255.14 fail-action forward 重定向到下一跳10.72.255.14

[H3C]accounting packet 统计方式为包

[H3C]qos policy 3007 配置QOS策略3007

[H3C]classifier 3007 behavior 3007 将流分类与行为相关联

[H3C]qos apply policy 3007 global inbound 设置QOS全局的入方向3007策略

以上数据只是举例，具体情况具体分析。