SRC Release 1.0.x Application Library Guide > Mirroring Subscriber Traffic in the SRC Network > Managing Traffic Mirroring

Managing Traffic Mirroring

You can manage the mirroring of subscriber traffic with the Traffic Mirroring Administration portal. The tmPortal.war file comprises the files for the Traffic Mirroring Administration servlet. This file is on the SRC application library CD in the /webapp directory.

Overview of the Traffic Mirroring Administration Portal

Through the Traffic Mirroring Administration portal, you can manage the traffic-mirroring tasks by:

• Specifying the subscriber whose traffic should be mirrored and the IP addresses of the traffic to be mirrored
• Managing currently active mirroring tasks
• Managing pending actions

Accessing the Portal

To access the portal, enter the following URL in your Web browser.

http://<host>:<port>/tmPortal

• <host>—IP address or name of the host on which you installed the Traffic Mirroring Administration portal
• <port>—HTTP port for the J2EE application server

The Traffic Mirroring Administration portal appears.

Starting New Mirroring Tasks

To start a new traffic-mirroring task:

1. On the Traffic Mirroring Administration portal, click Start New Mirroring Task.

The Start New Mirroring Task page appears.

2. Using the field descriptions below, enter the information in the fields on the Start New Mirroring Task page.
3. Click START to perform the task or RESET to clear the fields.

If you click START, the Manage Mirroring Tasks page appears.

Subscriber ID Type

• Subscriber's ID type.
• Value

• Login Name—Login name that the subscriber uses to log onto the network.
• LDAP Distinguished Name—Distinguished name of the subscriber object in the directory. Applicable only when the subscriber objects are not shared by multiple subscribers so they can uniquely identify a subscriber, such as when the subscriber is an enterprise.
• IP Address—Current IP address of the subscriber. Used when a router can provide subscriber addresses to the SRC software, such as when a JUNOSe router manages subscribers that get their addresses using RADIUS or using the JUNOSe local or external DHCP server.

Subscriber ID

• Value for the subscriber's ID based on the selected subscriber ID type.
• Value

• <login name>
• <LDAP distinguished name>
• <IP address>

• Examples

• joe@virneo.net
• accessName=AcmeAccess, enterpriseName=Acme, ou=subscribers, retailername=SP
• 62.3.21.4

Mirror Traffic To/From Subscriber IPs

• Subscriber's IP addresses.
• Value—IP address
• Guidelines—You can enter the subscriber's IP addresses in this field, and/or select the Mirror Traffic of Subscriber's Current IP check box.

Mirror Traffic of Subscriber's Current IP

• Subscriber's IP addresses.
• Value—<subscriber's IP addresses>
• Guidelines—You can select the Mirror Traffic of Subscriber's Current IP check box, or enter the subscriber's IP addresses in the Mirror Traffic To/From Subscriber IPs field, or both.

Managing Mirroring Tasks

To manage mirroring tasks:

1. On the Traffic Mirroring Administration portal, click Manage Mirroring Tasks.

The Manage Mirroring Tasks page appears and displays all active tasks and pending actions.

2. In the Active Mirroring Tasks table, click STOP in the Action column to stop the task in that row.

The resulting action depends on whether the subscriber is online when you stop the task.

• If a subscriber is logged in, the mirroring task is removed from the Manage Mirroring Tasks page.
• If a subscriber is logged out, the mirroring task is placed in a pending state and appears in the Pending Actions table.

3. In the Pending Actions table, the situation that results in a pending task determines the next step that can be taken.

• If the subscriber is not logged in when you start the mirroring task, then the task automatically becomes a pending action.

Click CANCEL in that row to remove the mirroring task from the Manage Mirroring Tasks page.

• If the subscriber is logged in when you start the mirroring task and the subscriber logs out before you click STOP in the Active Mirroring Tasks table, then the possible actions are determined by when the affected subscriber logs in again.

• If the subscriber will never log in again, the task will never be removed from the Pending Actions table.

Click Details in the Pending Due To column to determine why the action is pending. To force the cleanup of any task in the pending stop state, use the Force Cleanup button in the Pending Actions table, which you get to by clicking the Details link.

Use the Force Cleanup button only when the traffic-mirroring service activation has been removed or the subscriber has been removed from the system and will never log in again.

• If the subscriber logs in again while the action is pending, the task is removed from the Manage Mirroring Tasks page.
• If you click CANCEL before the subscriber logs in again, the task becomes active and appears in the Active Mirroring Tasks table.

Configuring the Traffic Mirroring Administration Portal

The Traffic Mirroring Administration portal provided with the SRC software is designed to be used with the traffic-mirroring implementation in the sample data. To use the portal, edit the WEB-INF/default.properties file.

To customize properties for the Traffic Mirroring Administration portal:

1. Copy the tmPortal.war file to a temporary folder, and work in that folder.
2. Extract the default.properties file from the tmPortal.war file.

jar xvf tmPortal.war WEB-INF/default.properties

3. With a text editor, edit the WEB-INF/default.properties file.

• This file provides the bootstrap properties. Change these values as needed to accommodate your SRC configuration. For example, the file specifies that the LDAP directory server is being used in the default port on the local system. To change the location of the directory server, edit the Config.java.naming.provider.url property.
• This file provides the bootstrap configuration that specifies the configuration namespace for the application. By default, /WebApplication/TrafficMirroring is used as the namespace. If you are using another namespace, change the tmConfigNamespace and loggingConfigNamespace properties.

4. Replace the WEB-INF/default.properties file in the tmPortal.war file.

jar uvf tmPortal.war WEB-INF/default.properties

Deploying the Traffic Mirroring Administration Portal

To deploy the updated tmPortal.war file:

• Copy the file to the deployment directory for your Web server.

If you are using JBoss, copy the file to the /opt/UMC/jboss/server/default/deploy directory. JBoss automatically starts the Web application when a new WAR file is copied into the deploy directory.

Configuring the Traffic-Mirroring Application

To use the traffic-mirroring application, you must configure properties to specify how the application handles information about mirroring tasks and the aggregate service that the application activates to mirror traffic.

To configure these properties for the traffic-mirroring application:

1. In SDX Admin go to l=TrafficMirroring, l=WebApplication, ou=staticConfiguration, ou=Configuration, o=Management, o=umc.
2. In the Main tab for Configuration, modify the following properties.

directory

• Specifies the directory in the file system in which information about the mirroring tasks is stored. The application stores all tasks in a series of files that are considered live or dead. Live files record at least one active or pending task and include the word live in their names. Dead files record only tasks that have been canceled or stopped and include the word dead in their names. You can delete or archive dead files at any time. However, if you delete a live file, the application will not be able to access information about existing tasks.
• Value—<pathname>
• Guidelines—The application server must be able to write and modify files in this directory. If you use WEB-INF, you will lose all your data about the mirroring tasks whenever you undeploy or redeploy the traffic-mirroring application.
• Default—WEB-INF

retryInterval

• Time to wait before retrying a pending task that was unsuccessful.
• Value—Number of seconds
• Guidelines—Do not specify too small a value, because the number of service activation attempts could cause network overload.
• Default—900

serviceName

• Name of the aggregate service activated by the application to mirror subscriber traffic.
• Value—<service name>
• Default—MirrorAggregate

maxFileSize

• Maximum file size for files that store information about the pending and active tasks. A new file is created whenever the current file exceeds this setting.
• Value—Number of bytes
• Guidelines—This value should not need modification.
• Default—1000000 (1 MB)

Configuring NIC Proxy

To configure a NIC proxy for the traffic-mirroring application, see SRC-PE Network Guide, Chapter 13, Configuring Applications to Communicate with an SAE.

Configuring Logging

To configure logging for the traffic-mirroring application, see SRC-PE Monitoring and Troubleshooting Guide, Chapter 4, Configuring Logging for SRC Components on a Solaris Platform.