Kaspersky SD-WAN
2.1
English

Contents

Traffic mirroring

Kaspersky SD-WAN supports forwarding and mirroring traffic from collection points to the destination within an individual TAP service. Collection and destination points are service interfaces. Collection points can be both individual service interfaces and service interfaces used in transport services. Collection points are specified when creating a TAP service, but a destination must be created in advance.

Forwarding means sending traffic that arrives to collection points to the destination point, and mirroring means sending a copy of the traffic. Note that Kaspersky SD-WAN temporarily does not support forwarding and mirroring of outgoing traffic.

When creating a TAP service, you can also specify traffic classification rules that will be used at the destination to separate the data of interest from the overall stream.

In this Help section

Creating a traffic destination

Deleting a traffic destination

Creating a TAP service

Editing a TAP service

Viewing statistics of a TAP service

Deleting a TAP service
Page top
[Topic 249493]

Creating a traffic destination

A destination is a service interface that receives forwarded traffic from collection points that you specify when creating the TAP service. Before creating a traffic destination, you must create a service interface.

To create a traffic destination:

  1. In the menu, go to the Infrastructure section.

    The SD-WAN infrastructure management page is displayed. By default, the Network resources tab is selected, which displays the table of SD-WAN Controllers.

  2. Click Management next to the SD-WAN Controller and in the drop-down list, select Configuration menu.

    This opens the SD-WAN Controller configuration menu. By default, you are taken to the Controller nodes section, which displays a table of Controller nodes.

  3. Go to the TAP services section.

    By default, the Mirroring destination tab is selected, which displays the table of traffic destinations.

  4. In the upper part of the page, click + Mirroring destination.
  5. This opens a window; in that window, in the Switch and Port drop-down lists, select the CPE device and the service interface created on that CPE device that you want to use as the traffic destination.
  6. Click Create.

The traffic destination is created and displayed in the table.

Page top
[Topic 249501]

Deleting a traffic destination

Deleted traffic destinations cannot be restored.

To delete a traffic destination:

  1. In the menu, go to the Infrastructure section.

    The SD-WAN infrastructure management page is displayed. By default, the Network resources tab is selected, which displays the table of SD-WAN Controllers.

  2. Click Management next to the SD-WAN Controller and in the drop-down list, select Configuration menu.

    This opens the SD-WAN Controller configuration menu. By default, you are taken to the Controller nodes section, which displays a table of Controller nodes.

  3. Go to the TAP services section.

    By default, the Mirroring destination tab is selected, which displays the table of traffic destinations.

  4. Click Delete next to the traffic destination.
  5. In the confirmation window, click Delete.

The traffic destination is deleted and is no longer displayed in the table.

Page top
[Topic 256763]

Creating a TAP service

Before creating a TAP service, you must complete the following steps:

Note that you can apply one or more traffic classification rules to the traffic destination.

To create a TAP service:

  1. In the menu, go to the Infrastructure section.

    The SD-WAN infrastructure management page is displayed. By default, the Network resources tab is selected, which displays the table of SD-WAN Controllers.

  2. Click Management next to the SD-WAN Controller and in the drop-down list, select Configuration menu.

    This opens the SD-WAN Controller configuration menu. By default, you are taken to the Controller nodes section, which displays a table of Controller nodes.

  3. Go to the TAP services section.

    By default, the Mirroring destination tab is selected, which displays the table of traffic destinations.

  4. Select the TAP services tab.

    A table of TAP services is displayed.

  5. In the upper part of the page, click + TAP service.
  6. To mirror traffic coming to collection points to the destination, select the Mirror traffic check box. When this check box is selected, a copy of the traffic is sent to the destination; when the check box is cleared, the traffic is relayed. This check box is cleared by default.
  7. In the Balancing mode drop-down list, select the balancing mode for evenly distributing traffic among the links to prevent congestion of individual links and prevent performance issues for users:
    • Per-flow — Balancing across flows (sessions). During transmission, flows are evenly distributed across the links. This is the default setting.
    • Per-packet — Per-packet balancing. During transmission, packets are distributed evenly across the links.
    • Broadcast — Packets are sent to all links simultaneously to prevent losses.
  8. In the Mirroring destination drop-down list, select the traffic destination.
  9. In the Source point type drop-down list, select one of the following values:
    • Service interface — Individual service interface.
    • Transport service — Service interface used in the transport service.
  10. If in the Source point type drop-down list, you selected Transport service, follow these steps:
    1. In the Type drop-down list, select the type of the transport service:
      • P2P
      • P2M
      • M2M
    2. In the Transport service drop-down list, select the transport service.
  11. In the Source points drop-down list, select the service interfaces that you want to use as traffic collection points.
  12. Click Next and select the previously created traffic classification rules for the destination.
  13. Click Create.

The TAP service is created and displayed in the table.

Page top
[Topic 249516]

Editing a TAP service

To edit a TAP service:

  1. In the menu, go to the Infrastructure section.

    The SD-WAN infrastructure management page is displayed. By default, the Network resources tab is selected, which displays the table of SD-WAN Controllers.

  2. Click Management next to the SD-WAN Controller and in the drop-down list, select Configuration menu.

    This opens the SD-WAN Controller configuration menu. By default, you are taken to the Controller nodes section, which displays a table of Controller nodes.

  3. Go to the TAP services section.

    By default, the Mirroring destination tab is selected, which displays the table of traffic destinations.

  4. Select the TAP services tab.

    A table of TAP services is displayed.

  5. Click Management next to the TAP service and in the drop-down list, select Edit.
  6. This opens a window; in that window, edit the settings that you want to change. For a description of the settings, see the instructions for creating a TAP service.
  7. Click Save.
Page top
[Topic 256780]

Viewing statistics of a TAP service

To view the statistics of a TAP service:

  1. In the menu, go to the Infrastructure section.

    The SD-WAN infrastructure management page is displayed. By default, the Network resources tab is selected, which displays the table of SD-WAN Controllers.

  2. Click Management next to the SD-WAN Controller and in the drop-down list, select Configuration menu.

    This opens the SD-WAN Controller configuration menu. By default, you are taken to the Controller nodes section, which displays a table of Controller nodes.

  3. Go to the TAP services section.

    By default, the Mirroring destination tab is selected, which displays the table of traffic destinations.

  4. Select the TAP services tab.

    A table of TAP services is displayed.

  5. Click Management next to the TAP service and in the drop-down list, select Statistics.

This opens a window with statistics of the TAP service.

Page top
[Topic 256784]

Deleting a TAP service

Deleted TAP services cannot be restored.

To delete a TAP service:

  1. In the menu, go to the Infrastructure section.

    The SD-WAN infrastructure management page is displayed. By default, the Network resources tab is selected, which displays the table of SD-WAN Controllers.

  2. Click Management next to the SD-WAN Controller and in the drop-down list, select Configuration menu.

    This opens the SD-WAN Controller configuration menu. By default, you are taken to the Controller nodes section, which displays a table of Controller nodes.

  3. Go to the TAP services section.

    By default, the Mirroring destination tab is selected, which displays the table of traffic destinations.

  4. Select the TAP services tab.

    A table of TAP services is displayed.

  5. Click Management next to the TAP service and in the drop-down list, select Delete.
  6. To delete the service interfaces added to the TAP service, select the Delete associated service interfaces check box in the confirmation window.
  7. Click Delete.

The TAP service is deleted and is no longer displayed in the table.

Page top
[Topic 256786]