English

Kujambula Magalimoto a Pa Intaneti Poyang'anira, Kusanthula ndi Chitetezo cha Pa Intaneti: TAP vs SPAN

Kusiyana kwakukulu pakati pa kujambula mapaketi pogwiritsa ntchito madoko a Network TAP ndi SPAN.

Kujambula Ma Port(yomwe imadziwikanso kuti SPAN)

Kudina pa Netiweki(yomwe imadziwikanso kuti Replication Tap, Aggregation Tap, Active Tap, Copper Tap, Ethernet Tap, ndi zina zotero)TAP (Malo Olowera Malo Ofikira)ndi chipangizo cha hardware chomwe chimagwira ntchito popanda kugwiritsa ntchito intaneti, chomwe chingathe kugwira anthu ambiri pa netiweki. Chimagwiritsidwa ntchito nthawi zambiri poyang'anira anthu ambiri pakati pa malo awiri mu netiweki. Ngati netiweki pakati pa malo awiriwa ili ndi chingwe chenicheni, TAP ya netiweki ingakhale njira yabwino kwambiri yogwirira anthu ambiri.

Musanafotokoze kusiyana pakati pa mayankho awiriwa (Port Mirror ndi Network Tap), ndikofunikira kumvetsetsa momwe Ethernet imagwirira ntchito. Pa 100Mbit ndi kupitirira apo, ma host nthawi zambiri amalankhula mu duplex yonse, zomwe zikutanthauza kuti host imodzi imatha kutumiza (Tx) ndi kulandira (Rx) nthawi imodzi. Izi zikutanthauza kuti pa chingwe cha 100 Mbit cholumikizidwa ku host imodzi, kuchuluka konse kwa ma network omwe host imodzi ingatumize/kulandira (Tx/Rx)) ndi 2 × 100 Mbit = 200 Mbit.

Kuyerekeza kwa Port ndi active packet replication, zomwe zikutanthauza kuti chipangizo cha netiweki chili ndi udindo wokopera paketiyo ku doko loyerekeza.

TIP SPAN

Kujambula Magalimoto: TAP vs SPAN
Mukayang'anira kuchuluka kwa magalimoto pa netiweki, ngati simukufuna kugwiritsa ntchito chithandizo mwachindunji pamene wogwiritsa ntchito akukonzekera malonda, muli ndi njira ziwiri zazikulu. Munkhani yotsatirayi, tipereka chithunzithunzi cha TAP (Test Access Point) ndi SPAN (Switch Port Analyzer). Kuti mufufuze mozama, katswiri wofufuza mapaketi Timo'Neill ali ndi nkhani zingapo pa lovemytool.com zomwe zimafotokoza mwatsatanetsatane, koma apa, tigwiritsa ntchito njira yodziwika bwino.

SPAN
Kujambula ma port mirroring ndi njira yowunikira kuchuluka kwa magalimoto pa netiweki potumiza kopi ya paketi iliyonse yolowera ndi/kapena yotuluka kuchokera ku doko limodzi kapena angapo (kapena VLans) la switch kupita ku doko lina lolumikizidwa ku network traffic analyzer. Ma Span nthawi zambiri amagwiritsidwa ntchito m'makina osavuta kuti ayang'anire malo angapo nthawi imodzi. Chiwerengero chenicheni cha ma network transmissions omwe amatha kuyang'anira chimadalira komwe SPAN yayikidwa poyerekeza ndi zida za data center. Mwina mupeza zomwe mukufuna, koma n'zosavuta kupeza kuti muli ndi deta yambiri. Mwachitsanzo, n'zotheka kupeza makope angapo a deta yomweyo mu VLAN yonse. Izi zimapangitsa kuti LAN ithetse mavuto kukhala yovuta, komanso zimakhudza liwiro la switch cpus kapena zimakhudza Ethernet kudzera mu kuzindikira malo. Kwenikweni, ma span ambiri, ndizotheka kwambiri kutaya mapaketi. Poyerekeza ndi ma taps, ma span amatha kuyendetsedwa patali, zomwe zikutanthauza kuti nthawi yochepa imagwiritsidwa ntchito kusintha ma configurations, koma mainjiniya a netiweki amafunikirabe.

Madoko a SPAN si ukadaulo wosachitapo kanthu, monga ena amanenera, chifukwa amatha kukhala ndi zotsatira zina zoyezera pa kuchuluka kwa magalimoto pa intaneti, kuphatikizapo:
- Nthawi yosintha kuyanjana kwa chimango

- Kutaya mapaketi chifukwa cha kufufuza kwambiri

- Mapaketi owonongeka amatayidwa popanda chidziwitso, zomwe zimalepheretsa kusanthula
Chifukwa chake, ma SPAN ports ndi oyenera kwambiri pazochitika zomwe kutaya mapaketi sikukhudza kusanthula, kapena komwe mtengo wake umaganiziridwa.

TIPANI
Mosiyana ndi zimenezi, matepi amafunika kugwiritsa ntchito ndalama zambiri pa zipangizo zamagetsi, koma safuna kukhazikitsidwa kwambiri. Zoonadi, popeza sagwira ntchito, amatha kulumikizidwa ndikuchotsedwa pa netiweki popanda kuikhudza. Matepi ndi zida zamagetsi zomwe zimapereka njira yopezera deta yomwe ikuyenda kudzera pa netiweki ya kompyuta ndipo nthawi zambiri amagwiritsidwa ntchito pachitetezo cha netiweki komanso kuyang'anira magwiridwe antchito. Magalimoto owunikira amatchedwa "pass-through" traffic ndipo doko lomwe limagwiritsidwa ntchito powunikira limatchedwa "monitoring port". Kuti muwone bwino netiweki, matepi amatha kuyikidwa pakati pa ma rauta ndi ma switch.
Chifukwa TAP siikhudza mapaketi, imatha kuonedwa ngati njira yowonera kuchuluka kwa anthu omwe ali pa netiweki.
Pali mitundu itatu ya mayankho a TAP:

- Chogawanitsa maukonde (1: 1)

- TAP Yophatikiza (yambiri: 1)

- Kubwezeretsa TAP (1: zambiri)

TAP imabwerezanso kuchuluka kwa anthu omwe amafika pa intaneti kupita ku chida chimodzi chowunikira, kapena ku chipangizo cholumikizira ma packet a network champhamvu kwambiri, ndipo imapereka zida zingapo zoyesera QOS (nthawi zambiri zingapo), zida zowunikira ma netiweki, ndi zida zofufuzira ma netiweki monga wireshark.
Kuphatikiza apo, mitundu ya TAP imasiyana malinga ndi mtundu wa chingwe, kuphatikiza fiber TAP ndi gigabit copper TAP, zonse zimagwira ntchito mofanana potsitsa gawo la chizindikiro ku network traffic analyzer, pomwe chitsanzo chachikulu chikupitilizabe kutumiza popanda kusokoneza. Pa fiber TAP, ndi kugawa mtandawo pakati, pomwe mu copper cable system, ndi kubwereza chizindikiro chamagetsi.

Kuyerekeza TAP ndi SPAN

Choyamba, doko la SPAN silili loyenera kulumikizana ndi 1G yonse, ndipo ngakhale litakhala lochepera mphamvu yake, limataya mapaketi mwachangu chifukwa cha kuchuluka kwa zinthu, kapena chifukwa choti switchyo imaika patsogolo masiku okhazikika a port-to-port kuposa deta ya doko la SPAN. Mosiyana ndi ma network taps, ma SPAN ports amasefa zolakwika zakuthupi, zomwe zimapangitsa kuti kusanthula kwina kukhale kovuta, ndipo monga taonera, nthawi zowonjezerera zolakwika ndi mafelemu osinthidwa zingayambitse mavuto ena. Kumbali ina, TAP imatha kugwiritsa ntchito kulumikizana ndi 1G yonse.

TAP ingathenso kugwira mapaketi onse ndikuwunika mozama mapaketi kuti aone ngati pali njira zoyendetsera zinthu, kuphwanya malamulo, kulowerera, ndi zina zotero. Motero, deta ya TAP ingagwiritsidwe ntchito ngati umboni kukhothi, pomwe deta ya SPAN port singagwiritsidwe ntchito.
Chitetezo ndi mbali ina yomwe pali kusiyana pakati pa njira ziwirizi. Ma SPAN ports nthawi zambiri amakonzedwa kuti azilumikizana ndi njira imodzi, koma nthawi zina amathanso kulandira kulumikizana, zomwe zimayambitsa zovuta zazikulu. Mosiyana ndi zimenezi, TAP singathe kulumikizidwa ndipo ilibe adilesi ya IP, kotero singathe kusokonezedwa.

Madoko a SPAN nthawi zambiri sadutsa ma tag a VLAN, zomwe zimapangitsa kuti zikhale zovuta kuzindikira kulephera kwa VLAN, koma ma tap sangathe kuwona netiweki yonse ya VLAN nthawi imodzi. Ngati ma tap ophatikizidwa sagwiritsidwa ntchito, TAP sipereka chizindikiro chomwecho pa njira zonse ziwiri, koma muyenera kusamala pozindikira kuchuluka kwa nthawi yomwe muli ndi vuto. Pali ma tap ophatikizana, monga Booster for Profitepap, omwe amaphatikiza ma doko asanu ndi atatu a 10/100/1G mu 1G-10G output.

Booster imatha kulowetsa mapaketi poika ma tag a VLAN. Mwanjira imeneyi, zambiri za doko la phukusi lililonse zidzatumizidwa ku analyzer.

Madoko a SPAN akadali chida chomwe oyang'anira maukonde angagwiritse ntchito, koma ngati liwiro ndi mwayi wodalirika wopeza deta yonse ya maukonde ndizofunikira, TAP ndiye chisankho chabwino. Posankha njira yoti mugwiritse ntchito, madoko a SPAN ndi oyenera kwambiri maukonde omwe sagwiritsidwa ntchito kwambiri, popeza mapaketi otayika sakhudza kusanthula kapena ndi osankha ngati mtengo wake ndi wovuta. Komabe, pamaukonde omwe ali ndi magalimoto ambiri, mphamvu ya TAP, chitetezo, ndi kudalirika kwake zidzapereka kuwonekera kwathunthu kwa magalimoto omwe ali paukonde wanu popanda mantha a kutayika kwa mapaketi kapena kusefa zolakwika za masanjidwe enieni.

TIPANI

 

○ Kuwonekera bwino

○ Bwerezani magalimoto onse (mapaketi onse a kukula ndi mitundu yonse)

○ Yosachitapo kanthu, yosasokoneza (siisintha deta)

○ M'ndandanda, palibe ma switch port omwe amagwiritsidwa ntchito kubwereza kuchuluka kwa magalimoto awiri mu harnesses. Kukhazikitsa kosavuta (pulagi ndi kusewera)

○ Sichingatheke kugwidwa ndi ma hackers (chipangizo chowonera chomwe sichiwoneka, chodzipatula pa netiweki, palibe adilesi ya IP/MAC)

○ Yosinthika

○ Yoyenera pa vuto lililonse

SPAN

 

○ Kuwoneka pang'ono

○ Kusakopera magalimoto onse (kuchepetsa kukula ndi mitundu ina ya mapaketi)

○ Kusachita zinthu mopitirira muyeso (kusintha nthawi ya paketi, kuwonjezera kuchedwa)

○ Gwiritsani ntchito doko losinthira (doko lililonse la SPAN limagwiritsa ntchito doko losinthira)

○ Kulephera kulumikizana ndi ma duplex onse (mapaketi amagwa akadzaza kwambiri, angasokonezenso ntchito yoyambira switch)

○ Mainjiniya ayenera kukonza

○ Zosatetezeka (Dongosolo loyang'anira ndi gawo la netiweki, mavuto achitetezo omwe angakhalepo)

○ Sizingakulitsidwe

○ N'zotheka pokhapokha pazochitika zina

Mungakhale osangalatsa ndi nkhani yokhudzana ndi izi: Kodi Mungajambule Bwanji Magulu a Anthu pa Network? Network Tap vs Port Mirror

Nthawi yotumizira: Juni-09-2025
Dinani enter kuti mufufuze kapena ESC kuti mutseke