Itandukaniro rikomeye riri hagati yo gufata amapaki hakoreshejwe imiyoboro ya Network TAP na SPAN.
Indorerwamo zo ku cyambu(izwi kandi nka SPAN)
Gukanda kuri interineti(izwi kandi nka Replication Tap, Aggregation Tap, Active Tap, Copper Tap, Ethernet Tap, nibindi)TAP (Aho kwinjira kuri Terminal)ni igikoresho cy’ibikoresho bidakora cyane, gishobora gufata urujya n’uruza rw’abantu ku muyoboro w’itumanaho. Gikunze gukoreshwa mu kugenzura urujya n’uruza rw’abantu hagati y’ingingo ebyiri mu muyoboro w’itumanaho. Niba umuyoboro uri hagati y’izi ngingo ebyiri ugizwe n’insinga ifatika, TAP y’umuyoboro w’itumanaho ishobora kuba uburyo bwiza bwo gufata urujya n’uruza rw’abantu.
Mbere yo gusobanura itandukaniro riri hagati y’ibisubizo bibiri (Port Mirror na Network Tap), ni ngombwa gusobanukirwa uburyo Ethernet ikora. Kuri 100Mbit no hejuru yayo, hosts zikunze kuvuga mu buryo bwa duplex yuzuye, bivuze ko host imwe ishobora kohereza (Tx) no kwakira (Rx) icyarimwe. Ibi bivuze ko kuri insinga ya 100 Mbit ihujwe na host imwe, umubare wose w’urujya n’uruza rw’itumanaho host imwe ishobora kohereza/kwakira (Tx/Rx)) ni 2 × 100 Mbit = 200 Mbit.
Igenzura rya Port ni imikorere ya paki, bivuze ko igikoresho cya network gifite inshingano zo gukoporora paki kuri port ifite indorerwamo.
Gufata imodoka zigendanwa: TAP vs SPAN
Mu gihe ukurikirana urujya n'uruza rw'amakuru, niba udashaka gukoresha uburyo buziguye mu gihe umukoresha arimo gutunganya ibikorwa, ufite amahitamo abiri y'ingenzi. Mu nkuru ikurikira, turatanga incamake ya TAP (Test Access Point) na SPAN (Switch Port Analyzer). Kugira ngo urusheho gusesengura neza, impuguke mu kugenzura amapaki Timo'Neill afite ingingo nyinshi kuri lovemytool.com zivuga ku buryo burambuye, ariko hano, turakoresha uburyo rusange.
SPANI
Gupima umurongo wa port ni uburyo bwo kugenzura urujya n'uruza rw'itumanaho binyuze mu kohereza kopi ya buri paki yinjira cyangwa isohoka iva kuri imwe cyangwa nyinshi (cyangwa VLans) y'ihuza ry'itumanaho rijya ku rindi huza na network traffic analyzer. Ihuza rikunze gukoreshwa muri sisitemu zoroshye kugira ngo ikurikirane imbuga nyinshi icyarimwe. Umubare nyawo w'itumanaho rishobora gukurikirana uterwa n'aho SPAN ishyizwe ugereranije n'ibikoresho byo mu kigo cy'amakuru. Ushobora kubona icyo ushaka, ariko biroroshye kwisanga ufite amakuru menshi. Urugero, birashoboka kubona kopi nyinshi z'amakuru amwe muri VLAN yose. Ibi bituma gukemura ibibazo bya LAN bigorana, kandi bikagira ingaruka ku muvuduko wa switch cpus cyangwa bigira ingaruka kuri Ethernet binyuze mu kubona aho ishyirwa. Muri make, uko ihuza ry'itumanaho rigenda rirushaho kwiyongera, niko ibasha gutakaza paki. Ugereranije na taps, ihuza rishobora gucungwa kure, bivuze ko igihe gito gikoreshwa mu guhindura imiterere, ariko injeniyeri z'itumanaho ziracyakenewe.
Imbuga za SPAN si ikoranabuhanga ridakora cyane, nk'uko bamwe babivuga, kuko zishobora kugira izindi ngaruka zishoboka ku muvuduko w'itumanaho rya interineti, harimo:
- Igihe cyo guhindura imikoranire ya frame
- Guta amapaki bitewe no gushakisha byinshi
- Amapaki yangiritse ajugunywa nta nteguza, bigatuma isesengura ritagenda neza
Kubwibyo, imiyoboro ya SPAN ikwiriye cyane mu bihe aho gusohora amapaki bitagira ingaruka ku isesengura, cyangwa aho ikiguzi gitekerezwa.
KANDA
Mu buryo bunyuranye, taps zigomba gukoresha amafaranga ku bikoresho mbere, ariko ntabwo zisaba gushyiraho byinshi. Koko rero, kubera ko zidakora cyane, zishobora guhuzwa no gukurwa kuri network nta ngaruka zibaye. Taps ni ibikoresho bya hardware bitanga uburyo bwo kugera ku makuru anyura kuri network ya mudasobwa kandi bikunze gukoreshwa mu rwego rwo kugenzura umutekano w'urubuga no kugenzura imikorere. Urujya n'uruza rw'abantu rugenzurwa rwitwa "pass-through" naho port ikoreshwa mu kugenzura yitwa "monitoring port". Kugira ngo urebe neza network neza, taps zishobora gushyirwa hagati ya routers na switch.
Kubera ko TAP idakora ku mapaki, ishobora gufatwa nk'uburyo bwo kureba urujya n'uruza rw'amakuru mu buryo butunguranye.
Muri rusange hari ubwoko butatu bw'ibisubizo bya TAP:
- Umuyoboro ugabanya urusobe rw'amakuru (1: 1)
- Ifu y'itsinda (itsinda ry'abantu benshi: 1)
- Ivugururwa rya TAP (1: byinshi)
TAP ikoresha igikoresho kimwe cyo kugenzura kidakoresha ingufu nyinshi, cyangwa igikoresho cyo kohereza amakuru ku rubuga rw’itumanaho gifite ubucucike bwinshi, kandi igatanga ibikoresho byinshi (bikunze kuba byinshi) byo gupima QOS, ibikoresho byo kugenzura amakuru ku rubuga, n’ibikoresho byo gusesengura amakuru ku rubuga nka wireshark.
Byongeye kandi, ubwoko bwa TAP buratandukanye bitewe n'ubwoko bw'insinga, harimo fibre TAP na gigabit copper TAP, byombi bikora kimwe mu gushyira igice cy'ikimenyetso kuri network traffic analyzer, mu gihe moderi nyamukuru ikomeza kohereza nta nkomyi. Kuri fibre TAP, ni ugucamo umurambararo mo kabiri, mu gihe muri sisitemu ya copper cable, ni ukwigana ikimenyetso cy'amashanyarazi.
Kugereranya TAP na SPAN
Ubwa mbere, pouvo ya SPAN ntabwo ikwiriye umuyoboro wa 1G wose, kandi nubwo waba uri munsi y'ubushobozi bwayo ntarengwa, ihita igabanya amapaki kuko iremereye cyane, cyangwa kubera ko switch ishyira imbere amatariki asanzwe ya pouvo kuri pouvo kurusha amakuru ya pouvo ya SPAN. Bitandukanye na taps za network, pouvo za SPAN zikuraho amakosa y'urwego rw'umubiri, bigatuma ubwoko bumwe na bumwe bw'isesengura burushaho kugorana, kandi nk'uko twabibonye, igihe cyo kongeramo ibintu kitari cyo n'amashusho yahinduwe bishobora guteza ibindi bibazo. Ku rundi ruhande, TAP ishobora gukoresha umuyoboro wa 1G wose.
TAP ishobora kandi gufata paki neza no kugenzura paki mu buryo bwimbitse niba hari protocole, amakosa, ukwinjira mu buryo butunguranye, nibindi. Bityo, amakuru ya TAP ashobora gukoreshwa nk'ibimenyetso mu rukiko, mu gihe amakuru ya port ya SPAN ntashobora gukoreshwa.
Umutekano ni ikindi kintu aho usanga hari itandukaniro hagati y’ubu buryo bwombi. Ubusanzwe imiyoboro ya SPAN ikoreshwa mu gutumanaho mu buryo bumwe, ariko ishobora no kwakira itumanaho rimwe na rimwe, bigatera ibibazo bikomeye. Mu buryo bunyuranye, TAP ntabwo ikoreshwa kandi nta aderesi ya IP ifite, bityo ntishobora kwibasirwa.
Ubusanzwe imiyoboro ya SPAN ntinyura kuri VLAN, ibyo bikaba bishobora gutuma bigorana kubona amakosa ya VLAN, ariko imiyoboro ya VLAN ntishobora kubona umuyoboro wose wa VLAN icyarimwe. Iyo imiyoboro ya VLAN idakoreshejwe, TAP ntabwo izatanga umurongo umwe kuri iyo miyoboro yombi, ariko hagomba kwitonderwa ko haboneka imiyoboro yagutse. Hari imiyoboro ya VLAN, nka Booster for Profitep, ihuza imiyoboro umunani ya 10/100/1G mu musaruro wa 1G-10G.
Booster ishobora kwinjiza paki ikoresheje tagi za VLAN. Muri ubu buryo, amakuru y’aho buri paki ikomoka azoherezwa kuri analyzer.
Imiyoboro ya SPAN iracyari igikoresho abayobozi b'imiyoboro bazakoresha, ariko niba umuvuduko no kugera ku makuru yose ya network ari ingenzi cyane, TAP ni yo mahitamo meza. Mu gihe uhisemo uburyo bwo gufata, imiyoboro ya SPAN ikwiriye imiyoboro ikoreshwa gake, kubera ko paki zatakaye zidakora ku isesengura cyangwa ngo zibe amahitamo mu gihe ikiguzi ari ikibazo. Ariko, ku miyoboro ifite umuyoboro mwinshi w'itumanaho, ubushobozi bwa TAP, umutekano, n'ubwizerwe bizatanga uburyo bwo kubona neza umuyoboro wawe w'itumanaho nta bwoba bwo gutakaza paki cyangwa gushungura amakosa y'urwego rw'ikoranabuhanga.
○ Bigaragara neza
○ Kongeramo urujya n'uruza rw'abantu bose (amapaki yose y'ingano n'ubwoko bwose)
○ Ntibikoreshwa, ntibibangamira (ntibihindura amakuru)
○ Mu buryo bukurikiranye, nta mashini zikoreshwa mu gukurura abantu benshi mu miyoboro. Gushyiraho byoroshye (gucomeka no gukina)
○ Ntishobora kwibasirwa n'abajura b'amayeri (igikoresho cyo kugenzura kitagaragara, kiri ukwacyo kiri kuri interineti, nta aderesi ya IP/MAC)
○ Ishobora kwaguka
○ Bikwiriye mu gihe icyo ari cyo cyose
○ Kugaragara igice
○ Kudakoporora abantu bose (gutakaza ingano n'ubwoko bw'amapaki amwe)
○ Kudakora ibintu mu buryo butunguranye (guhindura igihe cyo gukoresha paki, kongera igihe cyo gutinda)
○ Koresha aho gusimbuza (buri hantu ho gusimbuza hakoresha aho gusimbuza)
○ Kudashobora gukoresha itumanaho rya duplex (udupaki twamanutse iyo twuzuye, bishobora no kubangamira imikorere y'imashini zibanza)
○ Abahanga mu by'ubwubatsi bagomba gushyiraho uburyo
○ Nta mutekano (Sisitemu yo kugenzura ni igice cy'umuyoboro w'itumanaho, ibibazo by'umutekano bishobora kubaho)
○ Ntibishobora kwaguka
○ Bishoboka gusa mu bihe bimwe na bimwe
Ushobora gushimishwa n'iyi nkuru ijyanye nayo: Nigute wafata urujya n'uruza rw'abantu kuri interineti? Network Tap vs Port Mirror
Igihe cyo kohereza: Kamena-09-2025
