User can configure a port as a mirroring port, which can analyze the traffic of egress port or ingress port.
The duplicated traffic of egress port may be different from the outgoing traffic as there are other forwarding operations before or after the mirroring operation. For example, if the received packet is tagged with PVID, the PVID tag needs to be stripped off before forwarding the packet, the duplicated traffic may be different from the outgoing traffic because it may have been duplicated to the mirroring port before the PVID was stripped off.
On the following platforms, the duplicate packets are the same as the outgoing packets, but it is not certain on other platforms.
PRONTO3296, PRONTO3295, PRONTO3290
AS4610 Series Switches
Configuring a Port as a Mirroring Port
When configuring mirroring, user must first configure the port as a mirror.
Configuring Mirroring on Egress Port or Ingress Port
After configuring a port as a mirroring port, user should use it to monitor the flows of egress or ingress.
Configure Monitor the flows of ingress port:
Configure Monitor the Flows of Egress Port:
Mirroring Configuration Example
As shown in Fig 1, ge-1/1/1 is the ingress port, ge-1/1/2 is the egress port, and ge-1/1/3 is the mirroring port. In the following example, the mirroring port can analyze the flows of egress port and ingress port.
Fig 1. Configure Mirroring
Configure Mirroring Port
Mirroring ports can be used for analyzing the traffic of the egress or ingress port. The following example describes how to configure a mirroring port. In this example, ge-1/1/3 is the mirroring port.
Configuring Mirroring on Egress or Ingress Port
The following example shows how to configure mirroring on egress or ingress ports. In this example, the egress port is ge-1/1/2, and the ingress port is ge-1/1/1.
PC1 sends traffic to PC2. The expected result is that PC3 can monitor the traffic from the ingress port ge-1/1/1 and the engress port ge-1/1/2.
- The mirroring port can belong to any VLAN. This port can be either a trunk port or an access port and will not participate in Layer2 or Layer3 forwarding.
- The egress port or ingress port can be either an access port or a trunk port.
- When user sends untagged packets, the priority of mirroring is higher than the priority of adding tag.
- When user receives tagged packets, the priority of mirroring is higher than the priority of removing tag.
- The mirroring port can also analyze BPDU/LACP/LLDP packets.
- When user configures ACL for ingress/egress port, the priority of mirroring is higher than the priority of filter.