Thursday, June 30, 2016
How To Mirror VLAN Traffic to a Monitor Port
Cisco
You can mirror and monitor all traffic from a vlan with 2 statements:
monitor session 1 source vlan 17 - 21, 61 - 62, 68, 79 - 83, 90 - 91
monitor session 1 destination interface Gix/y/z
Comware 7
If you are NOT in IRF Mode - Do the following commands to do the same as above:
mirroring-group 1 local
mirroring-group 1 mirroring-vlan 17 to 21 61 to 62 68 79 to 83 85 90 91 both
interface Ten-GigabitEthernet 1/2/0/24
mirroring-group 1 monitor-port
If you ARE in IRF Mode - You don’t have this ability natively. However, you can accomplish the same goal with qos vlan policies. For the above Cisco syntax, you will need a traffic classifier, a traffic behavior modifier, a qos policy, and multiple binding statements.
traffic classifier MATCH_ALL
if-match any
traffic behavior MIRROR_DEST
mirror-to interface Ten-GigabitEthernet1/2/0/24
qos policy MIRROR
classifier MATCH_ALL behavior MIRROR_DEST
qos vlan-policy MIRROR vlan 17 18 19 20 21 61 62 68 inbound
qos vlan-policy MIRROR vlan 79 80 81 82 83 85 90 91 inbound
qos vlan-policy MIRROR vlan 17 18 19 20 21 61 62 68 outbound
qos vlan-policy MIRROR vlan 79 80 81 82 83 85 90 91 outbound
Depending on platform you may need to create an ACL for the classifier:
acl number 3000
rule 0 permit ip
traffic classifier MATCH_ALL
if-match acl 3000
Subscribe to:
Post Comments (Atom)
No comments:
Post a Comment
Please add comments so I may update the material to accommodate platform modification to various commands. Also if you have some real-world caveats, do please share.