Filter
Top Products
PowerConnect B-Series FCX Configuration Guide 635
53-1002266-01
Configuring port mirroring and monitoring
20
• For ingress ACL mirroring, the previous ingress rule also applies. The analyzer port setting
command acl-mirror-port must be specified for each port, even though the hardware only
supports one port per device. This applies whether the analyzer port is on the local device or
on a remote device. For example, when port mirroring is set to a remote device, any mirroring
(ACL, MAC address filter, or VLAN) enabled ports are globally set to a single analyzer port, as
shown in the following example.
PowerConnect(config)# mirror ethernet 1/1/24
PowerConnect(config)# mirror ethernet 2/1/48
PowerConnect(config)# interface ethernet 1/1/1
PowerConnect(config-if-e1000-1/1/1)# monitor ethernet 2/1/48 both
The analyzer port (2/1/48) is set to all devices in the system
PowerConnect(config)# interface ethernet 1/1/2
PowerConnect(config-if-e1000-1/1/2)# ip access-group 101 in
PowerConnect(config-if-e1000-1/1/2)# interface ethernet 1/1/1
PowerConnect(config-if-e1000-1/1/1)# acl-mirror-port ethernet 2/1/48
The previous command is required even though the analyzer port is already set globally by the
port mirroring command.
PowerConnect(config)# interface ethernet 1/1/3
PowerConnect(config-if-e1000-1/1/3)# ip access-group 101
PowerConnect(config-if-e1000-1/1/3)# acl-mirror-port ethernet 2/1/48
PowerConnect(config-if-e1000-1/1/3)# permit ip any any mirror
PowerConnect(config-if-e1000-1/1/3)# ip access-group 102
PowerConnect(config-if-e1000-1/1/3)# deny ip any any log
Command syntax
This section describes how to configure port mirroring and monitoring.
Monitoring a port
To configure port monitoring on an individual port on a device, enter commands similar to the
following.
PowerConnect(config)#mirror-port ethernet 1/2/4
PowerConnect(config)#interface ethernet 1/2/11
PowerConnect(config-if-e1000-11)#monitor ethernet 1/2/4 both
Traffic on port e 1/2/11 will be monitored, and the monitored traffic will be copied to port e 1/2/4,
the mirror port.
Syntax: [no] mirror-port ethernet <port> [input | output]
Syntax: [no] monitor ethernet <port> both | in | out
The <port> variable for mirror-port ethernet specifies the port to which the monitored traffic will be
copied. The <port> variable for monitor ethernet specifies the port on which traffic will be
monitored.
Specify the <port> variable in the following formats:
• PowerConnect B-Series FCX stackable switches – <stack-unit/slotnum/portnum>
The input and output parameters configure the mirror port exclusively for ingress or egress traffic.
If you do not specify one, both types of traffic apply.