Filter
Top Products
Chapter
8
8 – Port Mirroring and Setup
Setup the ports for network speeds, performance as well as for monitoring….
his section explains how individual characteristics of a port on the GarrettCom Magnum 6K
family of switches are setup. For monitoring a specific port, the traffic on a port can be
mirrored on another port and viewed by protocol analyzers. Other setup includes
automatically setting up broadcast storm prevention thresholds.
T
Port monitoring and mirroring
An Ethernet switch sends traffic from one port to another port,
unlike a hub or a shared network device, where the traffic is
“broadcast” on each and every port. Capturing traffic for protocol
analysis or intrusion analysis can be impossible on a switch unless
all the traffic for a specific port is “reflected” on another port, typically a monitoring port.
The Magnum 6K family of switches can be instructed to repeat the traffic from one port
onto another port. This process - when traffic from one port is reflecting to another port -
is called port mirroring. The monitoring port is also called a “sniffing” port. Port
monitoring becomes critical for trouble shooting as well as for intrusion detection.
j
Port mirroring
Monitoring a specific port can be done by port mirroring. Mirroring traffic from one port
to another port allows analysis of the traffic on that port. The set of commands for port
mirroring are
Syntax show port-mirror – displays the status of port mirroring
Syntax port-mirror - enter the port mirror configuration mode
Syntax setport monitor=<monitor port number> sniffer=<sniffer port number> -
setup a prot mirrior port
Syntax prtmr <enable|disable> - enable and disable port mirroring
93