Filter
Top Products
Monitoring and Analyzing Switch Operation
Traffic Mirroring
Syntax: [no] mirror < 1 - 4 > [name < name-str >] remote ip < src-ip >
< src-udp-port > < dst-ip >
< src-udp-port >: This parameter associates the remote
session with a UDP port number. When multiple sessions
have the same source IP address < src-ip > and destination
IP address < dst-ip >, the UDP port number must be unique
in each session. The UDP port number used for a given
session should be in the range of 7933 - 65535.
Caution: UDP port numbers below 7933 are reserved
for various IP applications. Using them for mirroring
can result in the interruption of other IP functions, and
in non-mirrored traffic being received on the
destination switch and sent to a device connected to the
remote exit port.
The configured UDP port number is included in the frames
mirrored from the source switch to the remote destination
switch (mirror endpoint), and enables the remote switch to
match the frames to the exit port configured for the
combined UDP port number, source IP address, and
destination IP address. Refer to the mirror endpoint ip
command syntax in “2. Configure a Mirroring Destination
on a Remote Switch” on page B-50 for more information.
< dst-ip >: For the remote session specified in the command,
this is the IP address of the VLAN or subnet on which the
remote exit port exists. (The exit port to which a traffic
analyzer or IDS is connected is configured on the remote
switch in Step 2; see “2. Configure a Mirroring Destination
on a Remote Switch” on page B-50.)
4. Configure the Monitored Traffic in a Mirror Session
This step configures one or more interfaces on a source switch with traffic-
selection criteria to select the traffic to be mirrored in a local or remote session
configured in Step 3.
Traffic Selection Options
To configure traffic mirroring, specify the source interface, traffic direction,
and criteria to be used to select the traffic to be mirrored by using the following
options:
B-55