Filter
Top Products
Configuration
Notes
Deprecation of
ACL-based
Traffic
Selection
Monitoring and Analyzing Switch Operation
Traffic Mirroring
Mirroring sources and sessions. Traffic mirroring supports the configura-
tion of port and VLAN interfaces as mirroring sources in up to four mirroring
sessions on a switch. Each session can have one or more sources (ports
and/or static trunks, a mesh, or a VLAN interface) that monitor traffic entering
and/or leaving the switch.
Using the CLI, you can make full use of the switch’s local and remote mirroring
capabilities. Using the Menu interface, you can configure only local mirroring
for either a single VLAN or a group of ports and/or static trunks.
Mirrored frames exceeding the allowed maximum transmission unit (MTU)
size will be dropped. Also, the switch applies a 54-byte IPv4 header to mirrored
frames. For more information, including the size limitation for jumbo and non-
jumbo frames, see “Maximum Supported Frame Size” on page B-92.
Selecting mirrored traffic. You can use any of the following options to
select the traffic to be mirrored on a port, trunk, mesh, or VLAN interface in
a local or remote session:
■ All traffic: Monitors all traffic entering or leaving the switch on one or
more interfaces (inbound and outbound).
■ Direction-based traffic selection: Monitors traffic that is either entering
or leaving the switch (inbound or outbound). Monitoring traffic in only
one direction improves operation by reducing the amount of traffic sent
to a mirroring destination.
■ MAC-based traffic selection: Monitors only traffic with a matching source
and/or destination MAC address in packet headers entering and/or leaving
the switch on one or more interfaces (inbound and/or outbound).
■ Classifier-based service policy: Provides a finer granularity of match
criteria to zoom in on a subset of monitored port or VLAN traffic (IPv4 or
IPv6) and select it for local or remote mirroring (inbound only).
In software release K.14.01 or greater, the use of ACLs for selecting traffic
in a mirroring session has been deprecated and is replaced by the use of
advanced classifier-based service policies (see “Selecting Inbound Traffic
Using Advanced Classifier-Based Mirroring” on page B-66).
As with ACL criteria, classifier-based match/ignore criteria allow you to limit
a mirroring session to selected inbound packets on a given port or VLAN
interface (instead of mirroring all inbound traffic on the interface).
B-29