Filter
Top Products
Monitoring and Analyzing Switch Operation
Traffic Mirroring
Caution An exit port should be connected only to a network analyzer, IDS, or other
network edge device that has no connection to other network resources.
Connecting a mirroring exit port to a network can result in serious
network performance problems, and is strongly discouraged by ProCurve
Networking.
Exit Switch: The switch with the exit port to which a destination device is
connected. Depending on how mirroring is configured, the exit switch can
be the local source switch or a remote switch. See also Exit Port.
Host: Used in this chapter to refer to a traffic analyzer or intrusion detection
system (IDS).
IDS: Intrusion Detection System.
Local Mirroring: The monitored (source) interface and exit port in a mirror-
ing session are on the same switch.
Monitored Interface: The interface (port, VLAN, trunk, or mesh) on the
source switch on which the inbound and/or outbound traffic to be mir-
rored originates, configured with one of the interface monitor or vlan
monitor commands (see “4. Configure the Monitored Traffic in a Mirror
Session” on page B-55).
Remote Mirroring: The monitored (source) interface and exit port in a
mirroring session are on different switches. For remote mirroring, you
must always configure the IP destination address and exit port (the
remote mirroring endpoint) before you configure the monitored interface,
by using the following commands:
- On the remote (destination) switch:
mirror endpoint ip <src-ip > <src-udp-port > < dst-ip > <exit-port >
- On the local (source) switch:
mirror <session > remote ip <src-ip > <src-udp-port > <dst-ip >
For more information see Exit Port and “3. Configure a Mirroring Session
on the Source Switch” on page B-52.
Source Switch: The source switch on which the inbound and/or outbound
traffic to be mirrored originates. See also Monitored Interface.
B-32