19.2.2 Port mirroring settings

When port mirroring is configured, a combination of monitored ports and a mirror port is defined as a monitored session.

Monitored sessions are identified by using session numbers 1 to 4. A session number is specified when a new session is created or an existing session is deleted. If an existing session number is specified when a new session is created, the existing session definition corresponding to the specified session number is overwritten by the new definition.

Ports used for normal data communication are specified as monitored ports. For the mirror port, specify the port to which the analyzer is connected or the port to which the mirroring frame is forwarded Layer 2 using 802.1Q Tag grant function for traffic monitoring and analysis.

<Structure of this section>

(1) Mirroring received frames

Points to note: The mirroring of sent or received frames can be defined for Ethernet interfaces. Specify separate Ethernet interfaces even if link aggregation is used. Make sure that no VLANs belong to the port to be used as a mirror port.

Command examples

(config)# monitor session 2 source interface gigabitethernet 1/0/1 rx destination interface gigabitethernet 1/0/5

Configures the analyzer to connect to port 1/0/5 and mirror the frames received on Gigabit Ethernet interface 1/0/1. The session number is 2.

(2) Mirroring Transmit Frames

Points to note: The mirroring of sent or received frames can be defined for Ethernet interfaces. Specify separate Ethernet interfaces even if link aggregation is used. Make sure that no VLANs belong to the port to be used as a mirror port. Transmit frame mirroring can be used in the range of session numbers 1 to 3.

Command examples

(config)# monitor session 1 source interface gigabitethernet 1/0/2 tx destination interface gigabitethernet 1/0/6

Configures the analyzer to connect to port 1/0/6 and mirror the frames sent on Gigabit Ethernet interface 1/0/2. The session number is 1.

(3) Mirroring of sent and received frames

Points to note: The mirroring of sent or received frames can be defined for Ethernet interfaces. Specify separate Ethernet interfaces even if link aggregation is used. Make sure that no VLANs belong to the port to be used as a mirror port. Mirroring of transmit and receive frames can be used within the range of session numbers 1 to 3.

Command examples

(config)# monitor session 1 source interface gigabitethernet 1/0/3 both destination interface gigabitethernet 1/0/11

Configures the analyzer to connect to port 1/0/11 and mirror frames sent and received on Gigabit Ethernet interface 1/0/3. The session number is 1.

(4) Mirroring Multiple Monitor Ports

Points to note: You can set multiple monitor ports in the form of a list. You can also add or remove ports from an already-set list.

Command examples

(config)# monitor session 1 source interface gigabitethernet 1/0/1-23, tengigabitethernet 1/0/25 both destination interface gigabitethernet 1/0/24

Configures the analyzer to connect to port 1/0/24 and mirror frames sent and received on Gigabit Ethernet interfaces 1/0/1 to 1/0/23 and 10 Gigabit Ethernet interfaces 1/0/25. The session number is 1.

(5) Mirroring using 802.1Q Tag grant facility

Points to note

The mirroring of sent or received frames can be defined for Ethernet interfaces. Specify separate Ethernet interfaces even if link aggregation is used.

When Tagged frames or transmit frames are mirrored, since VLAN Tag is two stages, 8-byte large frames are handled. Therefore, you must change MTU length with mtu commandI will.

Command examples

(config)# monitor session 1 source interface gigabitethernet 1/0/1 both destination interface gigabitethernet 1/0/2 encapsulation dot1q 10

Configures the port 1/0/2 to mirror frames sent and received on Gigabit Ethernet interface 1/0/1 and VLAN Tag the mirroring frame with VLAN 10. The session number is 1.