Hi all,
I have two OmniSwitch configured to work in VRRP for redundancy purpose. But I would like to monitor some ports on each OmniSwitch. This means that I have to configure port mirroring on both OmniSwitch and have two link to see what happen on them.
Is it possible to tell to one of the OmniSwitch to send its mirroring on the other OmniSwtch and then have only one link to see all the ports I need?
Remote port mirroring
-
benny
Re: Remote port mirroring
Sure ...
e.g.
Note that STP has to be switched off in RPMIR vlans. No physical loop has to be introduced. LLDP, LACP, dot1x, OAM, GARP, BPDU packets won't be mirrored ...
Switch1 (Source Switch)
-> vlan 1000 name "Remote Mirroring"
-> vlan 1000 stp disable
-> port mirroring 1 source 1/1 (or whatever the port is you want to mirror)
-> port mirroing 1 destination 1/2 rpmir-vlan 1000 (you will have to adjust the port/vlan to your needs)
Switch2 (Intermediate Switch)
-> vlan 1000 name "Remote Mirroring"
-> vlan 1000 stp disable
-> vlan 1000 802.1q 1/1 (pointing to the source switch)
-> vlan 1000 802.1q 1/2 (pointing to the destination switch)
-> policy condition cond-1 source vlan 1000
-> policy action act-1 redirect port 1/2
-> policy rule rule-1 condition cond-1 action act-1
-> qos apply
Switch3 (Destination Switch)
-> vlan 1000 name "Remote Mirroring"
-> vlan 1000 stp disable
-> vlan 1000 802.1q 1/1 (pointing to the intermediate switch)
-> vlan 1000 port default 1/2 (the port where your mirroring of Switch-1 comes out)
-> policy condition cond-1 source vlan 1000
-> policy action act-1 redirect port 1/2
-> policy rule rule-1 condition cond-1 action act-1
-> qos apply
Should be working fine. I have mentioned the Intermediate Switch in case you need it. You need to adapt the ports of course.
I suggest you don't use sFlow/PM for the same ports, that might cause issues.
Hope that helps.
-benny
e.g.
Note that STP has to be switched off in RPMIR vlans. No physical loop has to be introduced. LLDP, LACP, dot1x, OAM, GARP, BPDU packets won't be mirrored ...
Switch1 (Source Switch)
-> vlan 1000 name "Remote Mirroring"
-> vlan 1000 stp disable
-> port mirroring 1 source 1/1 (or whatever the port is you want to mirror)
-> port mirroing 1 destination 1/2 rpmir-vlan 1000 (you will have to adjust the port/vlan to your needs)
Switch2 (Intermediate Switch)
-> vlan 1000 name "Remote Mirroring"
-> vlan 1000 stp disable
-> vlan 1000 802.1q 1/1 (pointing to the source switch)
-> vlan 1000 802.1q 1/2 (pointing to the destination switch)
-> policy condition cond-1 source vlan 1000
-> policy action act-1 redirect port 1/2
-> policy rule rule-1 condition cond-1 action act-1
-> qos apply
Switch3 (Destination Switch)
-> vlan 1000 name "Remote Mirroring"
-> vlan 1000 stp disable
-> vlan 1000 802.1q 1/1 (pointing to the intermediate switch)
-> vlan 1000 port default 1/2 (the port where your mirroring of Switch-1 comes out)
-> policy condition cond-1 source vlan 1000
-> policy action act-1 redirect port 1/2
-> policy rule rule-1 condition cond-1 action act-1
-> qos apply
Should be working fine. I have mentioned the Intermediate Switch in case you need it. You need to adapt the ports of course.
I suggest you don't use sFlow/PM for the same ports, that might cause issues.
Hope that helps.
-benny
-
Spack
Re: Remote port mirroring
Thank you for the reply... I'll try that...
You mean that I can't put "local" port mirroring and remote port mirroring on the same port? Or just not to use sFlow and PM on the same port?benny wrote:I suggest you don't use sFlow/PM for the same ports, that might cause issues.
-
benny
Re: Remote port mirroring
How would you put that on the same port? PMM and sFlow just use the same APIs, I believe it will show unpredictable behaviour ...
-benny
-benny
-
Spack
Re: Remote port mirroring
It actually works but let me explain a little.
Here is my topology:
I want to monitor the port 1 on both switches but with only one link to the monitor.
So I put with some arrangements what you tell me:
So, my source switch lets its mirroring transit on VLAN 1000, its comes on one port of my destination switch and then I mirror this port to my monitor.
And it works fine
And of course, if I need to pass some switches, like you specified it, I can create some policy rules in order to redirect the traffic.
Here is my topology:
Code: Select all
---------
| monitor |
--------- *Destination Switch*
| --------------------
| | 1 |---------------------------
|________| 2 3 4 | |
-------------------- --------
Monitor VLAN link | | VRRP Redundancy link | host |
| | --------
-------------------- |
| 3 4 | |
| 1 |---------------------------
--------------------
*Source Switch*So I put with some arrangements what you tell me:
Code: Select all
Source Switch:
vlan 1000 name "Remote Mirroring"
vlan 1000 port default 1/3
vlan 1000 stp disable
port mirroring 1 destination 1/3 rpmir-vlan 1000
port mirroring 1 source 1/1 bidirectional
Destination Switch:
vlan 1000 name "Remote Mirroring"
vlan 1000 port default 1/3
vlan 1000 stp disable
port mirroring 1 destination 1/2
port mirroring 1 source 1/1 bidirectional
port mirroring 1 source 1/3 inportAnd it works fine
And of course, if I need to pass some switches, like you specified it, I can create some policy rules in order to redirect the traffic.
-
dangkita
Re: Remote port mirroring
Hi all,
Can we carry mirror traffic through ManE?
Thanks,
Dangkita
Can we carry mirror traffic through ManE?
Thanks,
Dangkita
