port mirroring on 6850
port mirroring on 6850
hi everyone, is it ok to config a whole port into port mirroring just to monitor the logs used for voice logger?
-
cedric1
-
cedric1
-
cedric1
hello
I see in doc you can use QOS cli config to mirror port and use condition for mirroring traffic.
Look in 6.4 Network Guide
Policy Based Mirroring
A mirroring policy sends a copy of ingress, egress, or both ingress and egress packets that match the
policy condition to a specific port. This type of policy may use any condition; the mirror policy action
determines the type of traffic to mirror and the port on which the mirrored traffic is received.
The policy action mirror command is used to configure mirror-to-port (MTP) action for the policy. For
example, the following policy mirrors ingress packets to port 1/10:
-> policy condition c1 source ip 192.168.20.1
-> policy action a1 mirror ingress 1/10
-> policy rule r1 condition c1 action a1
-> qos apply
When the above rule is activated, any flows coming into the switch from source IP address 192.168.20.1
are mirrored to port 1/10. It is also possible to combine the MTP action with other actions. For example:
-> policy condition c1 source ip 192.168.20.1
-> policy action a1 mirror ingress 1/10 disposition drop
-> policy rule r1 condition c1 action a1
-> qos apply
This policy rule example combines the MTP action with the drop action. As a result, this rule drops
ingress traffic with a source IP of 192.168.20.1, but the mirrored traffic from this source is not dropped
and is forwarded to port 1/10.
I see in doc you can use QOS cli config to mirror port and use condition for mirroring traffic.
Look in 6.4 Network Guide
Policy Based Mirroring
A mirroring policy sends a copy of ingress, egress, or both ingress and egress packets that match the
policy condition to a specific port. This type of policy may use any condition; the mirror policy action
determines the type of traffic to mirror and the port on which the mirrored traffic is received.
The policy action mirror command is used to configure mirror-to-port (MTP) action for the policy. For
example, the following policy mirrors ingress packets to port 1/10:
-> policy condition c1 source ip 192.168.20.1
-> policy action a1 mirror ingress 1/10
-> policy rule r1 condition c1 action a1
-> qos apply
When the above rule is activated, any flows coming into the switch from source IP address 192.168.20.1
are mirrored to port 1/10. It is also possible to combine the MTP action with other actions. For example:
-> policy condition c1 source ip 192.168.20.1
-> policy action a1 mirror ingress 1/10 disposition drop
-> policy rule r1 condition c1 action a1
-> qos apply
This policy rule example combines the MTP action with the drop action. As a result, this rule drops
ingress traffic with a source IP of 192.168.20.1, but the mirrored traffic from this source is not dropped
and is forwarded to port 1/10.
-
cedric1
Re: port mirroring on 6850
Is it possible to monitor the 1 port and the destination is in multiple port? We have a gadget or analyzer to be inserted one of the port in a switch and the other is a ordinary pc with a wireshark, and we want to compare the packets coming from the port to be mirrored. Please advise us if this is possible. Thanks in advanced.
Victor
Victor
-
cedric1
Re: port mirroring on 6850
hello
in spec for 6.4.4 code we can make :
Mirroring Sessions Supported : Two sessions supported per standalone switch and stack.
N-to-1 Mirroring Supported : 128 to 1
So you can make 2 sessions but in your case port 1/1 as source or mirrored port can not send to 2 destinations port.
See attached picture.
You can test with qos port mirroring rule, and use 2 actions (one for port destionation X, and for port destination Y) and 2 rules to try to forward traffic from condition to 2 destinations port.
Regards
Cedric
in spec for 6.4.4 code we can make :
Mirroring Sessions Supported : Two sessions supported per standalone switch and stack.
N-to-1 Mirroring Supported : 128 to 1
So you can make 2 sessions but in your case port 1/1 as source or mirrored port can not send to 2 destinations port.
See attached picture.
You can test with qos port mirroring rule, and use 2 actions (one for port destionation X, and for port destination Y) and 2 rules to try to forward traffic from condition to 2 destinations port.
Regards
Cedric
You do not have the required permissions to view the files attached to this post.
